urlscan.io logo urlscan.io
SecurityTrails logo

health.grid.id Open in urlscan Pro
13.32.99.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspa...
Submission: On April 28 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 138 IPs in 18 countries across 92 domains to perform 850 HTTP transactions. The main IP is 13.32.99.108, located in United States and belongs to AMAZON-02, US. The main domain is health.grid.id. The Cisco Umbrella rank of the primary domain is 163168.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: 10 months.
This is the only time health.grid.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.32.99.108 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
19 143.204.89.91 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 223.119.20.23 58453 (CMI-INT-H...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
4 54.169.169.4 16509 (AMAZON-02)
5 108.138.17.29 16509 (AMAZON-02)
18 2606:4700:1::... 13335 (CLOUDFLAR...)
1 139.99.33.191 16276 (OVH)
5 23.35.237.86 16625 (AKAMAI-AS)
1 1 2a03:2880:f27... 32934 (FACEBOOK)
2 3 2a03:2880:f27... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.47 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 13.32.99.86 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a02:2638:3::3 44788 (ASN-CRITE...)
3 2001:4860:480... 15169 (GOOGLE)
1 108.138.7.125 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
8 119.63.193.220 38627 (BAIDUJP B...)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
8 23.35.229.181 16625 (AKAMAI-AS)
6 139.99.50.243 16276 (OVH)
1 94.23.153.171 16276 (OVH)
3 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
94 2a00:1450:400... 15169 (GOOGLE)
9 185.64.191.208 62713 (AS-PUBMATIC)
9 37.252.173.228 29990 (ASN-APPNEX)
9 5.196.111.65 16276 (OVH)
11 2a02:2638:3::7 44788 (ASN-CRITE...)
9 2602:803:c003... 26667 (RUBICONPR...)
2 47.254.199.63 45102 (ALIBABA-C...)
5 185.94.180.124 35220 (SPOTX-AMS)
1 110.238.107.108 136907 (HWCLOUDS-...)
2 104.18.24.185 13335 (CLOUDFLAR...)
1 52.29.121.87 16509 (AMAZON-02)
4 34.98.64.218 396982 (GOOGLE-CL...)
5 81.17.55.112 60781 (LEASEWEB-...)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 2.18.232.7 16625 (AKAMAI-AS)
3 70.42.32.95 22075 (AS-OUTBRAIN)
1 146.75.118.132 54113 (FASTLY)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 185.59.208.177 43541 (VSHOSTING)
7 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 114.119.175.30 136907 (HWCLOUDS-...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.222.236.21 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 119.8.163.248 136907 (HWCLOUDS-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
14 23.35.236.201 16625 (AKAMAI-AS)
2 119.63.197.150 38627 (BAIDUJP B...)
11 119.63.198.143 38627 (BAIDUJP B...)
1 104.244.42.136 13414 (TWITTER)
3 2a00:1450:401... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
1 52.222.206.51 16509 (AMAZON-02)
4 35.71.131.137 16509 (AMAZON-02)
16 108.138.17.104 16509 (AMAZON-02)
1 20.43.132.133 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 23.35.229.56 16625 (AKAMAI-AS)
2 4 185.64.189.115 62713 (AS-PUBMATIC)
132 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
53 2a00:1450:400... 15169 (GOOGLE)
2 34.248.248.159 16509 (AMAZON-02)
3 52.57.62.215 16509 (AMAZON-02)
2 185.64.190.75 62713 (AS-PUBMATIC)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 14 185.64.190.80 62713 (AS-PUBMATIC)
1 1 193.0.160.131 54312 (ROCKETFUEL)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 1 178.250.7.11 44788 (ASN-CRITE...)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 4 67.220.226.234 16509 (AMAZON-02)
9 17 185.89.210.141 29990 (ASN-APPNEX)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 107.23.195.49 14618 (AMAZON-AES)
5 5 54.155.84.200 16509 (AMAZON-02)
33 43 216.58.212.130 15169 (GOOGLE)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.139.94 201081 (SMARTADSE...)
1 54.155.133.203 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
2 3 37.157.3.30 198622 (ADFORM)
2 2 3.75.62.37 16509 (AMAZON-02)
3 198.47.127.20 3257 (GTT-BACKB...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 141.95.98.65 16276 (OVH)
13 29 185.80.39.216 27381 (CASALE-MEDIA)
2 104.111.217.42 16625 (AKAMAI-AS)
4 185.64.189.221 62713 (AS-PUBMATIC)
2 162.19.138.118 16276 (OVH)
2 44.195.220.48 14618 (AMAZON-AES)
6 119.63.198.180 38627 (BAIDUJP B...)
5 119.63.198.188 38627 (BAIDUJP B...)
1 119.63.197.136 38627 (BAIDUJP B...)
3 2001:4860:480... 15169 (GOOGLE)
2 23.56.202.187 16625 (AKAMAI-AS)
10 23.216.77.54 20940 (AKAMAI-ASN1)
16 142.250.181.226 15169 (GOOGLE)
3 4 185.64.190.79 62713 (AS-PUBMATIC)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.210.244 29990 (ASN-APPNEX)
1 76.223.111.18 16509 (AMAZON-02)
1 142.250.181.230 15169 (GOOGLE)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 52.46.128.147 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2600:9000:223... 16509 (AMAZON-02)
4 141.101.90.96 13335 (CLOUDFLAR...)
4 3.73.242.95 16509 (AMAZON-02)
6 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 151.101.66.49 54113 (FASTLY)
1 35.186.193.173 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.214.153.92 15169 (GOOGLE)
1 173.231.180.197 32475 (SINGLEHOP...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
4 4 213.19.147.45 3356 (LEVEL3)
1 1 52.220.229.2 16509 (AMAZON-02)
1 23.88.86.2 24940 (HETZNER-AS)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 146.59.148.16 16276 (OVH)
1 1 164.92.213.94 14061 (DIGITALOC...)
1 173.194.76.155 15169 (GOOGLE)
12 142.250.185.162 15169 (GOOGLE)
850 138
1    13.32.99.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-108.fra60.r.cloudfront.net
health.grid.id
15    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.de
6    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    143.204.89.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-91.fra50.r.cloudfront.net
asset-a.grid.id
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    223.119.20.23 (Hong Kong)

ASN58453 (CMI-INT-HK Level 30, Tower 1, HK)
scripts.jixie.media
video.jixie.media
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
delivery.r2b2.io
4    54.169.169.4 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
ads.grid.id
5    108.138.17.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-29.fra56.r.cloudfront.net
pubmatic.mainroll.com
stats.mainroll.com
18    2606:4700:1::6813:854e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
1    139.99.33.191 (Singapore)

ASN16276 (OVH, FR)
PTR: m1.mixadvert.com
m1.mixadvert.com
5    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2a03:2880:f276:d2:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
3    2a03:2880:f276:e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.215.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-47.fra53.r.cloudfront.net
stgrid.kompas.com
2    2a02:26f0:3500:8::c16c:9913 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.ivideosmart.com
2    13.32.99.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-86.fra60.r.cloudfront.net
asset.kompas.com
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.138.7.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-125.fra56.r.cloudfront.net
sb.scorecardresearch.com
4    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
gcdn.2mdn.net
8    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
1    2600:9000:206f:2800:16:d4d3:a440:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.bluebillywig.com
1    2600:9000:223c:fc00:a:5b2c:b080:93a1 (United States)

ASN16509 (AMAZON-02, US)
pubs.contextads.live
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
6    139.99.50.243 (Singapore)

ASN16276 (OVH, FR)
PTR: i2.mixadvert.com
i2.mixadvert.com
1    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: d5.mix.site.badvps.com
mixadvert.com
3    2600:9000:2250:da00:1:420f:ab00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.contextads.live
1    2600:9000:2057:7a00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
94    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    185.64.191.208 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
openbid.pubmatic.com
9    37.252.173.228 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
r2b2-emea.adnxs.com
9    5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu
prg.smartadserver.com
11    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
9    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    47.254.199.63 (Kuala Lumpur, Malaysia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
as.innity.com
5    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    110.238.107.108 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-107-108.compute.hwclouds-dns.com
hb.jixie.io
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    52.29.121.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-121-87.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kompascybermedia-d.openx.net
us-u.openx.net
u.openx.net
5    81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg8.smartadserver.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
3    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
2    2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
7    2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2606:4700::6812:c2d (United States)

ASN13335 (CLOUDFLARENET, US)
cl.imghosts.com
10    114.119.175.30 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-114-119-175-30.compute.hwclouds-dns.com
traid.jixie.io
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    52.222.236.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-21.fra56.r.cloudfront.net
apis.kompas.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    119.8.163.248 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-163-248.compute.hwclouds-dns.com
content.jixie.io
2    2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
14    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
2    119.63.197.150 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
id.popin.cc
11    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2a00:1450:4010:c0b::5e (Finland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
12    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.222.206.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-51.fra56.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
16    108.138.17.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-104.fra56.r.cloudfront.net
stats.mainroll.com
1    20.43.132.133 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
stream.jixie.media
4    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
t.teads.tv
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
132    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
8    2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)
tag.adbro.me
20    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
53    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    34.248.248.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-248-159.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
3    52.57.62.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-62-215.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
2    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
17    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    107.23.195.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-195-49.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    54.155.84.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-84-200.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
43    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
cm.g.doubleclick.net
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    54.155.133.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-133-203.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2a05:d018:d29:3601:5e70:3935:160a:9425 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
29    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    44.195.220.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-220-48.compute-1.amazonaws.com
in.treasuredata.com
6    119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
imageaws.popin.cc
5    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
1    119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    23.216.77.54 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-54.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
16    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2600:9000:223f:200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    141.101.90.96 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.o2online.de
4    3.73.242.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-95.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
6    2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2a00:1450:400e:3::7 (Ireland)

ASN15169 (GOOGLE, US)
r2---sn-5hne6ns6.c.2mdn.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    173.231.180.197 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
4    213.19.147.45 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
3    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
1    164.92.213.94 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net
bid.g.doubleclick.net
12    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
194 googlesyndication.com
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 317
1 MB
97 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
ad.doubleclick.net — Cisco Umbrella Rank: 201
bid.g.doubleclick.net — Cisco Umbrella Rank: 986
752 KB
96 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
gcdn.2mdn.net — Cisco Umbrella Rank: 1407
r2---sn-5hne6ns6.c.2mdn.net
5 MB
62 pubmatic.com
openbid.pubmatic.com — Cisco Umbrella Rank: 19674
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
vpaid.pubmatic.com — Cisco Umbrella Rank: 6080
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
vid.pubmatic.com — Cisco Umbrella Rank: 9043
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image4.pubmatic.com — Cisco Umbrella Rank: 1704
st.pubmatic.com — Cisco Umbrella Rank: 1538
image8.pubmatic.com — Cisco Umbrella Rank: 1002
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
322 KB
33 popin.cc
api.popin.cc — Cisco Umbrella Rank: 25197
id.popin.cc — Cisco Umbrella Rank: 40723
log.popin.cc — Cisco Umbrella Rank: 26934
imageaws.popin.cc — Cisco Umbrella Rank: 43060
r.popin.cc — Cisco Umbrella Rank: 27822
inrecsys.popin.cc — Cisco Umbrella Rank: 30388
425 KB
31 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
21 KB
27 adnxs.com
r2b2-emea.adnxs.com — Cisco Umbrella Rank: 66638
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
85 KB
25 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7204
c.mgid.com — Cisco Umbrella Rank: 5726
cdn.mgid.com — Cisco Umbrella Rank: 9974
servicer.mgid.com — Cisco Umbrella Rank: 7199
s-img.mgid.com — Cisco Umbrella Rank: 5805
cm.mgid.com — Cisco Umbrella Rank: 2073
248 KB
24 grid.id
health.grid.id — Cisco Umbrella Rank: 163168
asset-a.grid.id — Cisco Umbrella Rank: 26561
ads.grid.id — Cisco Umbrella Rank: 181455
317 KB
22 google.com
ampcid.google.com — Cisco Umbrella Rank: 2680
region1.analytics.google.com — Cisco Umbrella Rank: 2930
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
accounts.google.com — Cisco Umbrella Rank: 92
80 KB
21 mainroll.com
pubmatic.mainroll.com — Cisco Umbrella Rank: 200810
stats.mainroll.com — Cisco Umbrella Rank: 57540
17 KB
19 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
18 KB
17 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1871
secure-ds.serving-sys.com — Cisco Umbrella Rank: 3075
lm.serving-sys.com — Cisco Umbrella Rank: 2983
176 KB
15 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
660 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
dis.criteo.com — Cisco Umbrella Rank: 941
11 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2029
prg8.smartadserver.com — Cisco Umbrella Rank: 17599
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
8 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
109 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
imasdk.googleapis.com — Cisco Umbrella Rank: 520
ajax.googleapis.com — Cisco Umbrella Rank: 607
408 KB
12 jixie.io
hb.jixie.io — Cisco Umbrella Rank: 34709
traid.jixie.io — Cisco Umbrella Rank: 27486
content.jixie.io — Cisco Umbrella Rank: 34134
6 KB
10 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
static.adsafeprotected.com — Cisco Umbrella Rank: 820
dt.adsafeprotected.com — Cisco Umbrella Rank: 738
100 KB
10 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 10302
log.outbrainimg.com — Cisco Umbrella Rank: 2968
images.outbrainimg.com — Cisco Umbrella Rank: 2847
494 KB
9 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1617
t.teads.tv — Cisco Umbrella Rank: 2876
sync.teads.tv — Cisco Umbrella Rank: 1703
133 KB
8 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 22029
44 KB
8 mixadvert.com
m1.mixadvert.com — Cisco Umbrella Rank: 42535
i2.mixadvert.com — Cisco Umbrella Rank: 51900
mixadvert.com — Cisco Umbrella Rank: 37590
288 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 3425
ampcid.google.de — Cisco Umbrella Rank: 43848
adservice.google.de — Cisco Umbrella Rank: 5261
2 KB
7 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1744
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3937
mv.outbrain.com — Cisco Umbrella Rank: 2429
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6839
88 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
3 KB
5 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
4 KB
5 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 914
7 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
21 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
90 KB
5 kompas.com
stgrid.kompas.com — Cisco Umbrella Rank: 139259
asset.kompas.com — Cisco Umbrella Rank: 25056
apis.kompas.com — Cisco Umbrella Rank: 29968
9 KB
5 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 34464
stream.jixie.media — Cisco Umbrella Rank: 37323
video.jixie.media — Cisco Umbrella Rank: 64575
109 KB
4 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 34292
2 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
2 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
35 KB
4 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3417
120 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
918 B
4 openx.net
kompascybermedia-d.openx.net — Cisco Umbrella Rank: 49453
us-u.openx.net — Cisco Umbrella Rank: 707
u.openx.net — Cisco Umbrella Rank: 974
742 B
4 contextads.live
pubs.contextads.live — Cisco Umbrella Rank: 160955
cdn.contextads.live — Cisco Umbrella Rank: 87778
33 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
313 KB
4 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 9613
www.instagram.com — Cisco Umbrella Rank: 1309
3 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3683
spl.zeotap.com — Cisco Umbrella Rank: 4380
996 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
2 KB
3 adform.net
dmp.adform.net Failed
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
921 B
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 11037
flint.defybrick.com — Cisco Umbrella Rank: 10058
20 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1159
syndication.twitter.com — Cisco Umbrella Rank: 1451
132 KB
3 r2b2.io
delivery.r2b2.io — Cisco Umbrella Rank: 39354
log.r2b2.io — Cisco Umbrella Rank: 43579
100 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1965
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
743 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
951 B
2 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 5033
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
799 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
89 KB
2 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 9496
504 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
726 B
2 innity.com
as.innity.com — Cisco Umbrella Rank: 24759
2 KB
2 ivideosmart.com
player.ivideosmart.com — Cisco Umbrella Rank: 37997
85 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3241
555 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3590
400 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 9122
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 4262
641 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
527 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 4054
308 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1873
282 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
226 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7413
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6709
369 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
649 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4995
463 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4856
104 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
187 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
265 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
664 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
936 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
590 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
795 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
737 B
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
72 KB
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17264
177 B
1 bluebillywig.com
cdn.bluebillywig.com — Cisco Umbrella Rank: 45056
173 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
224 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 997
33 KB
0 erne.co Failed
green.erne.co Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 appier.net Failed
ad2.apx.appier.net — Cisco Umbrella Rank: 43316 Failed
850 92
Domain Requested by
117 pagead2.googlesyndication.com d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
health.grid.id
tpc.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
94 s0.2mdn.net cdn.bluebillywig.com
s0.2mdn.net
health.grid.id
53 tpc.googlesyndication.com d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
health.grid.id
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
43 cm.g.doubleclick.net 33 redirects googleads.g.doubleclick.net
health.grid.id
29 dsum-sec.casalemedia.com 13 redirects googleads.g.doubleclick.net
20 googleads.g.doubleclick.net d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
20 stats.mainroll.com health.grid.id
19 asset-a.grid.id health.grid.id
17 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
16 googleads4.g.doubleclick.net health.grid.id
15 www.googletagservices.com securepubads.g.doubleclick.net
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
health.grid.id
www.googletagservices.com
s0.2mdn.net
14 simage2.pubmatic.com 2 redirects ads.pubmatic.com
12 ade.googlesyndication.com health.grid.id
12 securepubads.g.doubleclick.net health.grid.id
securepubads.g.doubleclick.net
ads.grid.id
www.googletagservices.com
11 d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
11 log.popin.cc health.grid.id
11 bidder.criteo.com delivery.r2b2.io
ads.grid.id
11 www.google.com 1 redirects health.grid.id
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 secure-ds.serving-sys.com bs.serving-sys.com
secure-ds.serving-sys.com
10 ads.pubmatic.com jsc.mgid.com
vpaid.pubmatic.com
ads.pubmatic.com
delivery.r2b2.io
10 traid.jixie.io scripts.jixie.media
health.grid.id
9 fastlane.rubiconproject.com delivery.r2b2.io
ads.grid.id
9 prg.smartadserver.com delivery.r2b2.io
9 r2b2-emea.adnxs.com delivery.r2b2.io
9 openbid.pubmatic.com delivery.r2b2.io
8 tag.adbro.me health.grid.id
8 api.popin.cc health.grid.id
api.popin.cc
7 image2.pubmatic.com ads.pubmatic.com
7 images.outbrainimg.com health.grid.id
7 s-img.mgid.com health.grid.id
6 dt.adsafeprotected.com d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
health.grid.id
6 imageaws.popin.cc health.grid.id
6 cdn.mgid.com health.grid.id
jsc.mgid.com
6 i2.mixadvert.com health.grid.id
6 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com health.grid.id
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
client
5 r.popin.cc health.grid.id
5 match.prod.bidr.io 5 redirects
5 prg8.smartadserver.com ads.grid.id
5 search.spotxchange.com ads.grid.id
5 static.criteo.net delivery.r2b2.io
health.grid.id
ads.grid.id
static.criteo.net
5 www.gstatic.com health.grid.id
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
4 lm.serving-sys.com secure-ds.serving-sys.com
health.grid.id
4 portal.o2online.de health.grid.id
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects health.grid.id
4 image8.pubmatic.com 3 redirects health.grid.id
4 st.pubmatic.com health.grid.id
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
health.grid.id
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 img.youtube.com health.grid.id
4 cm.mgid.com jsc.mgid.com
4 match.adsrvr.org scripts.jixie.media
ads.pubmatic.com
health.grid.id
4 vpaid.pubmatic.com imasdk.googleapis.com
4 ajax.googleapis.com scripts.jixie.media
s0.2mdn.net
4 adservice.google.com s0.2mdn.net
securepubads.g.doubleclick.net
4 a.teads.tv ads.grid.id
scripts.jixie.media
a.teads.tv
4 region1.analytics.google.com www.googletagmanager.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 www.googletagmanager.com health.grid.id
www.googletagmanager.com
4 widgets.outbrain.com health.grid.id
widgets.outbrain.com
4 jsc.mgid.com health.grid.id
jsc.mgid.com
securepubads.g.doubleclick.net
4 ads.grid.id health.grid.id
scripts.jixie.media
3 sync.1rx.io 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 bs.serving-sys.com d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
secure-ds.serving-sys.com
3 t.teads.tv health.grid.id
3 adservice.google.de securepubads.g.doubleclick.net
s0.2mdn.net
3 csi.gstatic.com imasdk.googleapis.com
3 imasdk.googleapis.com s0.2mdn.net
3 cdn.contextads.live pubs.contextads.live
cdn.contextads.live
3 www.google.de health.grid.id
3 www.google-analytics.com www.googletagmanager.com
health.grid.id
3 www.instagram.com 2 redirects health.grid.id
3 scripts.jixie.media health.grid.id
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 eus.rubiconproject.com delivery.r2b2.io
eus.rubiconproject.com
2 in.treasuredata.com api.popin.cc
2 id5-sync.com cdn.id5-sync.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
health.grid.id
2 ups.analytics.yahoo.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 vid.pubmatic.com vpaid.pubmatic.com
2 pixel.adsafeprotected.com d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
2 cdn.id5-sync.com jsc.mgid.com
2 id.popin.cc api.popin.cc
2 gum.criteo.com 1 redirects health.grid.id
2 accounts.google.com asset-a.grid.id
accounts.google.com
2 connect.facebook.net health.grid.id
connect.facebook.net
2 apis.kompas.com health.grid.id
2 cl.imghosts.com health.grid.id
2 log.r2b2.io delivery.r2b2.io
2 servicer.mgid.com jsc.mgid.com
2 c.mgid.com jsc.mgid.com
2 flint.defybrick.com rock.defybrick.com
health.grid.id
2 log.outbrainimg.com widgets.outbrain.com
2 htlb.casalemedia.com ads.grid.id
2 as.innity.com ads.grid.id
2 region1.google-analytics.com www.googletagmanager.com
2 asset.kompas.com health.grid.id
2 player.ivideosmart.com health.grid.id
player.ivideosmart.com
2 platform.twitter.com health.grid.id
platform.twitter.com
1 simage4.pubmatic.com ads.pubmatic.com
1 bid.g.doubleclick.net vpaid.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 r2---sn-5hne6ns6.c.2mdn.net s0.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 px.ads.linkedin.com health.grid.id
1 s.amazon-adsystem.com health.grid.id
1 ad.doubleclick.net www.googletagservices.com
1 u.openx.net health.grid.id
1 eb2.3lift.com health.grid.id
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 inrecsys.popin.cc health.grid.id
1 video.jixie.media health.grid.id
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 stream.jixie.media scripts.jixie.media
1 d2wy8f7a9ursnm.cloudfront.net player.ivideosmart.com
1 mug.criteo.com health.grid.id
1 syndication.twitter.com platform.twitter.com
1 content.jixie.io scripts.jixie.media
1 cdn.jsdelivr.net scripts.jixie.media
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 mv.outbrain.com widgets.outbrain.com
1 hbopenbid.pubmatic.com ads.grid.id
1 prebid-asia.creativecdn.com ads.grid.id
1 kompascybermedia-d.openx.net ads.grid.id
1 tlx.3lift.com ads.grid.id
1 hb.jixie.io ads.grid.id
1 rock.defybrick.com widgets.outbrain.com
1 mixadvert.com health.grid.id
1 widget-pixels.outbrain.com health.grid.id
1 tcheck.outbrainimg.com widgets.outbrain.com
1 pubs.contextads.live health.grid.id
1 cdn.bluebillywig.com pubmatic.mainroll.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 sb.scorecardresearch.com health.grid.id
1 stgrid.kompas.com health.grid.id
1 platform.instagram.com 1 redirects
1 m1.mixadvert.com health.grid.id
1 pubmatic.mainroll.com health.grid.id
1 delivery.r2b2.io health.grid.id
1 code.jquery.com health.grid.id
1 health.grid.id
0 green.erne.co Failed ads.pubmatic.com
0 sync.adotmob.com Failed health.grid.id
0 dmp.adform.net Failed ads.pubmatic.com
0 ad2.apx.appier.net Failed health.grid.id
850 184
Subject Issuer Validity Valid
*.grid.id
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-02		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2022-08-28 -
2023-09-28		 a year crt.sh
1838731126.rsc.cdn77.org
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
*.mainroll.com
Amazon RSA 2048 M01		 2023-03-02 -
2023-08-25		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
m1.mixadvert.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
kompas.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-01		 a year crt.sh
player-objects.ivideosmart.com
R3		 2023-03-20 -
2023-06-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2022-09-23 -
2023-10-24		 a year crt.sh
*.cdn.bluebillywig.com
Amazon RSA 2048 M02		 2023-02-25 -
2024-03-26		 a year crt.sh
delivery.contextads.live
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
i2.mixadvert.com
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
mixadvert.com
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
rock.defybrick.com
Amazon RSA 2048 M01		 2023-04-09 -
2024-05-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2023-02-28 -
2024-03-28		 a year crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2022-04-30 -
2023-05-31		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-26 -
2023-07-25		 3 months crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2022-11-15 -
2023-12-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-04 -
2023-05-05		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
stream.jixie.media
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-03-27 -
2023-09-27		 6 months crt.sh
adbro.me
GTS CA 1P5		 2023-04-18 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-03-11 -
2024-04-08		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.treasuredata.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-09-16		 7 months crt.sh
secure-ds.serving-sys.com
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
*.portal.o2online.de
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-05-08		 2 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
truffle.bid
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh

This page contains 96 frames:

Primary Page: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Frame ID: B6EC88812BB9BA75E6016D481602D16A
Requests: 302 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 2CFE1094C4DDD1F6D3CB255850B75AFD
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=health.grid.id
Frame ID: 391F1DA56B26D1026BA65461C1A70491
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fhealth.grid.id
Frame ID: DA1D7901FF59485A461E8055B791F040
Requests: 2 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0ECC02FCF7836C19DC8F5E7E7AEB36D8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 16196818EC2C89241513FCC12CEA2F67
Requests: 5 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1682689537692583098913
Frame ID: 68FBDCE4B7C056880DFDD3DEC0A2A55D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 695581885D059A8AF9DF31D3CD10B87B
Requests: 16 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FBF177EF69AB1601AFEB2C397486AB7
Requests: 22 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 69F49FCE09CE63E7FDE28FBE17A927FD
Requests: 36 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9gZyqPG2yvoWC1-4FvebMoLQDf9UggTT_r0XMjlpvJzWf9kfaOZ_XfPKNqsMvDoo-Z1UOzK5ExShNHGeEGpsvqVa-fMg2hexIizDOJX86K5Vf6COKOvTIpXFPx57oqi6gJJCupPXDjFdkq7eOi7iGI8PMydsetZD1KxClusxJXVRDU2dzPgX9W5KbWfe3zBgeaokjNIq5IsvimBja3tKUCgnQwLtUUx00p2v6t3Vtr5ciHbdmH5qpCm-hSOdLzgzBe5q-jyvArwpDYZemfy1NOU4B6ZIu5OhuwZxJutXA-T1Kqy7RBZ0Ch1Q1_Q4v&sai=AMfl-YT6oJyw9rJUlebyAoMoIksHBxohGxKnGS8Nal_89enlaiJQeFzEgr3r2RJekepMMniwE-fEiPnHeU_sMsB1xZe_C069TGHyY7uQWxKgGiNNTL_bAJ1Iyl2WMamAJKbGEg&sig=Cg0ArKJSzMwH4VlQaOxVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BB45739A90E582373514123FFA247483
Requests: 12 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC52172B9DD47318364EEEE21F2949BB
Requests: 23 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E0D5E049FD3503526032833D26DAC6E
Requests: 22 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D0153351659D707810D7716E0F25654
Requests: 22 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A86450E6F7BC49FFC8253CC40DAB2661
Requests: 21 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: D2ECF277F6328D8D01D375AFED58AA05
Requests: 2 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F44E802F99E340E2C9594640E880E1E5
Requests: 5 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: 9DF06DE7776E36D9B1F2407508F63750
Requests: 3 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: AD62B36DDE5CE867F152DCCA94BB634F
Requests: 3 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: D983395F50CE7E4DCD1FF8E835E1539B
Requests: 3 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6050CC6C659C9244E52FB3315CD94CC2
Requests: 20 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1D02FD1FB7315857C5CF69A0A68A428D
Requests: 20 HTTP requests in this frame

Frame: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 58E0CC362080E98DA35BA80947F93F27
Requests: 20 HTTP requests in this frame

Frame: https://ads.grid.id/OSM/osm-desktop-grid.html
Frame ID: 0A3B2E777AC9F51914229B1027025F19
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVuFe4TakF7JdcsTt7JdZOEPGJqD2o2Yk2cyK7Fw9snvTkq6u196OgRdsb5LHlFhETN-32MKy2c_H6rsERvxe8VsnImprOvGLj_LNQi2rz79l--5ScdSgspMaQbN0x-DM2yzk5_k8XDRYIUTl4EHDs8oZIuK8RPXnBTXIJPDibj5t_bXhs
Frame ID: 2EF47A408CFFB80142731DB6DFFA6D49
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCy718Y-Ovp5wEwAQ&v=APEucNWp4fEgJwQrfQbtpmAR_NKYiy-P6TD07oHy0nrY1kKk5K2bepkNiIdUD812KOHZjj6Jb_9ACQY8T4eLZol6XchSTo_NhmtZfWThf0Wffdsn6inbQ4WijF64xReastiS6a1QYtbOx_HiuUR5UAg94NuxUBNdVlGkPFBIbm5ORqNtCXeRceI
Frame ID: F643585F323CFABA1975E8EB67B50772
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMY1c255gEwAQ&v=APEucNXrPQdUr7DPwdXYHmgn1mV1WfRG-6jo_aEwMBkzoxCA74XwNJYU1TdhmYruJ44gAx1Ca2yZl3HBq_ASjwiYbk9qHxBjGOYy5rH7tO4cfHxrHVJk_fiyuef9oJnmmXu5JLf3rypQRfgOY6jXIHDq5XrMlyymRzBirYaV_E9qz4KfQH0-JIc
Frame ID: 0E3FE85D61D246ED6A392F2BC223F0FD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNWwsas_W6TEB0YwK4SGbIZnNEUYR1evEdAJx0Kg8JLO4KMftMJxTP5WD0pn5bMu3pO3A3y_BG_lkPwAE3_QhcjN6pG2aegyB9OTvJV7At7q9L65O1tBlCaO4xeiCl94DU_vIv2i3rSyWU7Kb6SnzLILhs0MEf-fo50H9q9ynIKvLTGGbfY
Frame ID: 1E25A147419331E95824A483F3D1D066
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNW0CbCldiPrT9SBnb3VYYwgB8Dw7zCmydoQFCLNzBXDAh70-8twoLfriLQRH-9njmVbtREjPqj4ldEibXzoXjNr6cdqNS3M20iouzOAwTmTBI4VbHod8Ehz6NTHycVGaLNmeUNGNim8R3iKak2srV4wpOtOyU4LQPN-LG7TCRcnvBXGTNw
Frame ID: A9DBAB4CC3AAE393220E83565805B53B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNXW3y620DHdvKrmR6t8A436XgF-2PAW_QM5ESO5VYDzNEXMGAsjkE-lv0Apyo6bwbHAAP1iv-nCU_mhQV4U_QeJBsieGE6O7P5QLX1LGK9EQixbfCLxfAM4g1UCwskDf8hI6MKqpOtCBYF7D3RlgE-rIL9K7e0J8PYkN2pE9HJuTZ3naOY
Frame ID: CCC6CBD8EFBDCC2F202F7A667209BE62
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 75830362BBDD76B39C9259B7CCE75847
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj5n7XcATAB&v=APEucNUBh5TFyvh3Z-6QFFHFkK6mCAPPxlDlGJnbqiUzOC74RUuOlVgwAoTFjai7tP1YfHdMNsPwm5YkxAXZzVQ_Y2HZPBbNe923VwfcJF_wvoRnUUei891Yu8AClzPpOlxlNr4-Fpm-MlZbzhiap7Kkk9qpWKHBBXDKXeO_Qi00epN8UsVY1HM
Frame ID: DC94F37B12EA07C8DB2B3CB2161065F8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARifrIPjATAB&v=APEucNUN3Mdj1fQfbnzpTJKwUbSiQBuz5_0e6QjeGOpKtDn85xXM7hYeOzcB_OOTYp7FUMKpt2lLXvPhDD4p4ElYzcnCyIf7NveFt89ub8_SLfFlERHa689VNUvMAqY2Yw0g0EAnvb-gl544_njVlS7hibjP-Xx9HlJIvaMRc7NMUbHnij78imU
Frame ID: 45BF7169E684529E004A24EFF05DAC59
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNUHv0r2fcyDZENLq-Av1VdXLaYkU5p984CtZ9-apcqEKExoJq0Y6YG_BuegJGv_laUt0baic1H1gXYtZ20DkPZKtemDPAgxg8bt97vKIYObwZkMBGJqsa2G57McCm4ngVUSPG3UoU_ZMyWsVQ1jcK-73aE9SEzIp72ACMcG0DdFmhD4Cdg
Frame ID: 80F9628ADC6B16AF3EA946EBEB68A0C1
Requests: 5 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&gdpr=0&gdpr_consent=
Frame ID: B4B0F86E23ABA7DE566235A7DFA8549C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924902158651
Frame ID: 9C0CE21F9F19E20D888D9840996C1336
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 037BA26F90E1EAD33599DC69802C4AD4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2592218978760150537
Frame ID: 868A10F5509F98F69B2B151F12EEE200
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu
Frame ID: BE1A8CF635A6AC074E7065C226E91C5C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 287A846487B0BCDA7CA5F46D410A82DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1964985283929887858&gdpr=0&gdpr_consent=
Frame ID: FF621D2B53EFCF72683A16C6109C4DAB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7227096539328018578&gdpr=0&gdpr_consent=
Frame ID: 1CABA9290D9DB5E75C835B8741EF9987
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zKtlTCigX41X3G8JA6eoELnVm6Y&gdpr=0&gdpr_consent=
Frame ID: AE07098EF8A454518CCA8F41CA21C06A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHNNE7Il5wAACITZ2EkhQ&gdpr=0&gdpr_consent=
Frame ID: E29BCF378ADDFFA401315C313D99ADDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 40031EE1A2442E4C3F07B67D37E27E90
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 21EF54201B8A533EF189FDE59243F047
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FAE628D518AB4C7C96F458E9E4A95D67
Requests: 10 HTTP requests in this frame

Frame: https://7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A50C7E19C0917F3A6A1524EADE7473D4
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Frame ID: 229250F49B04FB9398BAC3E291F73722
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
Frame ID: FD84138BC759342D4C288FCCDA3DCBB1
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Frame ID: F099A4B923EF4E5F27C035D71297ECBD
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Frame ID: BB1DF4ADF467C03491FF51999AF88F7A
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Frame ID: 807F0F2B353AAF72BA727A23FA9787C0
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 823D5AACC7ACDCED72B7A8A7F8CBF757
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BA1E80892D85A023CE8EBD70749FE78E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Frame ID: 3A4BD90A6066A21A17E5E21C2BF92212
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
Frame ID: D82FBA1C3BE2ACEE9A2421332AB47DC0
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucxGNtl6-wv0IAkLyOsa9MovDVasxw1iREzOfhEjI5rgNVHk-_si_SedMSGwcW0AQOzCix2vXss3HJ8oUfKM9iKx1aQY7c7CtTL-wM0KLrkHa6yNyQDc72WPZqmL_JgTpTWWYxZ0o-4-dXcsF9DutJadEmduqFeKhnRLCF5nDngR6y42ETagEq_ivm66n0UH7LksPDngDMA2a54iHoVxV-aOsiQIpZBUkvu23700DoK8yHRYaHMi6RD2VKpa-swto4C6RuXAG8qKHMpTGZvNB2-xDBaSPW3Gw5RGm-vJu0sqXYNBUkA8vKntms2Zpdalg&sai=AMfl-YSp7YSrDs4p8BR5eJaqjAubgNoU3Rn3Dus5g4gk4jLXRfRDiHVQbA4zxHvP--C7cR4SsYhXAk-Kywof2u6_qm7tjeagGvCu8YWfmXlp2KnUb296n7XmwogxO6nNQQ&sig=Cg0ArKJSzIJNTz8bwXnHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7AA7DACEE7C6F2B0C431859809E8CBA5
Requests: 23 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 6EA4462ED2DD4FB007D806048385D5F3
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B675F73DD1A964E1D2F1C63566ED111
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09C7B00178AB08F0C7B19098B3B9EF2A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D6EEB9D888DB612271DEA0C097CFD6BA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B751F2A4833638DE4D95F235A89A3BEE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C359B3ADBEABC3CAE68398E827FBF745
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1D23DA660364428F8DCA7694098F13C9
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 16AAD215A4B9DF8FE2ED83C341F8C9CD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CFC82DCED4662AA13165D673270E661C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Frame ID: E16A38D7B9AF9C666C6FF6721A626DDE
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4FCE995CA3815725873601397B6ACDD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 4CF4D2FF2A6E357150EDF3B5513070D5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 52B5BD3AEC18D0389E43A4268A2DAFC2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7900F0859374AD2EB845688E682F4F90
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 077F68B3AA920EB853989E9DE30A0089
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 931238480C58530ECDB3724356C0F4DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: DE9833BBFE9F2B53377691965B534112
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: D0323E9A07DBCA6093ED210FBA75BFCE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 444B365B114BD0A40416FACD8691C323
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FD7B725593D109A3663A916EEFB0D940
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 001CE1218D0054B8E5EB792AA95960A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C3B9742BFA6EC57CA568A029E6CA15C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Frame ID: 13AA5B16E270E6D514DCB4397D9FD5FC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZEvOCAAAAIAhzQBL&gdpr=1&gdpr_consent=&_test=ZEvOCAAAAIAhzQBL
Frame ID: D58C9AE67A9950D42BD214B1DC302395
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 221379EC0E924D57145CD2AE262A346E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 37E0CAC1691706DA954FD09D2F657C69
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 13D84FF231C9C4787934B9696E4A7FFF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C9D28E78484B76E220E64324079F4371
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B0936D4E856278B8B272AE682EF4916E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Frame ID: D7C86320957FAB066605C8841E645276
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003
Frame ID: 3FBE05004030BEE9F2D43FBFDB790B6B
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: 53042CC6BCBE4B2C2D525E3AABEFA953
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=11vkjsanzv4s
Frame ID: 7ACD11156F6505D08D52C406E24D73FF
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 029C4832936879A7200C7919370F5ACF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DF31C5C881104EA6AF30C730DE515B7C&gdpr=0&gdpr_consent=
Frame ID: 33EA02984A85A6B55F29C7BFA307A0AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: F923356FF35CF3CC526FDE6DB9C4DA3A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 10FE562E2EF739F0C86F016A8F887B70
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1682689546644663407703
Frame ID: 64336E38043750A532786EB44F4C38AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dapat Telepon untuk Cek Status Vaksinasi Covid-19? Kemenkes Minta Masyarakat Waspada Penipuan: 'Mohon Diabaikan!' - Grid Health

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

850
Requests

92 %
HTTPS

35 %
IPv6

92
Domains

184
Subdomains

138
IPs

18
Countries

13306 kB
Transfer

27848 kB
Size

128
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js HTTP 302
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Flogin%2F%3Fnext%3Dhttps%253A%252F%252Fwww.instagram.com%252Fembed.js%26__coig_login%3D1
Request Chain 131
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=DKDJGy4EDKytspToAc5LZA
Request Chain 228
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=grid.id&sn=ChromeSyncframe&so=0&topUrl=health.grid.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mjnNH3xYdVJLWjFUaW9ZS0VBd3M4bCthOWlwNFFnczNaa3Z3MHFCaU14TDZEN1ZSUXl6RUkvQjhGSlhkckV5UHJIMUhPeitVRmptZUlIN0QxbWI1RlNkYlpBNDR0bjNhaHJVWnhBY3EvSlhBMFoxcHlKQkVkS21PVm43cWRhOGRmczNScUwxbTF6NHlpR1NsWDl5bTdrM0FkRGRjWHlhSm4vV1FkWWtXWVQ5VEdtWWZ0dHhGUk1mYzZUcENBR1drekhjem5aTzZKQmVBc3M5WmVJZm9JVXB5aHJtZUU5S1NNaEk5L3RheHY5WWlPd05lNXJ6bTArSWM3eWE2akhPNnJlV3BjMGhpN1JRbmFEZTJGSUZaVUw0Skh4dz09fA&cppv=2
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&gdpr=0&gdpr_consent=
Request Chain 381
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924902158651
Request Chain 382
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 383
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2592218978760150537
Request Chain 384
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu
Request Chain 385
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 386
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1964985283929887858&gdpr=0&gdpr_consent=
Request Chain 387
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7227096539328018578&gdpr=0&gdpr_consent=
Request Chain 388
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zKtlTCigX41X3G8JA6eoELnVm6Y&gdpr=0&gdpr_consent=
Request Chain 389
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFITk5FN0lsNXdBQUNJVFoyRWtoUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHNNE7Il5wAACITZ2EkhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAHNNE7Il5wAACITZ2EkhQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHNNE7Il5wAACITZ2EkhQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=9108829653269371145&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHNNE7Il5wAACITZ2EkhQ&gdpr=0&gdpr_consent=
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l_-Co6w_Rme1luVM9s3LzQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 392
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4117176533 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
Request Chain 393
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjRpVmRMRDlUY0RUOXllbjAwQmJpdUdrZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTdGRjgyQTMtQUMzRi00NjY3LUI1OTYtRTU0Q0Y2Q0RDQkNE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENAcRXxeBaq0a0alHZKSsbg&google_cver=1
Request Chain 397
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3752914814332197283
Request Chain 399
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cnqoF_RE2uW4.9FKQ_dan5KF6HC3vwc-~A&gdpr=0
Request Chain 401
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e616cc88-289f-47ae-8ad7-41f6bb07ae17&ssp=pubmatic&expires=30&user_group=5&bsw_param=293c98d6-19f7-4952-9174-80bcb6249ac2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 411
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 412
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 414
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 416
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 418
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 420
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 422
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 424
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 426
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 428
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 430
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 432
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 433
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 434
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 436
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 438
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Request Chain 440
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Request Chain 442
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyOL61UUuQAfdWRZX7VIOA&google_cver=1
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECipZo41pE2YsFfXUbTP_Rw&google_cver=1
Request Chain 534
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 577
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9087829175746998613&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1964985283929887858 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 580
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450353&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Request Chain 632
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENdfvPgHYTm07XCRu0bDBDo&google_cver=1
Request Chain 635
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZGNBXqE2Xe8rpmmbgB-mZsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n6orT15E2oLrja7.lkytUHKQLdjupYXaOwvuPQ--~A
Request Chain 636
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5JrIR0XCSM-ieQFdBPlypQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5JrIR0XCSM-ieQFdBPlypQ
Request Chain 637
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH0LWJ2U-1Y-87X2
Request Chain 638
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgwTFdKMlUtMVktODdYMg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBu6OHr06CJRzen2OCAo9P4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgwTFdKMlUtMVktODdYMg==&google_push=
Request Chain 639
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjYyNTM0NGNjNzMzZDFjOWI3NGVlZjM5NWYwZDZjZGE5MTU1ODcyYw
Request Chain 780
  • https://gcdn.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/1FB7C9CD400FFF752DCE268ED102DBF68A49D505.6A736FE8582D49B39320AD0E942C76E19D6A5E5A/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-5hne6ns6.c.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/7DE966EB46B58CEAD3BA1A6F39F6F20E42284890.0148344A72CC1F7BFCE5E7B3986941019FD348CE/key/cms1/cms_redirect/yes/mh/KK/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hne6ns6/ms/onc/mt/1682689267/mv/m/mvi/2/pl/48/file/file.mp4
Request Chain 784
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZEvOCAAAAIAhzQBL HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZEvOCAAAAIAhzQBL&gdpr=1&gdpr_consent=&_test=ZEvOCAAAAIAhzQBL
Request Chain 786
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 788
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 790
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Request Chain 791
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1682689543998 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4407900508 HTTP 302
  • https://sync.1rx.io/usersync/turn/9087829175746998613?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003
Request Chain 793
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=11vkjsanzv4s
Request Chain 795
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DF31C5C881104EA6AF30C730DE515B7C&gdpr=0&gdpr_consent=
Request Chain 797
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 798
  • https://pixel.onaudience.com/?partner=214&mapped=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=92fd7994ac04986c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f46a3335-83bc-4427-4d0a-ddb80a34f94c&reqId=1c591f7c-b96f-4e4e-529d-52efd2444552&zcluid=92fd7994ac04986c&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAjYVDUPZwp1jUNVCjHuSEc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f46a3335-83bc-4427-4d0a-ddb80a34f94c&reqId=1c591f7c-b96f-4e4e-529d-52efd2444552&zcluid=92fd7994ac04986c&zdid=1332
Request Chain 799
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8abdb40c-b837-40dd-9aad-8891c4bd778f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 812
  • https://image8.pubmatic.com/AdServer/ImgSync?&fp=1&mpc=10&p=156479&gdpr=0&gdpr_consent=&pmc=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fpmc%3D-1%26partnerID%3D156479%26partnerUID%3D%28null%29 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=156479&partnerUID=%28null%29&pmc=-1

850 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
health.grid.id/read/352900082/ 		123 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-108.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
acc8668870ce4533ac70038bbf44aaaa7b91be2ad4eaef00bcab8643aa5f9e6f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 13:45:33 GMT
server
nginx
vary
Accept-Encoding
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id
7nyNCFoD7kDPpa-sfNzxOXMaVCSXDN8UOzCI4wawC5dpl7BvE2V_BA==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-robots-tag
index, follow
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
960e40684728fea2e042004e990e2e95bc8222eda7c4d559f0a73bf3fff7b9e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24874
x-xss-protection
0
server
cafe
etag
369 / 19475 / 31074164 / config-hash: 15614866056795520360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:34 GMT
css
fonts.googleapis.com/ 		4 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:wght@400|Roboto:300;i&display=swap
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eceab14afb6511a91b9918fdcd008cfff68609a27d9d43bcd932ef8f56ad3f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 13:45:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Apr 2023 13:45:34 GMT
brand-parapuan.min.css
asset-a.grid.id/new_css/grid/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_css/grid/brand-parapuan.min.css
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
025e1ffaf2b42d0fda6a591b2f5ec81ecc1dd0d16aa1b529a691e4382f970db2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:24:44 GMT
x-amz-version-id
NQiVavm0_kpOT_Dhv8aAsTFy2biOEV4i
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Thu, 09 Dec 2021 09:10:09 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
2618449
etag
"068757f874521bf5841b228e46491556"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1537
x-amz-cf-id
IosCCW-w6HpEyJHP_s3DhVaEQtH1moMXQFFtsH63ezyRKfOa1QwMTA==
expires
Thu, 28 Mar 2024 06:24:44 GMT
desktop-gridhealth-V3.css
asset-a.grid.id/new_css/health/ 		101 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_css/health/desktop-gridhealth-V3.css?v=qKPUwFRV
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b0d4153897be61e843baba4be43231cae1586f95537da54a7ff680171f3eeb79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:45:41 GMT
x-amz-version-id
._jj1jF5OYY3iusJF0DoVoXzC7de7FFY
content-encoding
gzip
last-modified
Fri, 15 Jul 2022 03:37:58 GMT
server
nginx
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"ed7d5f3c321417648087efb72bf501e5"
age
7905592
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
smj4uXmnNYPfJVuPEJKomGZIDNY2Ycr1fo1HU4iTrRZCDLoYQWBIwg==
expires
Sat, 27 Jan 2024 01:45:41 GMT
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:33 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17b8b"
vary
Accept-Encoding
x-hw
1682689533.dop202.am5.t,1682689533.cds286.am5.hn,1682689533.cds302.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
css
fonts.googleapis.com/ 		14 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,600|Roboto:300,400,500,700,900
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4040e04124ea531dfc072f90d959d12dfaff5622d9adc404c8f4469d7499caa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 13:45:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Apr 2023 13:45:34 GMT
jxpublisher_3_1.min.js
scripts.jixie.media/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.23 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
3c5182993905dd1648e5b0267bef0a3d687da782dd1966440aaf11f2b20cd663

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
x-amz-version-id
8LJqvNmPRyaZq7Z2b_ROAXcgTWslOo3W
via
EA-SGP-EDGE1-CACHE1[6],EA-SGP-EDGE1-CACHE8[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE16[2],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
44VGPXRT9H1Y41V7
age
2025478
x-amz-server-side-encryption
AES256
x-amz-id-2
qzHSBXNPgqr1Jr48ceQh2/2VvUNzRYjr93nMiRbrfCicF4J8zta3XA/opfzAoWSyA/UQ3x+j10Y=
last-modified
Wed, 05 Apr 2023 03:07:37 GMT
server
openresty
etag
W/"34080c210a7f32ecd36db6aff69175cf"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-hcs-proxy-type
1
grid.id_desktop
delivery.r2b2.io/hb/kompasGramedia/ 		360 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
37e13d8e286e8ea7f782b3484247ae4398612f0e2ce7ad7b26d3ae7d2ac55116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
257
x-accel-date
1682689277
content-length
100420
x-77-nzt
AZySIRkSOJP/AQEAAA
x-accel-expires
@1682691077
adt-powered-by
slim
server
CDN77-Turbo
etag
4ee13ea947e1bed8fd6f17386bfafa64
x-77-nzt-ray
cf8787272edee423fecd4b64076c2507
content-type
text/javascript; charset=utf-8
cache-control
s-maxage=1800
accept-ranges
bytes
grid-gridoto-prebid7.31.0.js
ads.grid.id/PREBIDJS.JS/2023/ 		382 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.169.4 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bf4db2f8f53ab2893d0c6da9df4b76b4246c23857c74417be7a63d595107a3ff
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
last-modified
Wed, 08 Mar 2023 08:52:56 GMT
server
nginx
etag
W/"64084ce8-5f7de"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800
x-robots-tag
index, follow
x-xss-protection
1; mode=block
expires
Fri, 05 May 2023 13:45:34 GMT
pickwords.css
ads.grid.id/CSS/ 		1 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.grid.id/CSS/pickwords.css
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.169.4 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d7376eec3075bfa1b4fe198e724885772b1d803c0a64cba9c91187e768d86731
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
last-modified
Sat, 06 Jun 2020 16:57:11 GMT
server
nginx
etag
W/"5edbcae7-4a9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-robots-tag
index, follow
x-xss-protection
1; mode=block
expires
Fri, 05 May 2023 13:45:34 GMT
pickwordsgriddesk2.js
ads.grid.id/JS/pickword/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.grid.id/JS/pickword/pickwordsgriddesk2.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.169.4 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96b73c29c11ee46cca42ab7876d1ab3b78f5b13c0179c8f3f8006d543505cbf1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
last-modified
Sat, 06 Jun 2020 16:57:13 GMT
server
nginx
etag
W/"5edbcae9-16e6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800
x-robots-tag
index, follow
x-xss-protection
1; mode=block
expires
Fri, 05 May 2023 13:45:34 GMT
vcbl_grid_always_float.js
pubmatic.mainroll.com/a/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubmatic.mainroll.com/a/vcbl_grid_always_float.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
bc74a7bde782e5d864fa129b87e19780da625271b030ca5dd40b51d98659edf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:44:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
67
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9750
x-ovp-host
vms-prod-frontend-spot-10-1-17-123
server
Apache
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=90
x-amz-cf-id
zMoNsudPSooBBf9l5r5h-iu3ZqxzrWY3zZCJotrLamc5K6xFmnydnw==
expires
Fri, 28 Apr 2023 13:45:56 GMT
jxosm.1.0.min.js
scripts.jixie.media/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxosm.1.0.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.23 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
d172ecc86c494ee8e8de8cd7e5db84f0689183174e6546d57e8d73984ea47c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
x-amz-version-id
AakEvRD0xMB5BIONFftT_fOykmXNKcXW
via
EA-SGP-EDGE1-CACHE1[4],EA-SGP-EDGE1-CACHE5[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE29[4],EA-SGP-GLOBAL1-CACHE21[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
HH2VFWP86QZZMCGX
age
1214132
x-amz-server-side-encryption
AES256
x-amz-id-2
FX7ByGpFMRiRyAUCKoANIOT2SYhioll2qI9s1m+6WKkBJF2v6BQuLA59TApl2R/hZow7MHATIo8=
last-modified
Fri, 14 Apr 2023 12:12:17 GMT
server
openresty
etag
W/"42727cc0f607a4e8a7ba5e5732f68e80"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-hcs-proxy-type
1
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
395935b2ed248df7eaaf8f85235c19773885984df8165df1acc0efd3e39c5ee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 13:42:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Apr 2023 13:45:34 GMT
grid.id.1323625.js
jsc.mgid.com/g/r/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/r/grid.id.1323625.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9bdc03b02fb2ee9cda29955b68b5b11c670c612d868260738cedc2270996117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
x-amz-version-id
cgadhKwpr3mZYtTIAsHsQMSdBhqALgUC
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
86CEMDK6NGZRY8X2
age
2513
cf-polished
origSize=2676
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
SfQA3gTJf2T76HeTbGwU8k0yGliQIPRabxXO88q2FQZNMnqKd4Fqr6ePuJPka9so5e0A4bp+TDA=
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 07:40:50 GMT
server
cloudflare
etag
W/"7e348f7a81be01ff24c54cd1678de125"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7befbf144d3535fa-FRA
expires
Fri, 28 Apr 2023 16:45:34 GMT
/
m1.mixadvert.com/show/load/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m1.mixadvert.com/show/load/?id=9495
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.33.191 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
m1.mixadvert.com
Software
nginx/1.23.2 / PHP/7.2.24
Resource Hash
f72b717dfeb18b0e513c0ca4dabb1cca150a35029e0fe0ccca1524beace1b696
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
strict-transport-security
max-age=15768000, max-age=15768000
content-encoding
gzip
server
nginx/1.23.2
x-powered-by
PHP/7.2.24
content-type
text/html; charset=utf-8
outbrain.js
widgets.outbrain.com/ 		198 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5cf3f1ff3b9e68a6faec8abff814b05d2e09059b86b6242a8675dffa3cb78916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 14:00:36 GMT
etag
"23-y/Afe/UmmwoTc8cU9i44UMu+0Y8"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
e69d1664875ce72925b01f8e12fbfadd
timing-allow-origin
*, *
content-length
72576
access-control-request-headers
X-OB-STG,X-OB-PRD
style-videokgplayer-desktop.css
asset-a.grid.id/new_css/grid/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_css/grid/style-videokgplayer-desktop.css?v=Zbh95SHw
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
89af293e0529e75638ccd0b9f20854277f4768694c99578cad533545e00f1633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 07:19:07 GMT
x-amz-version-id
LP.bYC3oaz.vnrrBBgXjGtze1fM6B2Px
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
2096786
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8214
last-modified
Tue, 07 Mar 2023 03:54:20 GMT
server
nginx
etag
"2fe1b0205e0352df6f73f75322450ed5"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cCqgFopc92cf5WBtl7NQRPsGMXYPPyib3wXP9RYPvmJdcv89HUgdBw==
expires
Wed, 03 Apr 2024 07:19:07 GMT
slick.min.js
asset-a.grid.id/new_js/grid/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_js/grid/slick.min.js?v=xJteoMFq
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
339e892881c7d1e89172dc6c2e16ae37bfeb3b49b25e6dab581c50ed38132321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:11:00 GMT
x-amz-version-id
faAJ2Vdy_Wy78G.BgQYNO.U37IbPqboV
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Fri, 09 Apr 2021 03:54:46 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
3044073
etag
"320f5a85d571b77509aabf0835ebe0f5"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
41676
x-amz-cf-id
l75EFyU2x648CsXV3L3Em-dVNSmgT0aqmJm0Uod9m_-4HlddOh0Lpg==
expires
Sat, 23 Mar 2024 08:11:00 GMT
jxvideo.3.1.min.js
scripts.jixie.media/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxvideo.3.1.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.23 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
888e5fbb6c02233e7945443cd860a12f41246737fe10bca49e067f2001862aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
x-amz-version-id
.rhwov9xOHBr33nif53.lClOwoRmVtJX
via
EA-SGP-EDGE1-CACHE1[1],EA-SGP-EDGE1-CACHE2[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE17[2],EA-SGP-GLOBAL1-CACHE23[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
161ZHEB6ATVXPX2V
age
25480
x-amz-server-side-encryption
AES256
x-amz-id-2
Nr4q/qUbeLlJfd3Quwk+53VRcUofZPxhGRKaJpqP6v5b8aMap04IvyYhVzx36ITCpLHhhdYeiYE=
last-modified
Fri, 28 Apr 2023 06:37:05 GMT
server
openresty
etag
W/"c68598e35cbb3f91b659cbeba47dd781"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-hcs-proxy-type
1
sosmed_share.min.js
asset-a.grid.id/js/ 		520 B
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/sosmed_share.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
9be08c21a7272ad196c40d5456f0032c89f4e8371849f1f6b0389c78f270bc27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 23:08:14 GMT
x-amz-version-id
null
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Tue, 18 Dec 2018 07:36:41 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
2385439
etag
"16f39a196c3a16f306411daea582327d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
520
x-amz-cf-id
uhu_JUWWskdnO-Wb86jQx7YmK-HeXDrgQcI0kxGr4a_3Aac45tLUbA==
expires
Sat, 30 Mar 2024 23:08:14 GMT
/
www.instagram.com/accounts/login/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Flogin%2F%3Fnext%3Dhttps%253A%252F%252Fwww.instagram.com%252Fembed.js%26__coig_login%3D1
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Flogin%2F%3Fnext%3Dhttps%253A%252F%252Fwww.instagram.com%252Fembed.js%26__coig_login%3D1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Server
2a03:2880:f276:e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=15552000
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-debug
s3Y+Mz0OjJunWPJGoSipIk3WO7ijzv1Mxx8ZhhOUUBay8AumojaNAI0Oo2UP2EZR0zU7fUgKYRGdzx7mOvA34w==
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 28 Apr 2023 13:45:34 GMT
vary
Sec-Fetch-Site, Sec-Fetch-Mode
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/html; charset="utf-8"
location
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Flogin%2F%3Fnext%3Dhttps%253A%252F%252Fwww.instagram.com%252Fembed.js%26__coig_login%3D1
origin-agent-cluster
?0
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:33 GMT
Content-Encoding
gzip
Age
504
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67C1)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
lozad.min.js
asset-a.grid.id/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/lozad.min.js?=v1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
9529b0a64a297463ef67485e060c33abd87638cb8a07771b50d7766afb0752ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 00:51:52 GMT
x-amz-version-id
DMOXcCPAHJmSaiGoB4JFhbjAT.COxe1x
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 09:19:38 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
2292821
etag
"b00705116cab67ce2dc48244fcdb9a9f"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2203
x-amz-cf-id
8dEsFkr_unuOWzdKn3KOCEk_pMc11kJqnLMfk7eqDTbArlPCJq6Avw==
expires
Mon, 01 Apr 2024 00:51:52 GMT
general.js
asset-a.grid.id/js/ 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/general.js?=v1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
0cd99ca2bfb922fb3c52fa43f406bc0e1412628943e6c216c5f002dc4a50e852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 04:24:32 GMT
x-amz-version-id
8Wp.zWz_aNBDeq9M8ZPYIZOtT7hOoGnZ
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 04:58:02 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
2020862
etag
"dd75553394fb9ecbdf5e2a3ca5f68587"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
949
x-amz-cf-id
LJOmIGPp7KQWtL2nlrL3hn183e0zUcucD_UU2zQRP9JfGrJMTwbZDA==
expires
Thu, 04 Apr 2024 04:24:32 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12419
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 17:46:45 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
506468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10096
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 17:04:26 GMT
grid.js
stgrid.kompas.com/kgnotif/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stgrid.kompas.com/kgnotif/grid.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-47.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
eef2525c2fdb145070cc666174212f34c138606674ae23e4a7d035a88282a048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 02:41:41 GMT
x-amz-version-id
W2CwcLzOL_OJd6Yw3VB97tj0aeunI7Cu
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2286232
x-cache
Hit from cloudfront
content-length
3685
last-modified
Thu, 17 Dec 2020 08:09:15 GMT
server
nginx
etag
"e920a7927585b8b2b81444732670719e"
access-control-allow-methods
GET, OPTION
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qtDJYZudRmsSgQVmy7tbjtOW6qQoSqQbJTue2T_SGSiFrXVL8WuY7g==
expires
Mon, 01 Apr 2024 02:41:41 GMT
sso_g_signin_v2.min.js
asset-a.grid.id/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/sso_g_signin_v2.min.js?v=1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
656136cf92d62284887324cf2f49d5fcc708d9d63750670d9bf17c58654561c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 09:47:01 GMT
x-amz-version-id
3_BgZYlueXiDhHcBuukL8e7sQKJVkPRk
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
2865513
x-amz-meta-origin-date-iso8601
2021-01-22T04:04:52.649Z
x-cache
Hit from cloudfront
content-length
2600
last-modified
Fri, 22 Jan 2021 04:05:13 GMT
server
nginx
etag
"d114e05a70a6a17684fa41c4a8a8076e"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
z3BdbAnuLnIgCItY9SkNRyttkK37GebtqVKDbmq7d5lS4oUjJoP2kQ==
expires
Mon, 25 Mar 2024 09:47:01 GMT
getcookie_sso.min.js
asset-a.grid.id/js/ 		530 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/getcookie_sso.min.js?v=7
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2a9e0440f6d7e307945f9fc5e65871f45d2c006574f93959e7aede47e763ec91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:00:43 GMT
x-amz-version-id
yJmO9vMCYAZTjG2biRuqAxhaOa5CThZg
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Nov 2020 06:43:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
996290
etag
"088780284be9dd502f8fc9b8bdc91dfe"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
530
x-amz-cf-id
zauu_o-oIVxw1FpkEB_ubNbPXxrvkq4niBuure5sZwvCVILNbgyhbQ==
expires
Tue, 16 Apr 2024 01:00:43 GMT
loader.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:8::c16c:9913 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1602601758af40201d0d28cb6883ce194bced6247eb561015371451f27599340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:33 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
LHR61-P2
x-amz-server-side-encryption
AES256
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
3514
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 23 Mar 2023 11:46:01 GMT
Server
AmazonS3
ETag
W/"efbd82b9026d9ee2fd69775375810820"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
VdGtRG6vpRAGDGTnIcz3cxD5xnx-fxTLFx3SwVBCYZclhb0jILlSaQ==
extender.min.js
asset.kompas.com/data/2021/sso/js/ 		1000 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-86.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Tue, 02 Apr 2024 00:44:39 GMT
date
Mon, 03 Apr 2023 00:44:39 GMT
x-amz-version-id
MOZ46XzJdcFn1e02WvQVITzvQ0X1BXOD
content-encoding
gzip
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2206854
x-amz-meta-sha256
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
x-cache
Hit from cloudfront
last-modified
Wed, 21 Sep 2022 22:43:02 GMT
server
nginx
etag
W/"826a4aaed58c0b038c78fad576e7b0d4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
UbygAmLAXZRrYh2rMgIW8Jro7Oroi-xde9KCrcHvNDVu7BUlv2wVKg==
x-amz-meta-s3b-last-modified
20220921T224110Z
ssouser.min.js
asset.kompas.com/data/2022/sso/js/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2022/sso/js/ssouser.min.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-86.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
2100750f756ddf0f30671e283e36ac283c3428bd9ce6720b8b40f25810816267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:10:17 GMT
x-amz-version-id
MNyBrPSeBAlUVRm9jjmzx.P6mZ_u8RXM
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1481716
x-cache
Hit from cloudfront
content-length
829
last-modified
Mon, 07 Nov 2022 05:52:01 GMT
server
nginx
etag
"a89c96472d1a207e8683acf391fbfe2d"
access-control-allow-methods
GET, OPTION
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9KQqkiUBikT_06ZRO1c0PfyC9eiF9d0WX-1xQdQ9WY8q0eqR05pVjQ==
expires
Wed, 10 Apr 2024 10:10:17 GMT
gtm.js
www.googletagmanager.com/ 		252 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f498acfab40dc89548d6e8038f9ea963b962f3175759662722af93db4ba164c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79632
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Apr 2023 13:45:34 GMT
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e4c3f81037f03d7851d0dc5bdc30906d542303fad118bd695131a6bd1116dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		453 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
267854b1083c97899a2c8cfdb8fa73ce3d3ce304d04145f330654c6a94038ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		867 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
795c86ca9140f5ab15efd64e171c82cfbd4306cbac92d9a8d766830ab8587ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
014d7fe9e37fd7ea12010975a66e9c6c40bcc0f2e1f281af694d72980e42bd23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6bab38dd771d4056ff9339cfec9c45abd47461ab2d930e4c165199e0438dfcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a68fef4ce7cd0b5e860e4cd6fac6468cc45feab3d42049542222923fa0a38775

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aae336abd5e6ee1d571aaea262b90f26d91e96e32ecb026127b283c48e5c4907

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://health.grid.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400
date
Fri, 28 Apr 2023 13:45:34 GMT
expires
Sat, 29 Apr 2023 13:45:34 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
publishertag.standalone.js
static.criteo.net/js/ld/ 		93 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3f73768613f925c342c620a9bcd75ed2c122048a54f092fae9fb73d7caff460e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/javascript

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-17514"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Apr 2023 13:45:34 GMT
pixel.gif
static.criteo.net/images/ 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 22 Apr 2024 13:45:34 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:55:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
6605
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126484
x-xss-protection
0
server
cafe
etag
2690975471868618065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 27 Apr 2024 11:55:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		75 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=health.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d1846ac6379fa24aa003e1aeaa072991a79378b02e2b7a0f4537cddfd6ef57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:34 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Apr 2023 12:32:18 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4396
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 28 Apr 2023 14:32:18 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5e13b65aa8de4d3bb4345180f34c13d57def9fca43c909bbc85ce526248b335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79791
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 28 Apr 2023 13:45:34 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78713fe18c2a237a284fd105b196cd0ac198e0add10448c4d09dcca779e6a21e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 28 Apr 2023 13:45:34 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-44BZGBH5PG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce99e1ef0a8b095b8493b6a5ead79bfcbf298b90d9f087eb6e53dab34041cd08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81162
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 28 Apr 2023 13:45:34 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1682689534386&ns_c=UTF-8&c8=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&c7=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&c9=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-125.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
wHlTpA3oOzbv8U3eAMFGfX-6N8WrUtpnR1VwB0u0PJo73Ojci0s4-A==
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-19394023-9&cid=48352262.1682689534&jid=1119061951&gjid=678469448&_gid=1569870539.1682689534&_u=YGBAgEABAAAAAEAEK~&z=1324354120
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 28 Apr 2023 13:45:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1322728739&t=pageview&_s=1&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&ul=en-us&de=UTF-8&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAEK~&jid=1119061951&gjid=678469448&cid=48352262.1682689534&tid=UA-19394023-9&_gid=1569870539.1682689534&gtm=45He34q0n81526569C&cd1=Health%20Update&cd2=Health%20News%20Today&cd3=&cd4=Nikita%20Yulia%20Ferdiaz&cd5=Gazali%20Solahuddin&cd6=&cd7=Standard&cd8=2021-09-20%2014%3A30%3A00&cd9=&cd10=332&cd11=telepon%2C%20kemenkes%2C%20penipuan%2C%20waspada%2C%20kementerian%20kesehatan%2C%20hoaks%2C%20vaksin%20Covid-19%2C%20vaksinasi%20Covid-19%2C%20status%20vaksinasi%20Covid-19&cd12=2900082&cd13=Grid%20Health&cd14=164&cd15=8455&cd16=&cd17=&cd18=35&cd19=892&cd23=0&cd24=2021&cd25=9&cd26=20&cd27=48352262.1682689534&z=426985399
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 08:37:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18457
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-44BZGBH5PG&gtm=45je34q0&_p=1322728739&cid=48352262.1682689534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682689534&sct=1&seg=0&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44BZGBH5PG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DEHFJ8M3W4&gtm=45je34q0&_p=1322728739&_gaz=1&cid=48352262.1682689534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682689534&sct=1&seg=0&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DEHFJ8M3W4&cid=48352262.1682689534&gtm=45je34q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DEHFJ8M3W4&cid=48352262.1682689534&gtm=45je34q0&aip=1&z=367947029
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JL4WNPXLQ8&gtm=45je34q0&_p=1322728739&_gaz=1&cid=48352262.1682689534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682689534&sct=1&seg=0&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&en=page_view&_fv=1&_ss=1&ep.ArtikellD=2900082&ep.Author=Nikita%20Yulia%20Ferdiaz&ep.AuthorID=8455&ep.Editor=Gazali%20Solahuddin&ep.EditorID=164&ep.TotalWords=332&ep.Category=Health%20Update&ep.PublishedDate=2021-09-20%2014%3A30%3A00&ep.SiteName=Grid%20Health&ep.SitelD=35&ep.ArtikelSource=&ep.SubCategory=Health%20News%20Today&ep.ArtikelTag=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementerian%20kesehatan%2Choaks%2Cvaksin%20Covid-19%2Cvaksinasi%20Covid-19%2Cstatus%20vaksinasi%20Covid-19&ep.ArtikelType=Standard&ep.ArtikelTitle=Standard&ep.Lipsus=&ep.Lipsus%20ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JL4WNPXLQ8&cid=48352262.1682689534&gtm=45je34q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JL4WNPXLQ8&cid=48352262.1682689534&gtm=45je34q0&aip=1&z=1940381867
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-19394023-9&cid=48352262.1682689534&jid=1119061951&_u=YGBAgEABAAAAAEAEK~&z=249149393
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-19394023-9&cid=48352262.1682689534&jid=1119061951&_u=YGBAgEABAAAAAEAEK~&z=249149393
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
all-grid.js
api.popin.cc/searchbox/ 		212 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/all-grid.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
4b6cf1c7c2be57da3aaf34a3fecd3c6b9002672bdc6fa4cd73100739a288c34c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
x-amz-version-id
8rVllIS.V5AEfecIwuGk2OyBOhG9Wl8Q
Content-Encoding
gzip
Last-Modified
Tue, 17 Jan 2023 11:59:49 GMT
Server
nginx
ETag
W/"bb8454192c483dbc028ce6fe70929d96"
X-Cache-Status
HIT from 10.252.55.26
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:35 GMT
os-player.js
cdn.bluebillywig.com/apps/player/20230417.111726/ 		786 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20230417.111726/os-player.js
Requested by
Host: pubmatic.mainroll.com
URL: https://pubmatic.mainroll.com/a/vcbl_grid_always_float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2800:16:d4d3:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a99b8eb40b91718c44d7791e97ce94d44fd07fd29b377b8a33e178f3987073a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 11:20:52 GMT
x-amz-version-id
gjrWzJCeTSS3iJ2Z8yc6IJ72RfB2goeI
content-encoding
br
x-content-type-options
nosniff
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C1
age
959083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Apr 2023 11:18:22 GMT
server
AmazonS3
etag
W/"4c23f0e5a3d2ebb21c3f98bab7d36224"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=1209600
x-amz-cf-id
WQ5GKXeHg3wW3movHcoi1YkJdv4lyILa6rp2sGvLvtIlSc-LJusEKg==
generic.js
pubs.contextads.live/kgm/grid/grid/ 		441 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pubs.contextads.live/kgm/grid/grid/generic.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:fc00:a:5b2c:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa343248b191d3a84f8a769251349eea96fe41aeaf7931398f6b13e3d86ce02d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 05:14:35 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Wed, 28 Dec 2022 11:45:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30660
x-amz-server-side-encryption
AES256
etag
"5c2ef72d823d43bee0d6d2c34fda9c29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
441
x-amz-cf-id
OBYcRRYCheqjTWz_38J6YbgAJhlhA7l3XENQstDKU5YLa_ljiN4wWw==
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:41:35 GMT
x-content-type-options
nosniff
age
511439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 15:41:35 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600|Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:29:29 GMT
x-content-type-options
nosniff
age
504965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:29:29 GMT
grid.id.1323625.es6.js
jsc.mgid.com/g/r/ 		257 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5702531ed489db7b6b59902ceae31e57ef74890aedcc4d4b1abc348dd723d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
x-amz-version-id
C8bNGtBVPQseFesKreCJzJ64cfzGqOio
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
86CCZ4KFR4DB454Q
age
6594
cf-polished
origSize=263524
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
oIH9JsFWTSMTx49kjg2ETtReFRRgqZMA9o+3a913/DvIDck7icpB1qOw3YpZFJftwKBKSz9Sz/q9GDlwOdJUJA==
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 07:40:50 GMT
server
cloudflare
etag
W/"201131a31710433dc0ff8b34a8f7e786"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7befbf190b6735fa-FRA
expires
Fri, 28 Apr 2023 16:45:34 GMT
aGVhbHRoLmdyaWQuaWQ=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/aGVhbHRoLmdyaWQuaWQ=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:34 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=34243
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
2cc732672f48100e887be1844ec2b389
Content-Length
15
Expires
Fri, 28 Apr 2023 23:16:17 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sun, 28 May 2023 13:45:34 GMT
date
Fri, 28 Apr 2023 13:45:34 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
38170-452842-ydNrect.jpg
i2.mixadvert.com/8174/38170/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.mixadvert.com/8174/38170/38170-452842-ydNrect.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.50.243 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
i2.mixadvert.com
Software
nginx/1.23.2 /
Resource Hash
c00baa2126271ea1117a6f5efa92d019c02261d076d306c9abf134ae84c13736
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 10 Apr 2023 11:10:04 GMT
Server
nginx/1.23.2
ETag
"6433ee8c-1304e"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77902
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-452841-tD5rect.jpg
i2.mixadvert.com/8174/38170/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.mixadvert.com/8174/38170/38170-452841-tD5rect.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.50.243 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
i2.mixadvert.com
Software
nginx/1.23.2 /
Resource Hash
06da785813fb88fa53aa264bdc972cff651b0ab447fea11d0bca4a2794678739
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 10 Apr 2023 11:09:17 GMT
Server
nginx/1.23.2
ETag
"6433ee5d-c2bf"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49855
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-452833-f2yrect.jpg
i2.mixadvert.com/8174/38170/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.mixadvert.com/8174/38170/38170-452833-f2yrect.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.50.243 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
i2.mixadvert.com
Software
nginx/1.23.2 /
Resource Hash
19ebfb26fb44c94f1e79d680192b2f4524a1c0a6373378cd342586b4e8b2f16f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 10 Apr 2023 11:03:53 GMT
Server
nginx/1.23.2
ETag
"6433ed19-9719"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38681
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-452835-Sb1rect.jpg
i2.mixadvert.com/8174/38170/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.mixadvert.com/8174/38170/38170-452835-Sb1rect.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.50.243 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
i2.mixadvert.com
Software
nginx/1.23.2 /
Resource Hash
b9097a92dc58b6cd3880cff2f7277a3c9b76684e5096054b185163eaf48293be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 10 Apr 2023 11:04:11 GMT
Server
nginx/1.23.2
ETag
"6433ed2b-b53a"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46394
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-452839-F7drect.jpg
i2.mixadvert.com/8174/38170/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.mixadvert.com/8174/38170/38170-452839-F7drect.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.50.243 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
i2.mixadvert.com
Software
nginx/1.23.2 /
Resource Hash
f2143dd73b717eeb668e7a10162553dfde18d8faa3b96f30ef67f9a78c4a6f85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 10 Apr 2023 11:06:56 GMT
Server
nginx/1.23.2
ETag
"6433edd0-9429"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37929
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-447162-3EKrect.jpg
i2.mixadvert.com/8174/38170/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.mixadvert.com/8174/38170/38170-447162-3EKrect.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.50.243 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
i2.mixadvert.com
Software
nginx/1.23.2 /
Resource Hash
032f8bc8c097a8a75e34561fd18a4bfde7c48eafd5deb9584838a9a1ef8de155
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 04 Aug 2022 08:12:07 GMT
Server
nginx/1.23.2
ETag
"62eb7f57-7f55"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32597
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
mixadvert.com/resources/views/static_page/en/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/resources/views/static_page/en/img/logo.svg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
0c688d8ded0bccd109fbff45983684ba602af9a692302b75de61980c069c6cae
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Sun, 04 Dec 2022 12:01:08 GMT
Server
nginx/1.12.1
ETag
"638c8c04-179d"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6045
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600|Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:11:38 GMT
x-content-type-options
nosniff
age
491636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 21:11:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600|Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
544970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:22:44 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-93462315-18&cid=48352262.1682689534&jid=1434814257&gjid=2128766873&_gid=1569870539.1682689534&_u=YGDAiEABBAQCAEAEK~&z=437483619
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 28 Apr 2023 13:45:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1322728739&t=pageview&_s=1&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&ul=en-us&de=UTF-8&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAQCAEAEK~&jid=1434814257&gjid=2128766873&cid=48352262.1682689534&tid=UA-93462315-18&_gid=1569870539.1682689534&gtm=45He34q0n81526569C&cd1=Health%20Update&cd2=Health%20News%20Today&cd3=telepon%2C%20kemenkes%2C%20penipuan%2C%20waspada%2C%20kementerian%20kesehatan%2C%20hoaks%2C%20vaksin%20Covid-19%2C%20vaksinasi%20Covid-19%2C%20status%20vaksinasi%20Covid-19&cd4=Nikita%20Yulia%20Ferdiaz&cd5=Gazali%20Solahuddin&cd6=2021-09-20%2014%3A30%3A00&cd7=&cd8=Standard&cd9=&cd10=332&cd12=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&cd13=8455&cd14=2021&cd15=9&cd16=20&cd17=&cd19=0&cd23=164&cd24=telepon%2C%20kemenkes%2C%20penipuan%2C%20waspada%2C%20kementerian%20kesehatan%2C%20hoaks%2C%20vaksin%20Covid-19%2C%20vaksinasi%20Covid-19%2C%20status%20vaksinasi%20Covid-19&z=1300249483
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 21:56:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56915
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cads-generic.min.js
cdn.contextads.live/publishers/ 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contextads.live/publishers/cads-generic.min.js
Requested by
Host: pubs.contextads.live
URL: https://pubs.contextads.live/kgm/grid/grid/generic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:da00:1:420f:ab00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
630769985f89ffa7c93f5b14f2172a5d9254602532699b23e0830bfbfda9b337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 09:28:56 GMT
content-encoding
gzip
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 09:28:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
15402
x-amz-server-side-encryption
AES256
etag
W/"27d51dee79dec63fb755a2433e370537"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
mRi_PiuVcxqeCvzUt-vtBMaAF3jtjb1g4NcoJ5o5QfHQ3Ax5RSJBMA==
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 09:30:23 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA6-C1
age
15312
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
YmjiD_eii4CMGyDlpzj2BToCdALeEc3g6t-_Cgxq_wf1BOIVDXtgxg==
expires
Fri, 28 Apr 2023 21:30:23 GMT
ima3.js
s0.2mdn.net/instream/html5/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/html5/ima3.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20230417.111726/os-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:45:35 GMT
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b7c880bf198b4d549fb99802e192c551a07dd7faf9b5c1d73da6362974898044
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e4ec47ff-5073-45c0-80b8-7655223bc1ad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=98375596473
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		156 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a78bbd7192e549a2214a6f47a7594a2a580ddbe7ce53b4935c72023de6dbf717
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:35 GMT
AN-X-Request-Uuid
3b227b19-aebd-4d24-add2-cb2821be9564
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=79468614652
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cef0463aa11a4b36027f7698c218ea8f8427acb57087016c82bee242732036fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0433da50-d251-4241-8312-63d0836e119b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=92476316513
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
63d3ca66f82e13b0878a462965897746b9c39abb685fc022f1da615654ecb5f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1514221b-ffef-48c0-a9b4-52beafc1b793
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=72409915559
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		156 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
40a68e41bee33b3de01d5e366b4967bd061b5c649aca000a48d491413fdfb7c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:35 GMT
AN-X-Request-Uuid
dbf7d341-efe7-44e1-bb3c-0efdfa563dbd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=45849834812
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a26ed7e6d120d13306933dce863ec9db55532263c7ae37a29ab02dc2e41d236a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0f742ab9-901e-4fbb-8e12-7aec8a3cdcd8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		271 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=424050&zone_id=2843510&size_id=15&alt_size_ids=14%2C19%2C16%2C117&p_pos=atf&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&p_screen_res=1600x1200&rp_floor=0.09388399999999998&rp_secure=1&slots=1&rand=0.029258039524811208&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
69db46220d7044b46e129a69b0e3ad94ab0bd4ecf5e82369e969ed936c5e2618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
271
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=65950706225
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a17ebe790c0dc8c46de3a4ceb23215091877052c5b99a6a2f9cc746055326072
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ee846b94-d2a2-45f8-beb8-af697fd9ceb5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=424050&zone_id=2843512&size_id=55&alt_size_ids=2&p_pos=atf&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&p_screen_res=1600x1200&rp_floor=0.09388399999999998&rp_secure=1&slots=1&rand=0.8655390555975182&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4816e7551f3c0bcaf0bf31c6af27d9197c2677eab98b4e8b8cc9414cbe5cd814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=34141280982
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa432040ba5c13d5e931c699e258f9fbbffd5276c6463e306473bbb15efc52cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
33f36fb5-40c9-4566-ac93-2ef49919a9f3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=424050&zone_id=2843514&size_id=8&alt_size_ids=5&p_pos=atf&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&p_screen_res=1600x1200&rp_floor=0.09388399999999998&rp_secure=1&slots=1&rand=0.5073523607447548&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4af86d66ea8ef25309ec95a02719bd7ec6f1dc9e36b76ba00809354844bf88f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
259
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=61261189053
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
openbid.pubmatic.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://health.grid.id
Date
Fri, 28 Apr 2023 13:45:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.228 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5a04990cb63f275870ed0a1babc05118813d72097e39c18fa7b62a38bd0f23d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Apr 2023 13:45:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
684e92c7-4142-4d55-9b14-4d1318320f02
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=424050&zone_id=2843516&size_id=8&alt_size_ids=5&p_pos=atf&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&p_screen_res=1600x1200&rp_floor=0.09388399999999998&rp_secure=1&slots=1&rand=0.402383400653318&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b533bd354791c2cca309a4777f0cd0186c5b7194bc73bec261ae9250d3e0b9d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
259
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=24784994627
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
8d416104-3375-4fc5-8d92-1846f2549f50
https://health.grid.id/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://health.grid.id/8d416104-3375-4fc5-8d92-1846f2549f50
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
c6742c97-fec1-47b5-82b6-951f2fee3751
https://health.grid.id/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://health.grid.id/c6742c97-fec1-47b5-82b6-951f2fee3751
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
stats.mainroll.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22jTR5KmA4Hx7w%22%2C%22%3C%2d%22%5D&ts=%5B1682689535104%2C1682689535105%5D&pp=%5B%22pubmatic%22%2C%22%3C%2d%22%5D&ev=%5B%22xst%22%2C%22it%22%5D&id=%5B%22AIt6fpTBiz53%22%2C%220%22%5D&et=%5B%22Session%22%2Cnull%5D&cid=%5B%220%22%2Cnull%5D&xu=%5B%22https%3A%2F%2Fhealth.grid.id%2Fre~~00~~%2F352900082%2Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan%22%2C%22%3C%2d%22%5D&xr=%5B%22%22%2C%22%3C%2d%22%5D&pt=%5B%22%5Buntitled%5D%22%2C%22%3C%2d%22%5D&aup=%5B%221%22%2C%22%3C%2d%22%5D&aum=%5B%221%22%2C%22%3C%2d%22%5D&aul=%5B%220%22%2C%22%3C%2d%22%5D&sn=%5B1%2C2%5D&vu=%5Bnull%2C%22034BD662%2d9FE5%2d4859%2d9C04%2d8909188574A5%22%5D&pv=%5Bnull%2C%226.x%22%5D&ct=%5Bnull%2Cnull%5D&pd=%5Bnull%2Cnull%5D&vs=%5Bnull%2C%22n%2Fa%22%5D&rs=%5Bnull%2C%221600x1200%22%5D&fs=%5Bnull%2C%220%22%5D&mt=%5Bnull%2C%22mainroll%22%5D&du=%5Bnull%2C0%5D&ut=%5Bnull%2C%22commercial%22%5D
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
w0HdSB8hmKV4Xzx9N9ta6BRM3Sp8j8wiIDcWg-PUGY85bG_Y_rxP3w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
as.innity.com/synd/ 		2 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1682689535458&ver=2&hb=1&output=js&pub=394&zone=69191&url=https%253A%252F%252Fhealth.grid.id%252Fread%252F352900082%252Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=2633c704d1d217&auction=917e3150-4eb1-4bb8-92d3-d268513e0012
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:36 GMT
Last-Modified
Fri, 28 Apr 2023 13:45:36 GMT
Server
Apache
Access-Control-Max-Age
86400
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://health.grid.id
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Length
2
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
as.innity.com/synd/ 		2 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1682689535458&ver=2&hb=1&output=js&pub=394&zone=93830&url=https%253A%252F%252Fhealth.grid.id%252Fread%252F352900082%252Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=39694615308e5c&auction=917e3150-4eb1-4bb8-92d3-d268513e0012
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:36 GMT
Last-Modified
Fri, 28 Apr 2023 13:45:36 GMT
Server
Apache
Access-Control-Max-Age
86400
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://health.grid.id
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Length
2
Expires
Sat, 03 Sep 1983 02:00:00 GMT
bid
ad2.apx.appier.net/v1/prebid/
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=DKDJGy4EDKytspToAc5LZA
0
0
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686?src_sys=prebid
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 28 Apr 2023 13:45:35 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.003050
X-SpotX-Timing-Transform
0.000308
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.003050
X-SpotX-Timing-Page-Require
0.000321
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002580
X-fe
013
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.007527
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Fri, 28 Apr 2023 13:45:35 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://health.grid.id
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000919
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282227
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282227?src_sys=prebid
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Require
0.000303
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.005626
Pragma
no-cache
X-spotx-Exception-conf-RESULT
failure
Content-Type
application/json
Access-Control-Allow-Origin
https://health.grid.id
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
X-SpotX-Timing-Page-Exception
0.000028
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000021
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Date
Fri, 28 Apr 2023 13:45:35 GMT
X-spotx-Exception-0-Message
Halting market due to channel or publisher being disabled
X-SpotX-Timing-Transform
0.000375
X-SpotX-Timing-SpotMarket-Primary
0.002086
X-SpotX-Timing-SpotMarket
0.002086
X-spotx-Exception-0-ID
MARKET_HALTED
X-SpotX-Timing-Page-Misc
0.001734
X-fe
007
X-spotx-Exception-conf-ID
SPOTMARKET.CHANNEL_NOT_ENABLED
X-SpotX-Timing-Page-Context
0.000247
Last-Modified
Fri, 28 Apr 2023 13:45:35 GMT
Server
nginx
X-spotx-Exception-conf-Message
Affiliate ID '282227' is not enabled.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000829
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966?src_sys=prebid
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 28 Apr 2023 13:45:35 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002385
X-SpotX-Timing-Transform
0.000350
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002385
X-SpotX-Timing-Page-Require
0.000300
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001826
X-fe
115
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.005982
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000258
Last-Modified
Fri, 28 Apr 2023 13:45:35 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://health.grid.id
X-SpotX-Timing-Page-Exception
0.000027
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000010
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000820
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967?src_sys=prebid
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Fri, 28 Apr 2023 13:45:35 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002258
X-SpotX-Timing-Transform
0.000348
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002258
X-SpotX-Timing-Page-Require
0.000384
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001719
X-fe
141
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.005890
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000278
Last-Modified
Fri, 28 Apr 2023 13:45:35 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://health.grid.id
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000021
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000862
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137?src_sys=prebid
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Require
0.000354
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.005286
Pragma
no-cache
X-spotx-Exception-conf-RESULT
failure
Content-Type
application/json
Access-Control-Allow-Origin
https://health.grid.id
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
X-SpotX-Timing-Page-Exception
0.000022
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Date
Fri, 28 Apr 2023 13:45:35 GMT
X-spotx-Exception-0-Message
Halting market due to channel or publisher being disabled
X-SpotX-Timing-Transform
0.000322
X-SpotX-Timing-SpotMarket-Primary
0.001745
X-SpotX-Timing-SpotMarket
0.001745
X-spotx-Exception-0-ID
MARKET_HALTED
X-SpotX-Timing-Page-Misc
0.001697
X-fe
083
X-spotx-Exception-conf-ID
SPOTMARKET.CHANNEL_NOT_ENABLED
X-SpotX-Timing-Page-Context
0.000282
Last-Modified
Fri, 28 Apr 2023 13:45:35 GMT
Server
nginx
X-spotx-Exception-conf-Message
Affiliate ID '282137' is not enabled.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000848
hbpost
hb.jixie.io/v2/ 		62 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.238.107.108 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-110-238-107-108.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
8f890e4c8d8fc78ad8cac463eecfe9e6b6e3e6e160f9641408e9bb4210362a3f

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:36 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"3e-LwK4gZENpikoL0gGSYp9vg7bE94"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=450353
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992801366895c2ca81680632c761f7bd76658d26dc047139983f0d6147d4827

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PytmvhSXny8Jn%2BINyFGfE7IY3RJFQHtNTgPluORjzmWvcP0JF6yTsYabJTzfJp6om6jTPdPh4Rr8w9qFObwyPzsy8GENfEenkDqSvUPAv%2FpsovQ3KQIRuompAv7k2nNw8fcDXJSo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://health.grid.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7befbf1e4af59a15-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=450353
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992801366895c2ca81680632c761f7bd76658d26dc047139983f0d6147d4827

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GMY66qUnI%2FOYghSHS%2Fvp2fMQ5B2IuUM2NHnLixy1WJh0frCfmSME1iFm7QpEtpI0ppwtMyShvpHorAiZrytLYpxKoqDNNlUr9dof2Ewj%2B24AAEkl%2FtJ6kn9SK5jvPIh5dyc9wFP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://health.grid.id
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7befbf1e4af89a15-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.31.0&referrer=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&tmax=2000
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.121.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-121-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.31.0&cb=85569746452&lsavail=1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Apr 2023 13:45:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
arj
kompascybermedia-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e1c1ebc5-9b19-4c4d-9021-35f20df0f885%2Cebb009c3-d8a3-47fd-b547-c8df4ca54185%2C4989871b-d7ad-4dd1-8e57-36d5c01313f4%2C75eb3ff1-5f5d-426d-af85-e4c7c82b0cf7%2C0b37fe8e-ccc6-4a50-8223-86c26e0663e8%2C7fce6148-5f40-41c4-9152-041d5de1cf9a%2Cfcebf566-5eb7-4be0-b770-784724f2d4ef%2C91ad6986-1ff9-4441-ac53-cc49dcbd698f%2C459b58cc-042d-4e4a-a228-835a874446d0%2C57260dad-d110-44b5-9600-8ac074dd657e&nocache=1682689535519&ttduuid=&aus=970x90%2C970x250%7C300x600%7C300x250%7C468x60%2C1100x50%7C300x250%2C300x100%7C300x250%7C728x90%2C468x60%7C100x550%2C120x600%2C100x650%7C100x550%2C120x600%2C100x650%7C160x600%2C120x600&divids=div-gpt-ad-head-banner%2Cdiv-gpt-ad-giant%2Cdiv-gpt-ad-MR3%2Cdiv-gpt-ad-bottom-frame%2Cdiv-Inside-MediumRectangle%2Cdiv-gpt-ad-below-comment%2Cdiv-gpt-ad-below-photo%2Cdiv-gpt-ad-skin-left%2Cdiv-gpt-ad-skin-right%2Cdiv-gpt-ad-skyscrapper&aucs=%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH%2Cdiv-gpt-ad-below-comment%2C%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH%2C%252F31800665%252FGRIDHEALTH&auid=540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968&aumfs=0%2C270%2C270%2C0%2C0%2C270%2C0%2C0%2C0%2C0
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0da309d2da02823e8895c23d2027acf0a07d49ba4efe2ae142f0ad9b467a3014

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://health.grid.id
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg8.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.grid.id
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		485 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434066&zone_id=2484252&size_id=55&alt_size_ids=57&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&kw=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementeriankesehatan%2Choaks%2CvaksinCovid-19%2CvaksinasiCovid-19%2CstatusvaksinasiCovid-19&tg_i.page=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&tg_i.domain=health.grid.id&tg_i.pbadslot=%2F31800665%2FGRIDHEALTH&tk_flint=pbjs_lite_v7.31.0&x_source.tid=e1c1ebc5-9b19-4c4d-9021-35f20df0f885&l_pb_bid_id=94bfc87130ecc54&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FGRIDHEALTH&slots=1&rand=0.6897547987294859
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fc12ea0f13ccbf067370db395a3d6562d863cf832fdcc8a030386a656a9b5aab

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
485
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		465 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434066&zone_id=2484254&size_id=10&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&kw=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementeriankesehatan%2Choaks%2CvaksinCovid-19%2CvaksinasiCovid-19%2CstatusvaksinasiCovid-19&tg_i.page=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&tg_i.domain=health.grid.id&tg_i.pbadslot=%2F31800665%2FGRIDHEALTH&tk_flint=pbjs_lite_v7.31.0&x_source.tid=ebb009c3-d8a3-47fd-b547-c8df4ca54185&l_pb_bid_id=9517b4f02cf418e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.27&rp_maxbids=1&p_gpid=%2F31800665%2FGRIDHEALTH&slots=1&rand=0.25371658435823385
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
668daf4f00c81c3d83f7c833c332e247aab6c8b20ce28d9d428376e8d09a6f3a

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		465 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434066&zone_id=2484256&size_id=15&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&kw=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementeriankesehatan%2Choaks%2CvaksinCovid-19%2CvaksinasiCovid-19%2CstatusvaksinasiCovid-19&tg_i.page=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&tg_i.domain=health.grid.id&tg_i.pbadslot=%2F31800665%2FGRIDHEALTH&tk_flint=pbjs_lite_v7.31.0&x_source.tid=4989871b-d7ad-4dd1-8e57-36d5c01313f4&l_pb_bid_id=96a1fdac1302f26&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.27&rp_maxbids=1&p_gpid=%2F31800665%2FGRIDHEALTH&slots=1&rand=0.35599454271568987
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
03638bc68faebcc4acaef8cf76412ca41eeb1747d5c8242dd86a020c8344aa82

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		464 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434066&zone_id=2484260&size_id=2&alt_size_ids=1&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&kw=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementeriankesehatan%2Choaks%2CvaksinCovid-19%2CvaksinasiCovid-19%2CstatusvaksinasiCovid-19&tg_i.page=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&tg_i.domain=health.grid.id&tg_i.pbadslot=%2F31800665%2FGRIDHEALTH&tk_flint=pbjs_lite_v7.31.0&x_source.tid=fcebf566-5eb7-4be0-b770-784724f2d4ef&l_pb_bid_id=972db90b37e018&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FGRIDHEALTH&slots=1&rand=0.638314700520414
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7df1c5befd2f9b8b9128bda00128b9a8105f006e6758a52fa67b25d9018b1a81

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
464
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		483 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434066&zone_id=2484262&size_id=9&alt_size_ids=8&rf=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&kw=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementeriankesehatan%2Choaks%2CvaksinCovid-19%2CvaksinasiCovid-19%2CstatusvaksinasiCovid-19&tg_i.page=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&tg_i.domain=health.grid.id&tg_i.pbadslot=%2F31800665%2FGRIDHEALTH&tk_flint=pbjs_lite_v7.31.0&x_source.tid=57260dad-d110-44b5-9600-8ac074dd657e&l_pb_bid_id=989e7af6247c2e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F31800665%2FGRIDHEALTH&slots=1&rand=0.3797546917361281
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29892863ed6a43bcac89e06a2f3632b5df38395232accc6bc953bc2868376c80

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
483
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://health.grid.id
date
Fri, 28 Apr 2023 13:45:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://health.grid.id
date
Fri, 28 Apr 2023 13:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.31.0&cb=31728381821&lsavail=1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid-request
a.teads.tv/hb/ 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 28 Apr 2023 13:45:35 GMT
/
stats.mainroll.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sid=%5B%22jTR5KmA4Hx7w%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ts=%5B1682689535309%2C1682689535319%2C1682689535320%5D&pp=%5B%22pubmatic%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ev=%5B%22xst%22%2C%22xit%22%2C%22xiv%22%5D&id=%5B%22VHJN231y83pD%22%2C%22vcbl_grid_always_float%22%2C%22%3C%2d%22%5D&et=%5B%22View%22%2C%22~~02~~Unit%22%2C%22%3C%2d%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&pid=%5B%22AIt6fpTBiz53%22%2C%22VHJN231y83pD%22%2C%22%3C%2d%22%5D&pet=%5B%22Session%22%2C%22View%22%2C%22%3C%2d%22%5D&fs=%5B%220%22%2Cnull%2Cnull%5D&xu=%5B%22https%3A%2F%2Fhealth.grid.id%2Fre~~00~~%2F352900082%2Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan%22%2Cnull%2Cnull%5D&xr=%5B%22%22%2Cnull%2Cnull%5D&pt=%5B%22%5Buntitled%5D%22%2Cnull%2Cnull%5D&iet=%5B%22default%22%2Cnull%2Cnull%5D&ut=%5B%22commercial%22%2Cnull%2Cnull%5D&hn=%5B%22health.grid.id%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sn=%5B3%2C4%2C5%5D&ap=%5Bnull%2C%22inarticle%22%2C%22%3C%2d%22%5D
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
5HvgbJf6j1eMe_6ALPNBE5Dgu3KoRGcYBplzvOqlxY0oILXhgCvFIQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689535342&pp=pubmatic&ev=xit&id=vcbl_grid_outstream_desktop_always_float&et=LineItem&cid=0&pid=vcbl_grid_always_float&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D%5Bplayerheight%5D%26vw%3D%5Bplayerwidth%5D%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3D%5Burl%5D&hn=health.grid.id&sn=6
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:35 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
R313lec3j0dpYqtMrlmZAT-rsRsIbcMziR3tsdC1JJ0_pzgvGyqcQQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1682689535699&sessionId=236ce64e-0754-dada-a77e-51475500cf57&url=health.grid.id&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
cf08170b299957880503eaf823c86634
Content-Length
4
Expires
0
get
mv.outbrain.com/Multivac/api/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&idx=0&rand=199&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&clid=236ce64e-0754-dada-a77e-51475500cf57&fdu=health.grid.id&px=445&py=2543&vpd=1343&cw=570&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=1&version=2010278&sig=61Vbsh4v&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a271d0e5892d3a0e1635af56f4922c653f51e0611372dd5e00a1e89c77209d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1682689536.934274,VS0,VE329
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21982-LGA, cache-fra-eddf8230043-FRA
x-traceid
c002c876db8d16fe2cb0044115c37d70
accept-ranges
bytes
content-length
10750
expires
Thu, 01 Jan 1970 00:00:00 GMT
grid.config.min.js
cdn.contextads.live/publishers/grid/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contextads.live/publishers/grid/grid.config.min.js
Requested by
Host: cdn.contextads.live
URL: https://cdn.contextads.live/publishers/cads-generic.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:da00:1:420f:ab00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
347ca7212d60810aac86cb5e7ecd7a73c9899a41442b55e35e0f59460e4bb832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:13:56 GMT
content-encoding
gzip
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Wed, 15 Feb 2023 09:07:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
24621
x-amz-server-side-encryption
AES256
etag
W/"c9d0daec9f2cb7040d1e146e56014199"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xwHUqicYwsHK8L6c0y_FSNuvoY7egAOtY9p1eO4MHsnpXUifOm_-AA==
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=94922901960610095120027051521171836169379001252495515010609523890771&nc=0&tsf=0&tsfmi=&pv=0&cb=1682689535989&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=877850576&at=&bid=e30%3D&di=W1siZWYiLDQ2MzddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MTMsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozMjAy%0D%0AODg0Mzg5LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCIxNixlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVC%0D%0ASEpMODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yv%0D%0Acjg3MHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJi%0D%0AcGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0i%0D%0AXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcImtleXdvcmRzXCIsXCJv%0D%0AZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6%0D%0AZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4w%0D%0AMDh9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0x%0D%0AOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiNDgzNTIyNjIuMTY4MjY4%0D%0AOTUzNCJdLFstMjEsIjYxVmJzaDR2Il0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxb%0D%0ALTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NDQ3MDAwMDAsXCJ1amhzXCI6Mzcz%0D%0AMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LDAsXCI0Z1wiLG51bGxdIl0s%0D%0AWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAs%0D%0AMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJd%0D%0ALFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2ODI2ODk1MzU5NDksMF0iXSxbLTM2LCJbXCI0%0D%0ALzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImwsLTEsLTEsMCwwLDEs%0D%0AMCwzNCwxODAsNzU5LC0xNjgyNjg5NTMzODgzLDAsMTIxNi4xLDEyMTYuMSwzMDQ1LDMwNDYiXSxb%0D%0ALTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixu%0D%0AdWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQy%0D%0ALCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIw%0D%0ALDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRu%0D%0ALGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwxMDZdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A445%2C%22y%22%3A2748%2C%22w%22%3A570%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=NZkS7DU9jP&sdd=%7B%7D&pto=3087
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7cc729d7ef43a35f7c25a0509cf62c2b0ea648281f1ffec43e57740e8bc54db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1725
expires
Fri, 01 Jan 1990 00:00:00 GMT
grid-health.config.min.js
cdn.contextads.live/publishers/grid/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contextads.live/publishers/grid/grid-health.config.min.js
Requested by
Host: cdn.contextads.live
URL: https://cdn.contextads.live/publishers/cads-generic.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:da00:1:420f:ab00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
/
c.mgid.com/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1682689536025784674561&uniqId=0fe24&lct=1682553600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&lu=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&sessionId=644bce00-0dda2&pageView=1&pvid=187c81cb01fa53ec7b2&site=543415&implVersion=11&dpr=1&tfre=2148
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7befbf20ce3835fa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
2a13a28e-0dd6-4346-a109-a2830bafa0ac
https://health.grid.id/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://health.grid.id/2a13a28e-0dd6-4346-a109-a2830bafa0ac
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
4ZA9P7VPAM79SEE5
age
2516
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7befbf20ee6335fa-FRA
expires
Sat, 29 Apr 2023 13:45:36 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YRQRQGQP9DZNZ14S
age
4693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7befbf20ee6235fa-FRA
expires
Sat, 29 Apr 2023 13:45:36 GMT
1
servicer.mgid.com/1323625/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1323625/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1682689536146854177451&uniqId=0fe24&lct=1682553600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=570&h=469&maxw_3=184&maxh_3=204&sz=184x204&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&ref=&cxurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&lu=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&sessionId=644bce00-0dda2&pageView=1&pvid=187c81cb01fa53ec7b2&implVersion=11&dpr=1&tfre=2262
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77409a842a27776bec0eb115ba6baae4ffcfc77eb0971808ddfefb0bde0b5231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7befbf213ec935fa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 2CFE 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:04:22 GMT
expires
Sun, 21 Apr 2024 06:04:22 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:45:36 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.grid.id
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
events.php
log.r2b2.io/ 		10 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&hbDomain=grid.id
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
0b6f7d3163f12bff50d9de3278eaafa8c44d1762120cb9e394600d2fff92b287

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:30 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 13:45:36 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://health.grid.id
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
/
stats.mainroll.com/ 		43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689536244&pp=pubmatic&ev=xls&id=vcbl_grid_outstream_desktop_always_float&et=LineItem&cid=0&pid=vcbl_grid_always_float&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&sdk=GOOGLE_IMA&hn=health.grid.id&sn=7
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-29.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
wQMTHvfoeGlvXePMT5a9hzzAz0gNV_uF3VaA6yVhlGOe9kiw2geTaA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83ODMzODUvZDk0Z...
s-img.mgid.com/g/15949856/492x277/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15949856/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83ODMzODUvZDk0ZWM5YmQxYTM0YTFhMGZhMjM1MmFmZmEzZjFlZTAuanBlZw.webp?v=1682689536-_VsNsIwVKnJvYRJRzWIILHjPSZqCmLLnZrB0SqqVchA
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
455becd139d64a530b9f539876695b132493b27d972a8147440b09c31d7bce41

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
cf-cache-status
HIT
last-modified
Sun, 23 Apr 2023 16:23:33 GMT
x-mg-request-uuid
60623147-4431-46db-9506-0656d622a613
server
cloudflare
age
422497
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf228da918d6-FRA
content-length
12552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zMTY2MzAvOWU0N...
s-img.mgid.com/g/15314465/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15314465/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zMTY2MzAvOWU0NWM5ODU3M2U0MTFkMDU1NTc1ZGUwNGU0Y2Q1MjEucG5n.webp?v=1682689536-5WrCsUbRGCx1_9MEf9Z_8R-HlnXJKHlDDP1j3MkpKq4
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8e286e3fc1e9daf2c95191f8765aa137f574c3602da3cb30f47f6bcf21ce14

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 14:35:18 GMT
x-mg-request-uuid
07a41a52-fa6c-4de1-adec-0a0409ba0cbd
server
cloudflare
age
2761742
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf228daa18d6-FRA
content-length
20386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NTUxOTUvZjNkY...
s-img.mgid.com/g/15993992/492x277/-/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15993992/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NTUxOTUvZjNkY2FhNzZmMDM0NzdlMWRhMjIyZjExMmM5ZGE0ZjQucG5n.webp?v=1682689536-eoybrX4o1sVwCtovfzmh19vtvB3qNnlQMZh1iBx4lSY
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefe0bc1bc1c6d4fe06f07c40d6c4dfec463f1c4874c78bce9efe0ef1aaa8315

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Apr 2023 10:33:41 GMT
x-mg-request-uuid
08510551-5fb8-491a-850b-a8879d930111
server
cloudflare
age
196090
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf228dad18d6-FRA
content-length
14612
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NDI1MzAvYzE4Z...
s-img.mgid.com/g/16019315/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/16019315/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NDI1MzAvYzE4ZGYzNjJmMTY1NTczOTE1NGYwZWQ2ZDk0YzNiZGYuanBlZw.webp?v=1682689536-v4AIKwUmEKMKb-x0b6wBaXhRlA2qL--ALqKZt0gBbsE
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8099fb062b5dccaf78f56463d3dd7f2c4ff0f76d34617c517eeba08aefbc343

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 06:23:30 GMT
x-mg-request-uuid
8b5c1354-b5d7-4194-8046-8d7112a369fe
server
cloudflare
age
285618
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf228dae18d6-FRA
content-length
11796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NDI2OTcvZDQ4Y...
s-img.mgid.com/g/16059927/492x277/-/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/16059927/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NDI2OTcvZDQ4YzE0N2VlZmNjMzk0ZDdmOTM5MzM2NGQwMzgzOTAucG5n.webp?v=1682689536-avv1JmzDkcjm7XUI1iwKoBvDG_-da7WkqF4ujOiZ-5o
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f6ac0647eb0fea0953a420effa243b4f0426b3975d49d04c59144889ea2df5

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 07:17:00 GMT
x-mg-request-uuid
a3c3d615-af58-4848-aca6-698087e772ec
server
cloudflare
age
23097
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf228daf18d6-FRA
content-length
10508
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
c05f6a1d9189da04d5ed026e4cc6777e.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/599627/ 		251 KB
252 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/599627/c05f6a1d9189da04d5ed026e4cc6777e.mp4?v=1682689536-MuwZtdCDvwhoxqgcxyOXupChsdTX6OfUa1GiueSBer8
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed122527f5517e1c47d06361f58df3a975ea2fb0e60c75b22bb64b391fcf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://health.grid.id/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1327667
Content-Range
bytes 0-257522/257523
server-timing
cld-cloudflare;mitm=c;dur=139;start=2023-04-06T05:39:03.443Z;desc=miss;cloudinary;dur=123;start=2023-04-06T05:39:03.456Z
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
257523
last-modified
Mon, 27 Mar 2023 23:52:28 GMT
server
cloudflare
etag
"b2ab8a78e60174a18154f231c809b2d7"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
7befbf228fb05c0e-FRA
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sun, 28 May 2023 13:45:36 GMT
date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sun, 28 May 2023 13:45:36 GMT
date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a0d27b33c502c5014a827e243f28d0d8_32144_1682689536209&tm=1448&eT=0&widgetWidth=570&widgetHeight=527&widgetX=445&widgetY=3217&wRV=2010278&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=641&oo=true&lo=1260&odbreq=2796&odbres=3436&mvreq=2796&mvres=3436&cet=4g&to=1682689532908&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 28 Apr 2023 13:45:36 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
9e5a2ee48eb1118d92d62bff2b302725
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
clip.js
widgets.outbrain.com/nanoWidget/2010278/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010278/module/clip.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
22c91b997a279af6250017c6f556f9687f490faa1fa4e2b1a1dff72a39d57137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
gzip
content-length
720
last-modified
Wed, 19 Apr 2023 14:00:05 GMT
server
AkamaiNetStorage
etag
"2baaf94285447ac5f662e02fa05a8071:1681915113.588151"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 05 May 2023 13:45:36 GMT
eyJpdSI6IjE0YmY2M2EzMDUxYmJhNDYyMGIxN2ZkMjRhNDhiMjdjNTRhM2Y5OWRlNDJmZTFlYjJjODgwMDUyY2ZlMDZkMzQiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE0YmY2M2EzMDUxYmJhNDYyMGIxN2ZkMjRhNDhiMjdjNTRhM2Y5OWRlNDJmZTFlYjJjODgwMDUyY2ZlMDZkMzQiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Fri, 21 Apr 2023 09:28:16 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=1855721
access-control-allow-credentials
false
x-traceid
b4834323f38dfde4381029b42cf9c6ed
timing-allow-origin
*, *
content-length
234410
eyJpdSI6IjE0YmY2M2EzMDUxYmJhNDYyMGIxN2ZkMjRhNDhiMjdjNTRhM2Y5OWRlNDJmZTFlYjJjODgwMDUyY2ZlMDZkMzQiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		229 KB
230 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE0YmY2M2EzMDUxYmJhNDYyMGIxN2ZkMjRhNDhiMjdjNTRhM2Y5OWRlNDJmZTFlYjJjODgwMDUyY2ZlMDZkMzQiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8562070f0843437db7f5ebd12b884ecc6b5ee8c607beea8a93ce4a50843f8cac

Request headers

Referer
https://health.grid.id/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Fri, 21 Apr 2023 09:28:16 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-234409/234410
cache-control
max-age=1855721
access-control-allow-credentials
false
x-traceid
b4834323f38dfde4381029b42cf9c6ed
timing-allow-origin
*, *
Content-Length
234410
eyJpdSI6ImFhNDEyMzVlNWJlODc1M2UyYmUyYjIwNjE5NzZiN2U5NWUyZjI2NGM2MTg4YThhNjdjNmNmZjlmNDY3NDc2YzAiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFhNDEyMzVlNWJlODc1M2UyYmUyYjIwNjE5NzZiN2U5NWUyZjI2NGM2MTg4YThhNjdjNmNmZjlmNDY3NDc2YzAiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6e67dba822bfb126e761cb43bd577ec245f60c6e222379a1d1144a02e7713ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Wed, 19 Apr 2023 15:07:37 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2374943
access-control-allow-credentials
false
x-traceid
80058150756ffdad67b2adad85b521f5
timing-allow-origin
*, *
content-length
3780
eyJpdSI6IjVlZjM1ZjBlNmI3Y2JlOWU5ODlkNmZkMWI3ODliOWJiZWUxNTEyODRhZjA4YjI1ZmExYWQ0MTZiNDg1OThlNjUiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVlZjM1ZjBlNmI3Y2JlOWU5ODlkNmZkMWI3ODliOWJiZWUxNTEyODRhZjA4YjI1ZmExYWQ0MTZiNDg1OThlNjUiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
369fb34ae20b3e5284e62518b9b1b46f11b2cf50fe7cf0885b4c0aeb082aecfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Wed, 04 Jan 2023 13:54:16 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1904935
access-control-allow-credentials
false
x-traceid
da13508629ba669fde99cf0de99bd8d2
timing-allow-origin
*, *
content-length
5504
eyJpdSI6IjNmNzAwNTFhNmJhZGI3YWE5YTE0YjczNzc5YmYyOGRkYzU5N2MzMzRkNzk1MTMzMDQ0NTMzYzQwYWJiYmJmYmQiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNmNzAwNTFhNmJhZGI3YWE5YTE0YjczNzc5YmYyOGRkYzU5N2MzMzRkNzk1MTMzMDQ0NTMzYzQwYWJiYmJmYmQiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7a0d0b9e4577bbd3528905ef263168d28db4a97ab863f69645eca3a485a0c8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Thu, 09 Mar 2023 06:42:49 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1221317
access-control-allow-credentials
false
x-traceid
ac0a302a7c46eeae1b195552afb2035c
timing-allow-origin
*, *
content-length
6908
eyJpdSI6ImUzNzY1NzBmNDBjMzkzZmRmMTZmMjZlNjg0NDYyMzlhN2IzZDE1MWFmMTQxMDZmMzI2OTQ1OTZiMThkZGYwMWUiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUzNzY1NzBmNDBjMzkzZmRmMTZmMjZlNjg0NDYyMzlhN2IzZDE1MWFmMTQxMDZmMzI2OTQ1OTZiMThkZGYwMWUiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a0a5c5609403e50a964e4b1d8bb6fa4cbc0f15d49ec32e3c5a36b9e9a8a4a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Fri, 07 Apr 2023 08:17:41 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=803272
access-control-allow-credentials
false
x-traceid
f2bf69d896738399469d278e3d407780
timing-allow-origin
*, *
content-length
5162
eyJpdSI6IjBhNGY3M2VkNWExZDViMGVhMWNlNzMyNTIwNGQ3YmViZmY3MjU0YzJmNjdiODEzMjZkYTI1NzIxYzEwODlmNGEiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBhNGY3M2VkNWExZDViMGVhMWNlNzMyNTIwNGQ3YmViZmY3MjU0YzJmNjdiODEzMjZkYTI1NzIxYzEwODlmNGEiLCJ3IjoyODYsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac1bea1a6cd25ab88d6d551a0ce0c4cc217dcf27d10e73b6d0a89a5197ff35ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
last-modified
Fri, 13 Jan 2023 18:06:15 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1996345
access-control-allow-credentials
false
x-traceid
fa2db0fa9675fcfb12bfd4c29a4cd373
timing-allow-origin
*, *
content-length
12506
video
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/video?x=1&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&action=loaded&accountid=fa9afd31c9c8769a7ae23ef3661ac43f&debug=v4.11_
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxvideo.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:36 GMT
Server
elb
X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
shaka-player.compiled.js
ajax.googleapis.com/ajax/libs/shaka-player/3.2.1/ 		384 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/shaka-player/3.2.1/shaka-player.compiled.js
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxvideo.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c8e6eb903aeabcb1b491517b59e0cc3ab67692c9dda9999f728189bcf73177d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125995
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Apr 2024 13:45:36 GMT
mux.js
cdn.jsdelivr.net/npm/mux.js@5.6.3/dist/ 		310 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mux.js@5.6.3/dist/mux.js
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxvideo.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc6d96be7288c37a428bd187ad55083745f84c197413a805a87f700c811325b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5633987
x-jsd-version
5.6.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230079-FRA, cache-jnb7021-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"4d9fd-MBK/uoFdbpYmnvvLqvqbl1OAxZo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BQ%2FEMpOV7yfmUwzZ%2Bnj%2F5CCbZK1nnU7k%2FTIuONgg9cSFCZ%2BI3agJGy6TURh1nIxO36CEJ%2BHQr2NXPM3c9WuzfCI3%2FkvduSCUvEzRxI9H416i6qECDuAIYmsO8tD3%2BauYqlsGKFPGP8%2BIqyIreE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7befbf25581cbc04-FRA
video
apis.kompas.com/api/widget/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/widget/video
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-21.fra56.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
44b9d978568a7ab2c1f21a6502ac72155cd6f1fb92de8b1ad995c3da16a10a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJpdiI6Im85ZEhnNHlqaW03cUdqMXlKam5lelE9PSIsInZhbHVlIjoiT24rRzd6ZVVwSUhGdkZuRzMxQWZyZz09IiwibWFjIjoiNGQwMGE2ODkzZTczZjIyNTNhY2RlNmNlOGIxNGZjZDdhYjRjZmIxOGMwODc2NjgwMjIxY2EwNDAwNmJhYThiYiJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Accept-Encoding, Authorization,Origin
content-type
application/json
access-control-allow-origin
https://health.grid.id
cache-control
private, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
_oi9ngYcZFQlXIQOSFq6YgsqNyxVgMp1UmhpP7WSbFJXn-VGRC_5tQ==
expires
-1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a783b1a6018e7a612f5d0eaeba58b46240cd19fffcbd5a134a260501d4b73ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Apr 2023 13:45:36 GMT
content-md5
cH33MCNq3pVc/KVIKn7QqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
OSHfmI/edeICnjVKBtJkCCBvo6WP7sGY9k2QPOFU67H5ifzOB8GkqoRC+UvVchpmFUqAdWiJf0by84KV6vFwnA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
c3894b2ebdcebebe88cb57ff172d6c45
cross-origin-opener-policy
same-origin-allow-popups
etag
"7c20ee511d7818bca99c2e85b139f49f"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:47:46 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1682689536710&sessionId=236ce64e-0754-dada-a77e-51475500cf57&url=health.grid.id&cheqSource=1&cheqEvent=2&responseTime=1710
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
f06fa10360bbf65def061d38ec210240
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001362ecc13de342899b9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604289e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1a08f77f6aae91117aefdafa64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e8f08fbbb64a2ef17cb7b2a97f5435e8d06592e643b5114407d75e5a87d4d49881b2c527df21d6deedc85ec54d5814aa5f0ddbcec21a24d3b973a855b6c51ac32cf57e424f019a63e40ed8c4fc78eb836a934aa7c19ccc7780191c2df759175d684332c2bc68b209dfcaca34a29d63b0c17b8ad9bbac2fd5e0aa59656c8bff1152dcb90e480ff8a3f538e07fc1f70fbabb33f138f175d010c95286f37f9e4476a7f78f3560793957370a550af1b4d1398c59e206531e70a6f01ec2c5494fb7e99debe73d86f0a3adc5b8fea51a527cae19dff61c3fdd5e38448f3c036c38af2afd274099ba9f719672837099a12dd1aa4fcc2a4c7e7e10761280d2a6872e713e9b045894d1dea7b3c855199db3b4618bc9737ac4cf143c6de58cda5025ab3a86599f06fe399b10b6d401aba838f0effdc0845530fdea3a7f9033f79fbaaf0a8e2f615443c12a300ff4fd1bd6b243d893df8a11989b95704e254dbe70&cb=1682689536710&cri=NZkS7DU9jP
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
video
apis.kompas.com/api/widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/widget/video
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-21.fra56.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://health.grid.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://health.grid.id
access-control-max-age
0
cache-control
private, must-revalidate
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
-1
mail-subject
Join_via_header
pragma
no-cache
server
nginx
vary
Origin
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
we-hiring
jobs@kompas.com
x-amz-cf-id
ut7sP3xsxbGfB1VXKViTJj_nY8l_ur5AyCpjkzrdRzHrnCx6QTRl1w==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-powered-by
PHP/7.3.28
x-xss-protection
1; mode=block
bundle.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		289 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:8::c16c:9913 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f64a10fdf4f618b0727ea45a8b6a4136c62f6ffaaf7a8b7eaf4fd162be1757d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:36 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
LHR61-P2
x-amz-server-side-encryption
AES256
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
81694
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 23 Mar 2023 11:46:01 GMT
Server
AmazonS3
ETag
W/"ec85d79469446bbe18772a40803cea87"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
MgyPFtE-5y1u7IPqz8Pi5rwxeLET5CCs0_i8plyK0273qt0OhlqpFg==
health-Grid-Health-health-logo.png
asset-a.grid.id/new_image/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/new_image/health-Grid-Health-health-logo.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8a41d8ecc60bc823f710be5f41f4c6ec128c644d56d78c3366d621937b7b61bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 17:55:39 GMT
x-amz-version-id
UEZcm95q4s2UzGEZa4AIb5DoHIgNEN2g
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jan 2021 07:51:05 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
1972197
etag
"9693fcb143b9cd2d6e8cef99b58a55b2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11587
x-amz-cf-id
TBbDjyRxmR7KPepH3FD2obZIEtiudJ1t_XDGMrggBmA15J7wAY6w7A==
expires
Thu, 04 Apr 2024 17:55:39 GMT
inline_image_previewjpg-20210920013139.jpg
asset-a.grid.id/crop/0x0:0x0/700x465/photo/2021/09/20/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/700x465/photo/2021/09/20/inline_image_previewjpg-20210920013139.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
01673a661f91f390ccf8fce73499126259f9fec05dc8aa8ad1377556e0aee6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 03:07:55 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
124660
etag
"b6514c8723865c07bf302e741c076165300f1b58"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
29785
x-amz-cf-id
u7eIdrJ7nEVIz6mEN5sDUOJoCjqlj15hk79mD6Yt__UNpMlouUQv5A==
expires
Fri, 26 Apr 2024 03:07:55 GMT
picsart_23-04-26_15-08-05-652jp-20230426032709.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/04/26/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/04/26/picsart_23-04-26_15-08-05-652jp-20230426032709.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4fbe7f87aa340de13baffd8b52770877e5c29dcb9e49bca49e63c16d0048510e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 01:00:44 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
132292
etag
"8ca9f49d261592e5134698cb0d86f2036feb4647"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2744
x-amz-cf-id
e2IdilQP31QirBxoUh1MoGdowWnk2tskgobBR5gcTTy4h6uGXRPkJQ==
expires
Fri, 26 Apr 2024 01:00:44 GMT
7jpg-20230222121349.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/02/22/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/02/22/7jpg-20230222121349.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e290dc1c1687754eb993a52f862922cc66e154f394ce48500901c4969c1e0303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 01:09:08 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
45388
etag
"59985ec31094cc4f5574408ed422bc60b45ac91c"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2435
x-amz-cf-id
cLo3oIt1ENJXrEVo8tv3QpnvhMWVFgHfdAP-rdjCRYtpkLpe7kiv0g==
expires
Sat, 27 Apr 2024 01:09:08 GMT
pexels-ron-lach-8487215jpg-20220622045027.jpg
asset-a.grid.id/crop/935x244:5744x3450/95x95/photo/2022/06/22/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/935x244:5744x3450/95x95/photo/2022/06/22/pexels-ron-lach-8487215jpg-20220622045027.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b2dac81a437ce5b7a50e7b72f37faf10c1ea20da05aec20ca2ba39dc31e0e618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:11:04 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
59672
etag
"7af1346b6947378701adda6425ffd110b362755c"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
5806
x-amz-cf-id
cnj_Xi_z0f-f74-nk7HeGdYmXxvyckddjQILH1viZiNSsRHdchEPow==
expires
Fri, 26 Apr 2024 21:11:04 GMT
whatsapp-image-2023-03-03-at-08-20230303083510.jpeg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/03/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/03/03/whatsapp-image-2023-03-03-at-08-20230303083510.jpeg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
129753303866eab33df3758c24910849b68ac7e287b7a6e7f5f146cc0721270d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:40:27 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
68709
etag
"27ae5633b59014fda4f2719fdc8dc79a44e89943"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2711
x-amz-cf-id
U7CwC1RAJE_yq1P8WGD06Mie2VMkOYntJ2PrkKvHwwYmq927pkwGdA==
expires
Fri, 26 Apr 2024 18:40:27 GMT
biduranjpg-20220817052906.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2022/08/17/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2022/08/17/biduranjpg-20220817052906.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5f749894f6fd95b21acd612b16145be696306cac6956f585a29251513e5434c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 09:48:08 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
100648
etag
"3a22e09ed74ddd12a1cd1493305d387a0c10a73e"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2047
x-amz-cf-id
BCpqg7JDI6M80gNNY8RsH93Tk5JA2WH0obnBSA8ZLJabBFBsRQrpOQ==
expires
Fri, 26 Apr 2024 09:48:08 GMT
komplikasi-kurapjpg-20230106013443.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/01/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2023/01/06/komplikasi-kurapjpg-20230106013443.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6c679157c1362ade788c0289ca8d7ab209684a91d1d9becc9d7d902f58e25ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 12:58:29 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
2827
etag
"50a74f4ee80af7c02099a984e95aa2b76242f153"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2563
x-amz-cf-id
GfnBjt672F3QtvpiFI07nQNKAPl4xg0qkAm2CdfNRBGXUHUN1AcRpw==
expires
Sat, 27 Apr 2024 12:58:29 GMT
osm
content.jixie.io/v2/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.jixie.io/v2/osm?source=osm&unit=1000116-l0qqATjDAK&fixedheight=400&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&pagekeywords=telepon%2C%20kemenkes%2C%20penipuan%2C%20waspada%2C%20kementerian%20kesehatan%2C%20hoaks%2C%20vaksin%20Covid-19%2C%20vaksinasi%20Covid-19%2C%20status%20vaksinasi%20Covid-19&pagetitle=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&maxwidth=570
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxosm.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.8.163.248 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-163-248.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
e01225cb7adfe0fedba2e955c952bdb38594d5f3413acb856defd77d32605b8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:37 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"e49-rEz1AGTzIKkHVe1ZO4ZNwFwrP8U"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
client
accounts.google.com/gsi/ 		194 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: asset-a.grid.id
URL: https://asset-a.grid.id/js/sso_g_signin_v2.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdb74d4d60bdffe68750c9495007f9aa83f19503e312d0d1ff8f52dc94bf2155
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PdqrGSGRGyF0iPwo6Hg1lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-PdqrGSGRGyF0iPwo6Hg1lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 28 Apr 2023 13:45:37 GMT
syncframe
gum.criteo.com/ Frame 391F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=health.grid.id
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:36 GMT
server
Kestrel
server-processing-duration-in-ticks
404397
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
loaduser
traid.jixie.io/api/ 		52 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/loaduser
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
b39cf3025b7fec9fa5e42f926fdd547cfb4248c0133913cf372ed5c4e9c3e99f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:37 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"34-C+Y9nRmaPLtsPd28m7ghTBtP6ro"
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame DA1D 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fhealth.grid.id
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
54807
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Apr 2023 13:45:36 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6794)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
pexels-hasan-albari-1493079jpg-20220321031923.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2022/03/21/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2022/03/21/pexels-hasan-albari-1493079jpg-20220321031923.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a4296c8d99c235b39527fdc60fb8774a6d719075e2713c30af08d5d0dfef785e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 09:38:39 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
age
14817
etag
"940be4fad0c7c82061bb7fa5668ca49d38be14a7"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
6254
x-amz-cf-id
aTR_Nhaj_ABm8OW8h2zOE_PNGO0mAKaVKeSieGmN_4td9Sekear7XA==
expires
Sat, 27 Apr 2024 09:38:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2CFE 		2 KB
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156479&siteId=758930&adId=3607641&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&js=1&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63ff26103a9090d395ddf49da6fb81901db90bdd37ddf86efdec251201555222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
743
expires
Fri, 28 Apr 2023 13:45:37 GMT
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/all-grid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:37 GMT
x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.26
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:37 GMT
recommend
id.popin.cc/popin_discovery/ 		101 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&&device=pc&media=health.grid.id&extra=windows&agency=dhp_id&topn=50&ad=10&r_category=all&country=id&redirect=true&uid=123a060de5d25ea49871682689537082&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTEyLjAuNTYxNSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjEyMSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiRGFwYXQlMjBUZWxlcG9uJTIwdW50dWslMjBDZWslMjBTdGF0dXMlMjBWYWtzaW5hc2klMjBDb3ZpZC0xOSUzRiUyMEtlbWVua2VzJTIwTWludGElMjBNYXN5YXJha2F0JTIwV2FzcGFkYSUyMFBlbmlwdWFuJTNBJTIwJ01vaG9uJTIwRGlhYmFpa2FuISclMjAtJTIwR3JpZCUyMEhlYWx0aCIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ1c2VyX3RkX3BsYXRmb3JtIjoiV2luMzIiLCJ1c2VyX3RkX2hvc3QiOiJoZWFsdGguZ3JpZC5pZCIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2ODI2ODk1MzcwODgsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&callback=_p6_990a2b366c8f
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/all-grid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.197.150 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
78a4a0692d8778f558d454bcbc01b0f5b2375543aac034579a166688ac92c4d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
Content-Encoding
gzip
Server
nginx/1.13.5
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
popin_discovery5-min.js
api.popin.cc/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/all-grid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:37 GMT
x-amz-version-id
rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 06:45:28 GMT
Server
nginx
ETag
W/"dea14647ed42ad93bfc3d619993107a4"
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:37 GMT
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoiaWQucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGVhbHRoLmdyaWQuaWQiLCJ1cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsImxvYyI6Imh0dHBzOi8vaGVhbHRoLmdyaWQuaWQvcmVhZC8zNTI5MDAwODIvZGFwYXQtdGVsZXBvbi11bnR1ay1jZWstc3RhdHVzLXZha3NpbmFzaS1jb3ZpZC0xOS1rZW1lbmtlcy1taW50YS1tYXN5YXJha2F0LXdhc3BhZGEtcGVuaXB1YW4tbW9ob24tZGlhYmFpa2FuIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjEyMSBTYWZhcmkvNTM3LjM2IiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTIuMC41NjE1In0=&t=1682689537093
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlYWx0aC5ncmlkLmlkIiwidXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ1aWQiOiIxMjNhMDYwZGU1ZDI1ZWE0OTg3MTY4MjY4OTUzNzA4MiIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTEyLjAuNTYxNSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiJ9&t=1682689537100
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
settings
syndication.twitter.com/ Frame DA1D 		663 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f3af9b7a492d265ab2409668eef2013fb6a64a85
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fhealth.grid.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
113
date
Fri, 28 Apr 2023 13:45:36 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 28 Apr 2023 13:45:37 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
1f3705bcd6587818
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
08b46ebb2f7e7fc8667691072d30be12bb5c650a82c750c76668635dbf691dba
content-length
284
csi
csi.gstatic.com/ Frame 2CFE 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lh0lwk1z&c=6489463083261&slotId=3244731541630.5&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&nlc=1&nlrh=0&nlri=0&nlrs=1&nlru=0&nlrhc=false&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0b::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=health.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		347 KB
95 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741871887344132&correlator=1444102310850864&eid=31074164%2C31074171%2C44789127&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fifs&iu_parts=31800665%2CGRIDHEALTH%2Cvignette&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2F2%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=970x90%7C970x250%2C300x600%2C300x250%7C300x600%2C300x250%2C100x550%7C120x600%7C100x650%2C100x550%7C120x600%7C100x650%2C468x60%7C728x90%7C970x90%7C1100x50%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C160x600%7C120x600%2C1x1%2C300x250%7C300x100%7C1x1%7C360x180%2C728x90%7C468x60%7C640x100&ifi=1&adks=2828946652%2C1023819641%2C2200736784%2C379303523%2C468872212%2C2110943486%2C1864219677%2C2896548478%2C1553075463%2C3122860579%2C3178537407%2C3178537404%2C687263523%2C3348902997%2C2566849627%2C3146255382&sfv=1-0-40&ists=500&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=pos%3DTop_1%7CPos%3DGiant%7CPos%3DGiant2%7CPos%3DMR3%7Cpos%3DSkin_Left%7Cpos%3DSkin_Right%7Cpos%3DHorizontal_Ad%7Cpos%3DPopup%7Cpos%3Dvignette%7Cpos%3DBalloonAds%7Cpos%3DPopular_1%7Cpos%3DPopular_2%7CPos%3DSkyscraper%7Cpos%3Dnative_banner_article%7Cpos%3DInsideMediumRectangle%7Cpos%3Dbelow_photo&eri=1&cust_params=contextual_targeting%3Dtelepon%252Ckemenkes%252Cpenipuan%252Cwaspada%252Ckementerian%2520kesehatan%252Choaks%252Cvaksin%2520covid-19%252Cvaksinasi%2520covid-19%252Cstatus%2520vaksinasi%2520covid-19%26safe_branding%3Dyes%26keyword_targetting1%3Dno%26keyword_targetting2%3Dno%26keyword_targetting3%3Dno&sc=1&cookie_enabled=1&abxe=1&dt=1682689537252&lmt=1682689537&dlt=1682689533887&idt=451&adxs=315%2C1035%2C1035%2C1035%2C140%2C1360%2C250%2C-12245933%2C-9%2C445%2C1035%2C1035%2C265%2C445%2C445%2C265&adys=338%2C373%2C1923%2C393%2C50%2C50%2C1150%2C-12245933%2C-9%2C1913%2C520%2C520%2C1225%2C4844%2C1471%2C1205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C0%7C-1%7C-1%7C2%7C0%7C0%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&frm=20&vis=1&psz=1600x0%7C300x0%7C300x0%7C300x0%7C100x-1%7C100x-1%7C1100x-1%7C0x0%7C0x-1%7C570x3743%7C300x1343%7C300x1343%7C180x0%7C570x3743%7C570x3743%7C750x832&msz=1600x0%7C300x0%7C300x0%7C300x0%7C100x-1%7C100x-1%7C1100x-1%7C0x0%7C0x-1%7C0x-1%7C0x0%7C0x0%7C180x0%7C570x0%7C570x0%7C728x-1&fws=0%2C4%2C4%2C4%2C512%2C512%2C512%2C128%2C2%2C0%2C128%2C128%2C0%2C0%2C0%2C128&ohw=0%2C300%2C300%2C300%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=48352262.1682689534&ga_sid=1682689537&ga_hid=1322728739&ga_fc=true&ga_cid=1569870539.1682689534
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd1b7b6f603a148d6f3fb701585274ecc3fad1adbf6ea416ab24c19f89427270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96965
x-xss-protection
0
google-lineitem-id
-1,-1,6156465760,-1,-1,-1,-1,6262118098,-1,6262118098,6262118098,6262118098,-1,-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138412398542,-1,-1,-1,-1,138428489047,-1,138427859907,138428489044,138428488906,-1,-2,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0ECC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl_page_level_ads.js?cb=31074164
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca7fc0d9dea60259cd47ac9185dea859cf93cba538b4fad5bd43c92f91789e74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
58061
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11984
x-xss-protection
0
server
cafe
etag
12136767000467347226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 21:37:56 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ad9ed84a5aead8a504e22f2b7ade1b20
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
043b855c237ef2b5110343dfbcd980267e44e97bb770d3e0d9b02dac2addd3d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://health.grid.id/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Apr 2023 13:45:37 GMT
content-md5
ISz0/1XVRr8RKi1mwn3APA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88616
x-fb-rlafr
0
x-fb-debug
LsxeKBg3wGr9mOTc9Gru7aY+RARMBJ+PJIsNlMSFVTrm2sgerUED3sCKCQj22yhGYrowRheB3czo6tdTlKFAyw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f818c9280c25a405e79f89cfefce43c4
cross-origin-opener-policy
same-origin-allow-popups
etag
"54015135ec31f4be33954911ca5e30cf"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 27 Apr 2024 12:14:28 GMT
sid
mug.criteo.com/ Frame 391F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=grid.id&sn=ChromeSyncframe&so=0&topUrl=health.grid.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=mjnNH3xYdVJLWjFUaW9ZS0VBd3M4bCthOWlwNFFnczNaa3Z3MHFCaU14TDZEN1ZSUXl6RUkvQjhGSlhkckV5UHJIMUhPeitVRmptZUlIN0QxbWI1RlNkYlpBNDR0bjNhaHJVWnhBY3EvSlhBMFoxcHlKQkVkS21PVm43cW...
443 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mjnNH3xYdVJLWjFUaW9ZS0VBd3M4bCthOWlwNFFnczNaa3Z3MHFCaU14TDZEN1ZSUXl6RUkvQjhGSlhkckV5UHJIMUhPeitVRmptZUlIN0QxbWI1RlNkYlpBNDR0bjNhaHJVWnhBY3EvSlhBMFoxcHlKQkVkS21PVm43cWRhOGRmczNScUwxbTF6NHlpR1NsWDl5bTdrM0FkRGRjWHlhSm4vV1FkWWtXWVQ5VEdtWWZ0dHhGUk1mYzZUcENBR1drekhjem5aTzZKQmVBc3M5WmVJZm9JVXB5aHJtZUU5S1NNaEk5L3RheHY5WWlPd05lNXJ6bTArSWM3eWE2akhPNnJlV3BjMGhpN1JRbmFEZTJGSUZaVUw0Skh4dz09fA&cppv=2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1fb6f1b86e731bc496499ac847251c2c7ba0c1cc565289806786c01931379fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1916804
expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=mjnNH3xYdVJLWjFUaW9ZS0VBd3M4bCthOWlwNFFnczNaa3Z3MHFCaU14TDZEN1ZSUXl6RUkvQjhGSlhkckV5UHJIMUhPeitVRmptZUlIN0QxbWI1RlNkYlpBNDR0bjNhaHJVWnhBY3EvSlhBMFoxcHlKQkVkS21PVm43cWRhOGRmczNScUwxbTF6NHlpR1NsWDl5bTdrM0FkRGRjWHlhSm4vV1FkWWtXWVQ5VEdtWWZ0dHhGUk1mYzZUcENBR1drekhjem5aTzZKQmVBc3M5WmVJZm9JVXB5aHJtZUU5S1NNaEk5L3RheHY5WWlPd05lNXJ6bTArSWM3eWE2akhPNnJlV3BjMGhpN1JRbmFEZTJGSUZaVUw0Skh4dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
306135
content-length
0
expires
0
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-51.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 05:25:25 GMT
x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
Age
3918013
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=315360000
X-Amz-Cf-Id
2OrqNze_GyzDMD3sDpUdbntyaoXDFSLbxbNnozNjBBnzFPHDi26C1g==
csi
csi.gstatic.com/ Frame 2CFE 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lh0lwkh7&c=6489463083261&slotId=3244731541630.5&fb=ima_html5-lima&sdkv=h.3.569.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=10&aab=1&itv=1&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0b::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aIi_bj6i1nO3pjLG7F_8oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-aIi_bj6i1nO3pjLG7F_8oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 28 Apr 2023 13:45:37 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 1619 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23e5c08cac53d2d04e815d7f211797319b32be9ff189275dc5329feb791b7ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18917
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 19:23:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:55:28 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/grid-gridoto-prebid7.31.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Apr 2023 13:45:37 GMT
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
1a4a88b5fa3475335506f412d847d4d9b89b50f720db8e4c3bbe9c7773681e12

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.grid.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 28 May 2023 13:45:37 GMT
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://health.grid.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://health.grid.id
cache-control
private
content-length
27
content-type
text/html
date
Fri, 28 Apr 2023 13:45:37 GMT
vary
Origin
x-aspnet-version
4.0.30319
tag
a.teads.tv/page/140223/ 		1 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/140223/tag
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxosm.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abac5870a9c1ea59ad4d02cd7e0a7d179fad72344f9c1ce1b91228728d1bb888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
573
expires
Fri, 28 Apr 2023 14:45:37 GMT
ad
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/ad?jxlb=1&&cid=1783&cpid=492&source=osm&adtype=osm&engine=hb.2.1152&client_id=f4175e00-e5ca-11ed-abfc-1fec3314eae2&offerid=na&unit=1000116-l0qqATjDAK&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&sid=1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537&cohort=--~--&device=desktop&ctrlbkt=000&cpm=0&jxbidid=undefined&adunit=default&sessionts=1682689537346&jxub=2&jxtok=3040021e1391209c3cbca32c1635ce125369e6e1838370ca698850ab0678284c1f46021e14de86af756e9de1d9509b8451eb440661c86e05ce3910f8177068da3a9e&tsready=1682689537346&tsjsrun=0&action=response&stackidx=0&stackdepth=2&vers=v2.1&msoffset0=730&msoffset1=2
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxosm.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:37 GMT
Server
elb
X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22jTR5KmA4Hx7w%22%2C%22%3C%2d%22%5D&ts=%5B1682689537514%2C1682689537515%5D&pp=%5B%22pubmatic%22%2C%22%3C%2d%22%5D&ev=%5B%22xld%22%2C%22xst%22%5D&id=%5B%22vcbl_grid_outstream_desktop_always_float%22%2C%22%3C%2d%22%5D&et=%5B%22LineItem%22%2C%22%3C%2d%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%5D&pid=%5B%22vcbl_grid_always_float%22%2C%22%3C%2d%22%5D&pet=%5B%22~~02~~Unit%22%2C%22%3C%2d%22%5D&at=%5B%22generic%22%2C%22%3C%2d%22%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%5D&ar=%5B%22https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan%22%2C%22%3C%2d%22%5D&sdk=%5B%22GOOGLE_IMA%22%2C%22%3C%2d%22%5D&hn=%5B%22health.grid.id%22%2C%22%3C%2d%22%5D&sn=%5B8%2C9%5D
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
6NabCSO-uaWrdwIU0nlL9pDB1iTFZaXVxXvrDzHHaWvgWqdjOiqlbw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689537517&pp=pubmatic&ev=xit&id=y59ExBJ7Hjg3&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_desktop_always_float&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=GOOGLE_IMA&hn=health.grid.id&sn=10
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
TGrFgK7X5u3Z3qcxlFJGllV_fIcgzfEVUV1GWREzoEzapXAESt5TFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689537518&pp=pubmatic&ev=xls&id=y59ExBJ7Hjg3&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_desktop_always_float&hn=health.grid.id&sn=11
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
BHeW2MnCpNhp4DqWpi1h9YlwKO5v7zpOoIXMtq0wrxF3I04YmPfRMA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689537519&pp=pubmatic&ev=xld&id=y59ExBJ7Hjg3&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_desktop_always_float&hn=health.grid.id&sn=12
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
U0c8wIRNMX_rPqE0CLvApiaSwkF0Ay2FNCSaly5d9F5xCUkCc7xLGQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Apr 2023 13:45:37 GMT
i.js
cm.mgid.com/ 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=168268953763843144143
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7befbf2a7b6035fa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1619 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607641&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&js=1&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
stream
stream.jixie.media/api/public/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stream.jixie.media/api/public/stream?format=hls&metadata=basic&max-height=480&video_id=260762&platforms=jixie,jxmp4&conf=fa9afd31c9c8769a7ae23ef3661ac43f
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxvideo.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.43.132.133 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
80d4fad1fa946b25a60a3c8edea0548372bb995eb717c6c823e8cbc89064d04f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
ETag
W/"6a8-vlBWE0ntmsEM7Vg+uNBs7MEyRK8"
X-Powered-By
Express
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Access-Control-Allow-Credentials
true
Content-Length
1704
hqdefault.jpg
img.youtube.com/vi/UHYdFIa-JSs/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/UHYdFIa-JSs/hqdefault.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40e64baaecb1167c8b9d5dbf1d845e8a158c9cb58029288052884e46c816a069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31666
x-xss-protection
0
server
sffe
etag
"1677656675"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 15:45:38 GMT
hqdefault.jpg
img.youtube.com/vi/9-5Ta6_6ohI/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/9-5Ta6_6ohI/hqdefault.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f8eb7df3fbe2801f66be5ed819a4330a682799f8b101e4467519bb398eb4d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27569
x-xss-protection
0
server
sffe
etag
"1679654758"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 15:45:38 GMT
hqdefault.jpg
img.youtube.com/vi/dYUt2M7V0hw/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/dYUt2M7V0hw/hqdefault.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4287533deeba3e70ee2ac903b7492a1891442ceacb4bb210169718e206348f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32460
x-xss-protection
0
server
sffe
etag
"1680424990"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 15:45:38 GMT
hqdefault.jpg
img.youtube.com/vi/1W6m911980o/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/1W6m911980o/hqdefault.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d008c0a3f6ff59b87e7d8bfda51021c2bd462c33d66118ba69c3fb9edabb4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30273
x-xss-protection
0
server
sffe
etag
"1677681231"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 15:45:38 GMT
i-noref.js
cm.mgid.com/ Frame 68FB 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1682689537692583098913
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7befbf2a9b9035fa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
0CA5C8RY4B34HXKP
age
3392
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7befbf2c6b412c56-FRA
x-amz-id-2
kzLxsGA8+QiQKwPQg9cQQ/bnHc95S+Ty3CuN3xd3/Bl76V8vHx8I0oqBxqdRbR8/KmPEPxdi+9U=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1323625.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
acc0b7ae81f59b02a5a37203af5e5aa98664de269454ec084f927ab693950021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
last-modified
Wed, 26 Apr 2023 15:11:25 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=160823
accept-ranges
bytes
content-length
63910
expires
Sun, 30 Apr 2023 10:26:00 GMT
userProfile
traid.jixie.io/api/ 		2 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/userProfile?client_id=f4175e00-e5ca-11ed-abfc-1fec3314eae2&info=interests-short,intends-short,cohort&accountid=fa9afd31c9c8769a7ae23ef3661ac43f
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:37 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
teads-format.min.js
a.teads.tv/media/format/v3/ 		596 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/140223/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e5f3227e2e31b1212dae5f7d5efd24656ef31949913b16585233c0404067216e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 08:48:59 GMT
x-amz-request-id
NZPV78GPN7W3JZKC
etag
"e8e9dcdf761d0ebcc25ce5ca8ddf899a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
d
accept-ranges
bytes
content-length
132798
x-amz-id-2
8YqRZQo+aSGKhewZKxmTN9iKXQzzkt78D4oMXNjY+VxxbojuvuRUS5uW89cJ9okTpBLjV5ikMqU=
expires
Fri, 28 Apr 2023 14:15:37 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6955 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607641&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&js=1&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18652
content-encoding
gzip
content-length
14445
content-type
text/html
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Fri, 28 Apr 2023 18:56:29 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1619 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607641&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&js=1&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:37 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18652
accept-ranges
bytes
content-length
14445
expires
Fri, 28 Apr 2023 18:56:29 GMT
prod
traid.jixie.io/sync/ 		146 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
b68652d8acf44ce2e300ab6df7f41d76a25f5c30e9bc080423adbde4243e2fec

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
f4175e00-e5ca-11ed-abfc-1fec3314eae2
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://health.grid.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://health.grid.id
Connection
keep-alive
Content-Length
0
Date
Fri, 28 Apr 2023 13:45:38 GMT
Server
elb
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=5a7e9638-2689-423e-b1e7-fd3f0e29cb15&pageId=140223&pid=165925&debug_metadata=XPhoTBNu9m&fv=1179-block-sumo-espn&ts=1682689538158&f=1&referer=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=5a7e9638-2689-423e-b1e7-fd3f0e29cb15&pageId=140223&pid=165925&slot=native&fv=1179-block-sumo-espn&ts=1682689538172&f=1&referer=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 6955 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78266662&p=156479&s=758930&a=3607641&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e2d562d8c984b21383db1cbae9e999e38f5eafe67312242b2319f570e8975e36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ad
a.teads.tv/page/140223/ 		541 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/140223/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&auctid=5a7e9638-2689-423e-b1e7-fd3f0e29cb15&formatVersion=1179-block-sumo-espn&env=js-web&netBw=9&ttfb=759
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9d9e3a6573aa8912c37008ecb47117eb9692807d0e900057d6d142433da3fbcb

Request headers

Accept
application/json; charset=UTF-8
Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://health.grid.id
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
366
expires
Fri, 28 Apr 2023 13:45:38 GMT
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FBF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 69F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame BB45 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9gZyqPG2yvoWC1-4FvebMoLQDf9UggTT_r0XMjlpvJzWf9kfaOZ_XfPKNqsMvDoo-Z1UOzK5ExShNHGeEGpsvqVa-fMg2hexIizDOJX86K5Vf6COKOvTIpXFPx57oqi6gJJCupPXDjFdkq7eOi7iGI8PMydsetZD1KxClusxJXVRDU2dzPgX9W5KbWfe3zBgeaokjNIq5IsvimBja3tKUCgnQwLtUUx00p2v6t3Vtr5ciHbdmH5qpCm-hSOdLzgzBe5q-jyvArwpDYZemfy1NOU4B6ZIu5OhuwZxJutXA-T1Kqy7RBZ0Ch1Q1_Q4v&sai=AMfl-YT6oJyw9rJUlebyAoMoIksHBxohGxKnGS8Nal_89enlaiJQeFzEgr3r2RJekepMMniwE-fEiPnHeU_sMsB1xZe_C069TGHyY7uQWxKgGiNNTL_bAJ1Iyl2WMamAJKbGEg&sig=Cg0ArKJSzMwH4VlQaOxVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:38 GMT
grid_dfp_1.js
api.popin.cc/searchbox/ Frame BB45 		138 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/grid_dfp_1.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
a6880ce1cd4c2cbfc908fc7236838231a254b97f9dfd3b585884439f35beeab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
x-amz-version-id
1nUCVajuo_BQufpuRtjdgzTFikYMIFxO
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 02:51:22 GMT
Server
nginx
ETag
W/"5a54404ec10474ebc41b3f488d8f286a"
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB45 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E0D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D01 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A864 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ptag.js
tag.adbro.me/tags/ Frame D2EC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908b02033cb181b4ba53ce5548132b27486b3be34677c7a5670b1c7d0b4cfb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 23 Feb 2023 14:48:33 GMT
content-md5
oCTvrpu3DbuMRSyuNwNHpg==
age
229
server
cloudflare
cf-polished
origSize=64994
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eae9b3666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
us9zmbwc.js
tag.adbro.me/configs/ Frame D2EC 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/us9zmbwc.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daee5339da0351f0b596284a85b2e71533e54cea7f8fae1f547c2f1e1aa91f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 05:42:54 GMT
server
cloudflare
age
2941
cf-polished
origSize=2087
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eaea03666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F44E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ptag.js
tag.adbro.me/tags/ Frame 9DF0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908b02033cb181b4ba53ce5548132b27486b3be34677c7a5670b1c7d0b4cfb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 23 Feb 2023 14:48:33 GMT
content-md5
oCTvrpu3DbuMRSyuNwNHpg==
age
229
server
cloudflare
cf-polished
origSize=64994
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eaea33666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
us9zmbwc.js
tag.adbro.me/configs/ Frame 9DF0 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/us9zmbwc.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daee5339da0351f0b596284a85b2e71533e54cea7f8fae1f547c2f1e1aa91f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 05:42:54 GMT
server
cloudflare
age
2941
cf-polished
origSize=2087
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eaea13666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 9DF0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c088b4dd0d1a5ccc708e1cdf4dc6cae55b0bf23769b8976adb73512d694a330

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
ptag.js
tag.adbro.me/tags/ Frame AD62 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908b02033cb181b4ba53ce5548132b27486b3be34677c7a5670b1c7d0b4cfb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 23 Feb 2023 14:48:33 GMT
content-md5
oCTvrpu3DbuMRSyuNwNHpg==
age
229
server
cloudflare
cf-polished
origSize=64994
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eae9f3666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
us9zmbwc.js
tag.adbro.me/configs/ Frame AD62 		1 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/us9zmbwc.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daee5339da0351f0b596284a85b2e71533e54cea7f8fae1f547c2f1e1aa91f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 05:42:54 GMT
server
cloudflare
age
2941
cf-polished
origSize=2087
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eae9d3666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame AD62 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
635f02993243061bd36f3dc1c75e7a8b3c1d44aa9be7697d94dce6cf453e819c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
ptag.js
tag.adbro.me/tags/ Frame D983 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908b02033cb181b4ba53ce5548132b27486b3be34677c7a5670b1c7d0b4cfb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 23 Feb 2023 14:48:33 GMT
content-md5
oCTvrpu3DbuMRSyuNwNHpg==
age
229
server
cloudflare
cf-polished
origSize=64994
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2eaead3666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
us9zmbwc.js
tag.adbro.me/configs/ Frame D983 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/us9zmbwc.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daee5339da0351f0b596284a85b2e71533e54cea7f8fae1f547c2f1e1aa91f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 05:42:54 GMT
server
cloudflare
age
2941
cf-polished
origSize=2087
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7befbf2ebeae3666-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame D983 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c5b59af5b6c86274a718bbe2f0aa1b326aef14e211b10c5a3bb6bdb7762c22b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6050 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 58E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Sat, 27 Apr 2024 13:45:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events.php
log.r2b2.io/ 		9 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&hbDomain=grid.id
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
0c394779971f0c21a34edca73b12f190aba976711c1b0f164400413d4a3828fe

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:32 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 13:45:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://health.grid.id
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=5a7e9638-2689-423e-b1e7-fd3f0e29cb15&pageId=140223&pid=165925&slot=native&vid=00000000-0000-0000-0000-000000000001&fv=1179-block-sumo-espn&ts=1682689538419&f=1&referer=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ad
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/ad?jxlb=1&&cid=1783&cpid=492&source=osm&adtype=osm&engine=hb.2.1152&client_id=f4175e00-e5ca-11ed-abfc-1fec3314eae2&offerid=na&unit=1000116-l0qqATjDAK&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&sid=1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537&cohort=--~--&device=desktop&ctrlbkt=000&cpm=0&jxbidid=undefined&adunit=default&sessionts=1682689537346&jxub=2&jxtok=3040021e1391209c3cbca32c1635ce125369e6e1838370ca698850ab0678284c1f46021e14de86af756e9de1d9509b8451eb440661c86e05ce3910f8177068da3a9e&tsready=1682689537346&tsjsrun=0&action=error&stackidx=0&stackdepth=2&errorcode=303&vers=v2.1&msoffset0=1673&msoffset1=945
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxosm.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
Server
elb
X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
ad
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/ad?jxlb=1&&cid=1814&cpid=497&source=osm&adtype=osm&engine=hb.2.1152&client_id=f4175e00-e5ca-11ed-abfc-1fec3314eae2&offerid=na&unit=1000116-l0qqATjDAK&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&sid=1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537&cohort=--~--&device=desktop&ctrlbkt=000&cpm=0&jxbidid=undefined&adunit=default&sessionts=1682689537346&jxub=2&jxtok=3040021e154bed4c83dff2840087df4e6f671816c1b90478917e2d257e76bc2419b1021e11798eb5fab85fd5a7de72811b0260249c8c22c56a26907f769d3b7d8c42&tsready=1682689537346&tsjsrun=0&action=response
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxosm.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
Server
elb
X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
osm-desktop-grid.html
ads.grid.id/OSM/ Frame 0A3B 		522 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.grid.id/OSM/osm-desktop-grid.html
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxosm.1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.169.4 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eee7d0e02b19240b6d9fb30de1b6a366345b05adde615b8741d3a32fe3dd9358
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 13:45:38 GMT
etag
W/"63240e8d-20a"
last-modified
Fri, 16 Sep 2022 05:50:05 GMT
server
nginx
vary
Accept-Encoding
x-robots-tag
index, follow
x-xss-protection
1; mode=block
ad
traid.jixie.io/sync/ 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traid.jixie.io/sync/ad?jxlb=1&&cid=1814&cpid=497&source=osm&adtype=osm&engine=hb.2.1152&client_id=f4175e00-e5ca-11ed-abfc-1fec3314eae2&offerid=na&unit=1000116-l0qqATjDAK&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&sid=1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537&cohort=--~--&device=desktop&ctrlbkt=000&cpm=0&jxbidid=undefined&adunit=default&sessionts=1682689537346&jxub=2&jxtok=3040021e154bed4c83dff2840087df4e6f671816c1b90478917e2d257e76bc2419b1021e11798eb5fab85fd5a7de72811b0260249c8c22c56a26907f769d3b7d8c42&tsready=1682689537346&tsjsrun=0&action=loadpixel
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"2b-La6qi18Z8LwgnZdsAr1qy1GwCwo"
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2EF4 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVuFe4TakF7JdcsTt7JdZOEPGJqD2o2Yk2cyK7Fw9snvTkq6u196OgRdsb5LHlFhETN-32MKy2c_H6rsERvxe8VsnImprOvGLj_LNQi2rz79l--5ScdSgspMaQbN0x-DM2yzk5_k8XDRYIUTl4EHDs8oZIuK8RPXnBTXIJPDibj5t_bXhs
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8FBF 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FBF 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A82CXRA6aF4UIIw4fPP8P-huv5aL7nkiRRvZWGT_2z7gCkohlM7j7-YOmFJI9xYbGD8Ui-9bNT5FObfkz03RzdjEB-meqaAruMpfk69_3iCLiwGPk
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FBF 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11531820878333292410&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 8FBF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 8FBF 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 8FBF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiI13ek_JG3em9GH1MBkr2VzFcWBEo7ShmRNasaI6U1KNhcA_jJly32YaYQLBlVdoIoHy5bIhBqX8Agixpo5qK9ouQqQ
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FBF 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F643 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCy718Y-Ovp5wEwAQ&v=APEucNWp4fEgJwQrfQbtpmAR_NKYiy-P6TD07oHy0nrY1kKk5K2bepkNiIdUD812KOHZjj6Jb_9ACQY8T4eLZol6XchSTo_NhmtZfWThf0Wffdsn6inbQ4WijF64xReastiS6a1QYtbOx_HiuUR5UAg94NuxUBNdVlGkPFBIbm5ORqNtCXeRceI
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 69F4 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F4 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkxeJvmGF3uyJ7NfOKgQD3NXA04aSJj2zv4-SfgkR35o40CfrcxCVrg4j8ciGZxFh6x0yEGwnhqrWkRoYF0nyGyo3y5JidYLV8PkGFUhQtxAXT3wQ
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F4 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4042712434472144281&x=1&ct=77
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 69F4 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Apr 2023 14:10:57 GMT
jload
pixel.adsafeprotected.com/ Frame 69F4 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=1009944722&campId=19225653338&pubId=1&chanId=285585637605&placementId=486176248&dealId=&adsafe_par&impId=ABAjH0gkkkh-aRCAVXF9uRErkx-h&bidurl=https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.248.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
77c4f243280e815a8a4b843b3cd3e49b711b45c6fbc15ede1169270932f33510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 69F4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 69F4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69F4 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0E3F 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMY1c255gEwAQ&v=APEucNXrPQdUr7DPwdXYHmgn1mV1WfRG-6jo_aEwMBkzoxCA74XwNJYU1TdhmYruJ44gAx1Ca2yZl3HBq_ASjwiYbk9qHxBjGOYy5rH7tO4cfHxrHVJk_fiyuef9oJnmmXu5JLf3rypQRfgOY6jXIHDq5XrMlyymRzBirYaV_E9qz4KfQH0-JIc
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CC52 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC52 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgfQuNzlmsLdrMq6fHCascLdX2RpoOGQ1zjs_omCeEMVFELWyvDe5u_g95CVti92TymiClLZ3QWuYK_ce3OG0JT3dBXhUnQLgkiCVf3Ck6AEgDykk
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC52 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2213676487666267528&x=1&ct=77
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame CC52 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079147273&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCfDOTAc5LZN68GqKR7_UPq4iiyAf6q6KVcOmpnrm5EfiFhZ4LEAEgytbjH2CV4pCCoAfIAQmpAsvnIKurbbI-qAMBqgSIAk_Q63EETf1Wf2rtEzRaDlAogLi-IMF4Ooda86WFUOTgtcedo6GK0sGYTz5OjadjQv_dSJWYz29qFgZNXS-AsmtyRUrybh4hocoiy25ZI_9r5hLy1K05NoDfjb0z9GUM2agWgLyWEa5GEekWshoustY27GGX1X7X5HKLle2SuTaK27u-EcsU0QP96xMgCyJwk0E0A7FgOeD4DwcKx6rTEqT3UzWlcb6Prii6O5DAqZSGiacW_cX9MH1PhWvetls6wR-bH30VrwWw0l4Uvg-Gr_0ZNs9_gEHxPHJMD29OLHQPCf26Z2NVN010D6zdS6s3reK9dNhYVG6kMT_wHU8k3pe_THvp-7VV_8AEnK-RvagE4AQDkAYBoAZNgAeL16yLA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE6ftlRPYEwrYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE%26sig%3DAOD64_2mbEy9ZNln7YpeR5GUxwzzvp1Ytw%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-BIZKDpbp7LS9BgdgD_mQLqfYOYfbm07Ig8GIqAGNkDZVtLUgEsiP31dmnuLzpB3rh5Lnz_PGl2Sl1-D40ay3OAL5P4zfQmGn8kVyidYgOFLRDeSqHZBwstC46GVGQoQycmSfT0cLwuukC6kSDKVQfC7rvfxwo7H8EsID5vJzU3NTdNcSw%26cry%3D1%26dbm_d%3DAKAmf-DxbzoFRELfH9dQdagUr9qafznHbooUq7YzOlMwX5OxEubKiTXETiHgaX-rTYkSr-lKeyz8_F9qIWBDcQFVwsXDoFelVc_I_rBobjE88RI1y766ndnsVSYGgeDlRWHEOjC2Xd5nbVAXwmR8dqK1ph00pHvP__YSAfgtc80vqgeg19u3O9BhCRTstQjh-OLa7wbIzq7TZC35KAHDbl40R8-5jH_obm2HkUYeESabFnXq0lkcIpdIPk14rQPL599kurAwobWG5WboZH_THvK78YN0AkDBGTGIv3-c7Hrg1y10mLWrqSyFtRZHSNC3L7rTZsbDBXtDZ-e3yq8riwddPr4h9gfc4CdjT9XnXMx-LtSauz5LqgoU6iRawK2AnUNiAQ25ZRAnso9veKTgGv2JVk6XVp8fV6W2ik7u4gPLLrnJmZ-eFpzvyaEKw_Hv2jdx8NjXbcvYeJrSasXNtzEiVuYe2CUvRe66_s7SpkGVufh0ioKM_J2A7lk0BIgP4-xkts38wm-VAFMKcstfDDYLzW7syQWVH2DgbfKZhdI9iriZtwkhk6Qx3jDv0O4sCay5dPlkGTROMDFi1z9SjnlEOtPVvLfnuUNsLLZh0mnQh0jTakoXe-U6PcUNbQHu9slyT-2aRJNI6gEMipwlbvrPlLNCje2n2DLb3l5seot-l-vBqkXyp_rSj8mLMCTazl3p6sDwf5O4%26adurl%3D&e=0&ord=1682689537433758&ifrm=-1&z=0
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.62.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-62-215.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
73313bf72936d61d2cc21d5d850e94789f26667d868926fc0272fe1f62db953f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
5771
expires
Sun, 05-Jun-2005 22:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame CC52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame CC52 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC52 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1619 		27 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156479&siteId=758930&adId=3607641&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&us_privacy=&cb=1682689537953&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fhealth.grid.id%252Fread%252F352900082%252Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fhealth.grid.id%252Fread%252F352900082%252Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-4-28%2013:45:38&ranreq=0.5244175081802485&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607641&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=0&gdpr_consent=&js=1&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://health.grid.id
content-type
application/xml; charset=utf-8
x-vdbg
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E25 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNWwsas_W6TEB0YwK4SGbIZnNEUYR1evEdAJx0Kg8JLO4KMftMJxTP5WD0pn5bMu3pO3A3y_BG_lkPwAE3_QhcjN6pG2aegyB9OTvJV7At7q9L65O1tBlCaO4xeiCl94DU_vIv2i3rSyWU7Kb6SnzLILhs0MEf-fo50H9q9ynIKvLTGGbfY
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6E0D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7SaQ7T_7V_wE3bS7qgm5ISDDU1EM-rYI0P9LeYH163J1DiQYeL_T-9gdnQqE-osA6kADHpYVaae89nEIjJRS8vtGphDik-XEjJa2oBO8Y0z5Yq2s
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9861339183145736918&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6E0D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6E0D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 6E0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgratLm09GiW4XkoiRxA911i3lPliPzB4UNeCHQD15anke0yb0_GQOWcO514FfZO-ypedjhRAzrKUhzkXrhLPtSg5zmQ
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E0D 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A9DB 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNW0CbCldiPrT9SBnb3VYYwgB8Dw7zCmydoQFCLNzBXDAh70-8twoLfriLQRH-9njmVbtREjPqj4ldEibXzoXjNr6cdqNS3M20iouzOAwTmTBI4VbHod8Ehz6NTHycVGaLNmeUNGNim8R3iKak2srV4wpOtOyU4LQPN-LG7TCRcnvBXGTNw
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3D01 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D01 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1ixcCjMA9Gi6EIHrkj7LLiYll7QVBT9hIo1OZ36Y9vh_yyr5-QmoGvorxjbGPHYt-zMovn63ZBAhumczy2B_orrseMopFsx3psfaUwO92BQwnujA
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D01 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4731035321920341819&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 3D01 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 3D01 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 3D01 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYNPczF37yZc5uLo6AOT1R_WlaqmkH55orWuG3uPMDObkun8UVYD2Qoo9n8XM5NW1xg6IC-lKvL8iy1NIRAj3-3fOqOQ
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D01 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CCC6 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNXW3y620DHdvKrmR6t8A436XgF-2PAW_QM5ESO5VYDzNEXMGAsjkE-lv0Apyo6bwbHAAP1iv-nCU_mhQV4U_QeJBsieGE6O7P5QLX1LGK9EQixbfCLxfAM4g1UCwskDf8hI6MKqpOtCBYF7D3RlgE-rIL9K7e0J8PYkN2pE9HJuTZ3naOY
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A864 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A864 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZqbgzWhED_e3Payl7FOh9_o9LNtAn33e8tGpQdj97lLdVwTZ12R8QdraGBZr-wmwlGH2d44t1Rr3Xmn_RmrlMwZEA9epg8BDQAzU5Ckb4fxRvlF4
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A864 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13957174342427459054&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A864 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A864 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame A864 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvBJ87ma0k_r1XOfb3KSyFCvQIcgmRifKcNMR3iDNM_oLJFw47BFta1Yu0AOmbRQye1dpMYMUcE3ASkfC0DObKhsm3AQ
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A864 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
css2
fonts.googleapis.com/ Frame F44E 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 13:34:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Apr 2023 13:45:38 GMT
css
fonts.googleapis.com/ Frame 7583 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 13:32:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Apr 2023 13:45:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7583 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
63393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:09:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 7583 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7583 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7583 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 7583 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQQb_KpJnAzCU1c1yFdwpzTRD5_VqCRk1uMHU8k6UguI2nU9T0BMSEvpIgvAXJesbd6x7oa08LMu3fTb8A81eHbQce-w
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7583 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
dc885651c24f3a38cf2b2dda4c5c7197.js
www.gstatic.com/mysidia/ Frame 7583 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13586
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 00:18:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:33 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame F44E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
62021
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8031
x-xss-protection
0
server
cafe
etag
4566461469134147509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:31:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F44E 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:21:48 GMT
x-content-type-options
nosniff
age
12230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 27 Apr 2024 10:21:48 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F44E 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 12:01:10 GMT
x-content-type-options
nosniff
age
6268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 27 Apr 2024 12:01:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DC94 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj5n7XcATAB&v=APEucNUBh5TFyvh3Z-6QFFHFkK6mCAPPxlDlGJnbqiUzOC74RUuOlVgwAoTFjai7tP1YfHdMNsPwm5YkxAXZzVQ_Y2HZPBbNe923VwfcJF_wvoRnUUei891Yu8AClzPpOlxlNr4-Fpm-MlZbzhiap7Kkk9qpWKHBBXDKXeO_Qi00epN8UsVY1HM
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6050 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6050 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcZRM1YHwLYWXSQUX5ENQZ2NBgwDLAvEfhqRXQyU2Ul5xuTaO3XajOm-uPmPZYrqGxU2s2o9DlhpqPVOWrBS0q3PcXEwO6Hi1ZmmxYGQKEM_iJi1w
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6050 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15021870031130156921&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6050 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6050 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 6050 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD-4hZwUryBJ2IY9-BVKOxlLdhX9-TW9CYCOUYIQpOOGkPSBnQe84nmS6tdV5IHFt1y-xEbuQB8iinzeRjfnG7OH158A
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6050 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 45BF 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARifrIPjATAB&v=APEucNUN3Mdj1fQfbnzpTJKwUbSiQBuz5_0e6QjeGOpKtDn85xXM7hYeOzcB_OOTYp7FUMKpt2lLXvPhDD4p4ElYzcnCyIf7NveFt89ub8_SLfFlERHa689VNUvMAqY2Yw0g0EAnvb-gl544_njVlS7hibjP-Xx9HlJIvaMRc7NMUbHnij78imU
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1D02 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D02 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcpxM3fCHVZF8JYhMoAxYXev8D3lZY6liHBsbjXytqSAsB_pDC9gqJ0VcO14ZAzCy44poL4qypgYHuACJEbou7Va03Ur49TpQyZFoxXAKqMr9Dosk
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D02 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1328212885567866527&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1D02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1D02 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 1D02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_C2QjOiawb4FpOFV9ttXOj55ORXFd9yqo851q1CH_2CbNDgok0CAP3bhaMvdIhaAlfLlF2JLcJPYsH-wnoeB2tfOCtA
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D02 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 80F9 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNUHv0r2fcyDZENLq-Av1VdXLaYkU5p984CtZ9-apcqEKExoJq0Y6YG_BuegJGv_laUt0baic1H1gXYtZ20DkPZKtemDPAgxg8bt97vKIYObwZkMBGJqsa2G57McCm4ngVUSPG3UoU_ZMyWsVQ1jcK-73aE9SEzIp72ACMcG0DdFmhD4Cdg
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 58E0 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58E0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Alqxr9c4SYWf2JCsnTLaFxZSoIMmyQJYQ8RXcf1Iov9HRxCC7WuHN6p2YlrPrQvFvu63OZyr4oHfYKH9LoTjN0OwqkGMp2mFkRfpjsWqbMCpnyydM
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18147356951416574260&x=1&ct=76
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 58E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 10:51:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 58E0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 02:01:09 GMT
l
www.google.com/ads/measurement/ Frame 58E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiWTXH90Kdkijmxrlr9kXvCdq9XqDzf70g9SMMIxr3qVUB81s36kueAONVGuNoRG8RMcGsD6H4ZCg91K5gEUhhP-r2wA
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58E0 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
popin_send_cookie_set_fail.js
api.popin.cc/test/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:38 GMT
x-amz-version-id
NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 03:29:29 GMT
Server
nginx
ETag
W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status
HIT from 10.252.55.26
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B4B0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 28 Apr 2023 13:45:38 GMT
Expires
Fri, 28 Apr 2023 13:45:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x27 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 9C0C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924902158651
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924902158651
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 28 Apr 2023 13:45:38 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924902158651
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
simage2.pubmatic.com/AdServer/ Frame 037B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:37 GMT
expires
Fri, 28 Apr 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1051899
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 868A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2592218978760150537
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2592218978760150537
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2592218978760150537
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame BE1A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 28 Apr 2023 13:45:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 287A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 28 Apr 2023 13:45:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W5HC9A00QQQYJA7HFGKF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 28 Apr 2023 13:45:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q18718K7VJHG50RB47PF
Pug
simage2.pubmatic.com/AdServer/ Frame FF62
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1964985283929887858&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1964985283929887858&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
dbf4a680-b93c-4931-83b4-33c234223c02
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Apr 2023 13:45:38 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1964985283929887858&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1CAB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7227096539328018578&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7227096539328018578&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 28 Apr 2023 13:45:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7227096539328018578&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame AE07
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zKtlTCigX41X3G8JA6eoELnVm6Y&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zKtlTCigX41X3G8JA6eoELnVm6Y&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Apr 2023 13:45:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zKtlTCigX41X3G8JA6eoELnVm6Y&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E29B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFITk5FN0lsNXdBQUNJVFoyRWtoUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHNNE7Il5wAACITZ2EkhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAHNNE7Il5wAACITZ2EkhQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHNNE7Il5wAACITZ2EkhQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=9108829653269371145&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHNNE7Il5wAACITZ2EkhQ&gdpr=0&gdpr_consent=
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHNNE7Il5wAACITZ2EkhQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 28 Apr 2023 13:45:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHNNE7Il5wAACITZ2EkhQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6955
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l_-Co6w_Rme1luVM9s3LzQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=127117
accept-ranges
bytes
content-length
5554
expires
Sun, 30 Apr 2023 01:04:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 6955 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.133.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-133-203.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.46
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 6955
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4117176533
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
via
1.1 google
last-modified
Fri, 28 Apr 2023 13:45:39 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
date
Fri, 28 Apr 2023 13:45:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
dmp.adform.net/serving/cookie/match/ Frame 6955
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjRpVmRMRDlUY0RUOXllbjAwQmJpdUdrZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 6955
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTdGRjgyQTMtQUMzRi00NjY3LUI1OTYtRTU0Q0Y2Q0RDQkNE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6955
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENAcRXxeBaq0a0alHZKSsbg&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENAcRXxeBaq0a0alHZKSsbg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENAcRXxeBaq0a0alHZKSsbg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6955 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 27 Apr 2023 13:45:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6955
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3752914814332197283
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3752914814332197283
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3752914814332197283
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 6955 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 6955
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cnqoF_RE2uW4.9FKQ_dan5KF6HC3vwc-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cnqoF_RE2uW4.9FKQ_dan5KF6HC3vwc-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cnqoF_RE2uW4.9FKQ_dan5KF6HC3vwc-~A&gdpr=0
date
Fri, 28 Apr 2023 13:45:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6955 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/97FF82A3-AC3F-4667-B596-E54CF6CDCBCD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:5e70:3935:160a:9425 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 6955
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e616cc88-289f-47ae-8ad7-41f6bb07ae17&ssp=pubmatic&expires=30&user_group=5&bsw_param=293c98d6-19f7-4952-9174-80bcb6249ac2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=&gdpr_consent=&gdpr_pd=
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6955 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6955 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
css
fonts.googleapis.com/ 		2 KB
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 13:33:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Apr 2023 13:45:38 GMT
260762_426x240.jpg
video.jixie.media/1020/260762/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.jixie.media/1020/260762/260762_426x240.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.23 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
8516e0afcb0600974ce6ec6444efea1518b957fe79a0c91a572ed2527df6ffda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

nginx-hit
1
date
Fri, 28 Apr 2023 13:45:41 GMT
via
EA-SGP-EDGE1-CACHE1[8],EA-SGP-EDGE1-CACHE3[0,TCP_HIT,7],EA-SGP-GLOBAL1-CACHE15[20],EA-SGP-GLOBAL1-CACHE22[0,TCP_HIT,20]
x-ccdn-cachettl
2592000
age
2373858
cloudservicediscount
CDN
x-obs-request-id
000001872DA85C419815F15D9AC5693C
content-disposition
attachment
x-obs-meta-s3cmd-attrs
atime:1677657127/ctime:1677657126/gid:1000/gname:ubuntu/md5:3bcd447705a92f5077e02db86395b8a4/mode:33204/mtime:1677657126/uid:1000/uname:ubuntu
content-length
17599
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSw9jWklwxw2KPwmJd0ufDBX6T6KUcAk
last-modified
Wed, 01 Mar 2023 07:52:07 GMT
server
openresty
etag
"3bcd447705a92f5077e02db86395b8a4"
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
x-ccdn-expires
218142
accept-ranges
bytes
x-hcs-proxy-type
1
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600|Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
545723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:10:15 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://health.grid.id
date
Fri, 28 Apr 2023 13:45:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
truncated
/ Frame BB45 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3cb26cf3f96f84c1ee6cc1abb3c84798e8618313f4371ff3d76ce6b5b4aff6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0A3B 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/OSM/osm-desktop-grid.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2aae7aab0d95de1b9315ce8b1d01ba1366cbf4be59751ca43f7cc08d1703707e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24783
x-xss-protection
0
server
cafe
etag
569 / 19475 / 31074188 / config-hash: 15614866056795520360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:38 GMT
rum
dsum-sec.casalemedia.com/ Frame CCC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNXW3y620DHdvKrmR6t8A436XgF-2PAW_QM5ESO5VYDzNEXMGAsjkE-lv0Apyo6bwbHAAP1iv-nCU_mhQV4U_QeJBsieGE6O7P5QLX1LGK9EQixbfCLxfAM4g1UCwskDf8hI6MKqpOtCBYF7D3RlgE-rIL9K7e0J8PYkN2pE9HJuTZ3naOY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CCC6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNXW3y620DHdvKrmR6t8A436XgF-2PAW_QM5ESO5VYDzNEXMGAsjkE-lv0Apyo6bwbHAAP1iv-nCU_mhQV4U_QeJBsieGE6O7P5QLX1LGK9EQixbfCLxfAM4g1UCwskDf8hI6MKqpOtCBYF7D3RlgE-rIL9K7e0J8PYkN2pE9HJuTZ3naOY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CCC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNXW3y620DHdvKrmR6t8A436XgF-2PAW_QM5ESO5VYDzNEXMGAsjkE-lv0Apyo6bwbHAAP1iv-nCU_mhQV4U_QeJBsieGE6O7P5QLX1LGK9EQixbfCLxfAM4g1UCwskDf8hI6MKqpOtCBYF7D3RlgE-rIL9K7e0J8PYkN2pE9HJuTZ3naOY
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
90555675-7124-4bfc-a728-921ad358e036
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNXW3y620DHdvKrmR6t8A436XgF-2PAW_QM5ESO5VYDzNEXMGAsjkE-lv0Apyo6bwbHAAP1iv-nCU_mhQV4U_QeJBsieGE6O7P5QLX1LGK9EQixbfCLxfAM4g1UCwskDf8hI6MKqpOtCBYF7D3RlgE-rIL9K7e0J8PYkN2pE9HJuTZ3naOY
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d0e544fe-d528-4611-aa9d-cf8401b2ae28
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNWwsas_W6TEB0YwK4SGbIZnNEUYR1evEdAJx0Kg8JLO4KMftMJxTP5WD0pn5bMu3pO3A3y_BG_lkPwAE3_QhcjN6pG2aegyB9OTvJV7At7q9L65O1tBlCaO4xeiCl94DU_vIv2i3rSyWU7Kb6SnzLILhs0MEf-fo50H9q9ynIKvLTGGbfY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E25
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNWwsas_W6TEB0YwK4SGbIZnNEUYR1evEdAJx0Kg8JLO4KMftMJxTP5WD0pn5bMu3pO3A3y_BG_lkPwAE3_QhcjN6pG2aegyB9OTvJV7At7q9L65O1tBlCaO4xeiCl94DU_vIv2i3rSyWU7Kb6SnzLILhs0MEf-fo50H9q9ynIKvLTGGbfY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1E25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNWwsas_W6TEB0YwK4SGbIZnNEUYR1evEdAJx0Kg8JLO4KMftMJxTP5WD0pn5bMu3pO3A3y_BG_lkPwAE3_QhcjN6pG2aegyB9OTvJV7At7q9L65O1tBlCaO4xeiCl94DU_vIv2i3rSyWU7Kb6SnzLILhs0MEf-fo50H9q9ynIKvLTGGbfY
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
3dda4974-312e-44ae-8489-abadfe5b883b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1E25
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNWwsas_W6TEB0YwK4SGbIZnNEUYR1evEdAJx0Kg8JLO4KMftMJxTP5WD0pn5bMu3pO3A3y_BG_lkPwAE3_QhcjN6pG2aegyB9OTvJV7At7q9L65O1tBlCaO4xeiCl94DU_vIv2i3rSyWU7Kb6SnzLILhs0MEf-fo50H9q9ynIKvLTGGbfY
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
162ca807-c973-432e-93f9-b1bfa974163b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2EF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVuFe4TakF7JdcsTt7JdZOEPGJqD2o2Yk2cyK7Fw9snvTkq6u196OgRdsb5LHlFhETN-32MKy2c_H6rsERvxe8VsnImprOvGLj_LNQi2rz79l--5ScdSgspMaQbN0x-DM2yzk5_k8XDRYIUTl4EHDs8oZIuK8RPXnBTXIJPDibj5t_bXhs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2EF4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVuFe4TakF7JdcsTt7JdZOEPGJqD2o2Yk2cyK7Fw9snvTkq6u196OgRdsb5LHlFhETN-32MKy2c_H6rsERvxe8VsnImprOvGLj_LNQi2rz79l--5ScdSgspMaQbN0x-DM2yzk5_k8XDRYIUTl4EHDs8oZIuK8RPXnBTXIJPDibj5t_bXhs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2EF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVuFe4TakF7JdcsTt7JdZOEPGJqD2o2Yk2cyK7Fw9snvTkq6u196OgRdsb5LHlFhETN-32MKy2c_H6rsERvxe8VsnImprOvGLj_LNQi2rz79l--5ScdSgspMaQbN0x-DM2yzk5_k8XDRYIUTl4EHDs8oZIuK8RPXnBTXIJPDibj5t_bXhs
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
c901d1f1-f699-44cf-bee6-3cdd3e1ab3be
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2EF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVuFe4TakF7JdcsTt7JdZOEPGJqD2o2Yk2cyK7Fw9snvTkq6u196OgRdsb5LHlFhETN-32MKy2c_H6rsERvxe8VsnImprOvGLj_LNQi2rz79l--5ScdSgspMaQbN0x-DM2yzk5_k8XDRYIUTl4EHDs8oZIuK8RPXnBTXIJPDibj5t_bXhs
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9d038365-ea7e-4812-b3f8-d016c292ca2c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0E3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMY1c255gEwAQ&v=APEucNXrPQdUr7DPwdXYHmgn1mV1WfRG-6jo_aEwMBkzoxCA74XwNJYU1TdhmYruJ44gAx1Ca2yZl3HBq_ASjwiYbk9qHxBjGOYy5rH7tO4cfHxrHVJk_fiyuef9oJnmmXu5JLf3rypQRfgOY6jXIHDq5XrMlyymRzBirYaV_E9qz4KfQH0-JIc
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0E3F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMY1c255gEwAQ&v=APEucNXrPQdUr7DPwdXYHmgn1mV1WfRG-6jo_aEwMBkzoxCA74XwNJYU1TdhmYruJ44gAx1Ca2yZl3HBq_ASjwiYbk9qHxBjGOYy5rH7tO4cfHxrHVJk_fiyuef9oJnmmXu5JLf3rypQRfgOY6jXIHDq5XrMlyymRzBirYaV_E9qz4KfQH0-JIc
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0E3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMY1c255gEwAQ&v=APEucNXrPQdUr7DPwdXYHmgn1mV1WfRG-6jo_aEwMBkzoxCA74XwNJYU1TdhmYruJ44gAx1Ca2yZl3HBq_ASjwiYbk9qHxBjGOYy5rH7tO4cfHxrHVJk_fiyuef9oJnmmXu5JLf3rypQRfgOY6jXIHDq5XrMlyymRzBirYaV_E9qz4KfQH0-JIc
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
07f7946f-20c1-4e40-9982-ac47b2f11606
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E3F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMY1c255gEwAQ&v=APEucNXrPQdUr7DPwdXYHmgn1mV1WfRG-6jo_aEwMBkzoxCA74XwNJYU1TdhmYruJ44gAx1Ca2yZl3HBq_ASjwiYbk9qHxBjGOYy5rH7tO4cfHxrHVJk_fiyuef9oJnmmXu5JLf3rypQRfgOY6jXIHDq5XrMlyymRzBirYaV_E9qz4KfQH0-JIc
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8abacbb4-e5b8-4a8b-a649-70ad9481c9d9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A9DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNW0CbCldiPrT9SBnb3VYYwgB8Dw7zCmydoQFCLNzBXDAh70-8twoLfriLQRH-9njmVbtREjPqj4ldEibXzoXjNr6cdqNS3M20iouzOAwTmTBI4VbHod8Ehz6NTHycVGaLNmeUNGNim8R3iKak2srV4wpOtOyU4LQPN-LG7TCRcnvBXGTNw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A9DB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNW0CbCldiPrT9SBnb3VYYwgB8Dw7zCmydoQFCLNzBXDAh70-8twoLfriLQRH-9njmVbtREjPqj4ldEibXzoXjNr6cdqNS3M20iouzOAwTmTBI4VbHod8Ehz6NTHycVGaLNmeUNGNim8R3iKak2srV4wpOtOyU4LQPN-LG7TCRcnvBXGTNw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A9DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNW0CbCldiPrT9SBnb3VYYwgB8Dw7zCmydoQFCLNzBXDAh70-8twoLfriLQRH-9njmVbtREjPqj4ldEibXzoXjNr6cdqNS3M20iouzOAwTmTBI4VbHod8Ehz6NTHycVGaLNmeUNGNim8R3iKak2srV4wpOtOyU4LQPN-LG7TCRcnvBXGTNw
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
f270e84e-a037-4179-8cc9-a8177928a75f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A9DB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNW0CbCldiPrT9SBnb3VYYwgB8Dw7zCmydoQFCLNzBXDAh70-8twoLfriLQRH-9njmVbtREjPqj4ldEibXzoXjNr6cdqNS3M20iouzOAwTmTBI4VbHod8Ehz6NTHycVGaLNmeUNGNim8R3iKak2srV4wpOtOyU4LQPN-LG7TCRcnvBXGTNw
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
08487ad5-16ac-42f6-9311-302d0c2a19d7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj5n7XcATAB&v=APEucNUBh5TFyvh3Z-6QFFHFkK6mCAPPxlDlGJnbqiUzOC74RUuOlVgwAoTFjai7tP1YfHdMNsPwm5YkxAXZzVQ_Y2HZPBbNe923VwfcJF_wvoRnUUei891Yu8AClzPpOlxlNr4-Fpm-MlZbzhiap7Kkk9qpWKHBBXDKXeO_Qi00epN8UsVY1HM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC94
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj5n7XcATAB&v=APEucNUBh5TFyvh3Z-6QFFHFkK6mCAPPxlDlGJnbqiUzOC74RUuOlVgwAoTFjai7tP1YfHdMNsPwm5YkxAXZzVQ_Y2HZPBbNe923VwfcJF_wvoRnUUei891Yu8AClzPpOlxlNr4-Fpm-MlZbzhiap7Kkk9qpWKHBBXDKXeO_Qi00epN8UsVY1HM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DC94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj5n7XcATAB&v=APEucNUBh5TFyvh3Z-6QFFHFkK6mCAPPxlDlGJnbqiUzOC74RUuOlVgwAoTFjai7tP1YfHdMNsPwm5YkxAXZzVQ_Y2HZPBbNe923VwfcJF_wvoRnUUei891Yu8AClzPpOlxlNr4-Fpm-MlZbzhiap7Kkk9qpWKHBBXDKXeO_Qi00epN8UsVY1HM
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
9f330b6b-a334-4cff-b8fd-1a6cc8e7ebac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC94
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj5n7XcATAB&v=APEucNUBh5TFyvh3Z-6QFFHFkK6mCAPPxlDlGJnbqiUzOC74RUuOlVgwAoTFjai7tP1YfHdMNsPwm5YkxAXZzVQ_Y2HZPBbNe923VwfcJF_wvoRnUUei891Yu8AClzPpOlxlNr4-Fpm-MlZbzhiap7Kkk9qpWKHBBXDKXeO_Qi00epN8UsVY1HM
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cd832dd8-9e3c-4e07-a4c3-be9a91dd37ae
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 45BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARifrIPjATAB&v=APEucNUN3Mdj1fQfbnzpTJKwUbSiQBuz5_0e6QjeGOpKtDn85xXM7hYeOzcB_OOTYp7FUMKpt2lLXvPhDD4p4ElYzcnCyIf7NveFt89ub8_SLfFlERHa689VNUvMAqY2Yw0g0EAnvb-gl544_njVlS7hibjP-Xx9HlJIvaMRc7NMUbHnij78imU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 45BF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARifrIPjATAB&v=APEucNUN3Mdj1fQfbnzpTJKwUbSiQBuz5_0e6QjeGOpKtDn85xXM7hYeOzcB_OOTYp7FUMKpt2lLXvPhDD4p4ElYzcnCyIf7NveFt89ub8_SLfFlERHa689VNUvMAqY2Yw0g0EAnvb-gl544_njVlS7hibjP-Xx9HlJIvaMRc7NMUbHnij78imU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 45BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARifrIPjATAB&v=APEucNUN3Mdj1fQfbnzpTJKwUbSiQBuz5_0e6QjeGOpKtDn85xXM7hYeOzcB_OOTYp7FUMKpt2lLXvPhDD4p4ElYzcnCyIf7NveFt89ub8_SLfFlERHa689VNUvMAqY2Yw0g0EAnvb-gl544_njVlS7hibjP-Xx9HlJIvaMRc7NMUbHnij78imU
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
da7182f9-45df-405e-b11e-41f702ec48f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARifrIPjATAB&v=APEucNUN3Mdj1fQfbnzpTJKwUbSiQBuz5_0e6QjeGOpKtDn85xXM7hYeOzcB_OOTYp7FUMKpt2lLXvPhDD4p4ElYzcnCyIf7NveFt89ub8_SLfFlERHa689VNUvMAqY2Yw0g0EAnvb-gl544_njVlS7hibjP-Xx9HlJIvaMRc7NMUbHnij78imU
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
89ae2bad-20df-447a-9696-301f2fec06c6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCy718Y-Ovp5wEwAQ&v=APEucNWp4fEgJwQrfQbtpmAR_NKYiy-P6TD07oHy0nrY1kKk5K2bepkNiIdUD812KOHZjj6Jb_9ACQY8T4eLZol6XchSTo_NhmtZfWThf0Wffdsn6inbQ4WijF64xReastiS6a1QYtbOx_HiuUR5UAg94NuxUBNdVlGkPFBIbm5ORqNtCXeRceI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F643
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEvOAoxSpiB3FQ.f2VeMywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCy718Y-Ovp5wEwAQ&v=APEucNWp4fEgJwQrfQbtpmAR_NKYiy-P6TD07oHy0nrY1kKk5K2bepkNiIdUD812KOHZjj6Jb_9ACQY8T4eLZol6XchSTo_NhmtZfWThf0Wffdsn6inbQ4WijF64xReastiS6a1QYtbOx_HiuUR5UAg94NuxUBNdVlGkPFBIbm5ORqNtCXeRceI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEmFLH5wORAFwEVuWjI0aH8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCy718Y-Ovp5wEwAQ&v=APEucNWp4fEgJwQrfQbtpmAR_NKYiy-P6TD07oHy0nrY1kKk5K2bepkNiIdUD812KOHZjj6Jb_9ACQY8T4eLZol6XchSTo_NhmtZfWThf0Wffdsn6inbQ4WijF64xReastiS6a1QYtbOx_HiuUR5UAg94NuxUBNdVlGkPFBIbm5ORqNtCXeRceI
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:39 GMT
AN-X-Request-Uuid
f806c4f1-3364-4935-83e2-94fea8c36307
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIbIaq3wG724Wg_aAgJmERk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F643
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCy718Y-Ovp5wEwAQ&v=APEucNWp4fEgJwQrfQbtpmAR_NKYiy-P6TD07oHy0nrY1kKk5K2bepkNiIdUD812KOHZjj6Jb_9ACQY8T4eLZol6XchSTo_NhmtZfWThf0Wffdsn6inbQ4WijF64xReastiS6a1QYtbOx_HiuUR5UAg94NuxUBNdVlGkPFBIbm5ORqNtCXeRceI
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0725a4f2-45b3-4ebd-82bb-082922523be3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk2NDk4NTI4MzkyOTg4Nzg1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 80F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyOL61UUuQAfdWRZX7VIOA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyOL61UUuQAfdWRZX7VIOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNUHv0r2fcyDZENLq-Av1VdXLaYkU5p984CtZ9-apcqEKExoJq0Y6YG_BuegJGv_laUt0baic1H1gXYtZ20DkPZKtemDPAgxg8bt97vKIYObwZkMBGJqsa2G57McCm4ngVUSPG3UoU_ZMyWsVQ1jcK-73aE9SEzIp72ACMcG0DdFmhD4Cdg
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyOL61UUuQAfdWRZX7VIOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 80F9 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNUHv0r2fcyDZENLq-Av1VdXLaYkU5p984CtZ9-apcqEKExoJq0Y6YG_BuegJGv_laUt0baic1H1gXYtZ20DkPZKtemDPAgxg8bt97vKIYObwZkMBGJqsa2G57McCm4ngVUSPG3UoU_ZMyWsVQ1jcK-73aE9SEzIp72ACMcG0DdFmhD4Cdg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 80F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECipZo41pE2YsFfXUbTP_Rw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECipZo41pE2YsFfXUbTP_Rw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNUHv0r2fcyDZENLq-Av1VdXLaYkU5p984CtZ9-apcqEKExoJq0Y6YG_BuegJGv_laUt0baic1H1gXYtZ20DkPZKtemDPAgxg8bt97vKIYObwZkMBGJqsa2G57McCm4ngVUSPG3UoU_ZMyWsVQ1jcK-73aE9SEzIp72ACMcG0DdFmhD4Cdg
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Fri, 28 Apr 2023 13:45:39 GMT
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECipZo41pE2YsFfXUbTP_Rw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 80F9 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiKp4PjATAB&v=APEucNUHv0r2fcyDZENLq-Av1VdXLaYkU5p984CtZ9-apcqEKExoJq0Y6YG_BuegJGv_laUt0baic1H1gXYtZ20DkPZKtemDPAgxg8bt97vKIYObwZkMBGJqsa2G57McCm4ngVUSPG3UoU_ZMyWsVQ1jcK-73aE9SEzIp72ACMcG0DdFmhD4Cdg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Fri, 28 Apr 2023 13:45:39 GMT
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
track
st.pubmatic.com/ Frame 1619 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156479&s=758930&a=3607641&ts=1682689539&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
231.json
id5-sync.com/g/v2/ 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
3ab37db23e8db8ffdfd3daf6a403d1a8a4a4aad438fc379a72bfa4aa18507ad6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://health.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://health.grid.id
date
Fri, 28 Apr 2023 13:45:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
545724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:10:15 GMT
inline_image_previewjpg-20210920013139.jpg
asset-a.grid.id/photo/2021/09/20/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/photo/2021/09/20/inline_image_previewjpg-20210920013139.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-91.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2420eb3c442320b1f958bd28fea988c51332a5c80dda35aea85427148420c67f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 01:21:33 GMT
x-amz-version-id
AslGzyKKlU9UTVlWd5Eqw3nEIAmunuoV
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Mon, 20 Sep 2021 06:31:40 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
age
131046
etag
"8f75f061e337f4d43aff1f6bc6fedbb4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16090
x-amz-cf-id
DyRkUVcEGDB30AGgg0lQDEIRavWbr2fq4faUdCz5-e2sQCYWS18jYw==
expires
Fri, 26 Apr 2024 01:21:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1374675650075&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1374675650075&version=m202301230201&ct=77&x=1&cor=4042712434472144400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 69F4 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU3oRBbZHChm_wY23HpnuMSfIACnZ73Lvm5DNdNRamFuGpvg59mURdlQGzRjeMvJmQojMaL2aJ94Qf23QEJ-tNOfHgD6cMMXdv8BXYnpiTTLqVCqzwk2Zg3EmqFBSshLPL0-_HLxXrCzdtNXVYHkfVgkiVVuzlCoAZW7-dUz5vvPJdZnc&cry=1&dbm_d=AKAmf-BzSwuVpamvFpM9hwdcNIclUhWX1Bu6a-Q4YjcA6lAh2cy48Idm3LXXAqyfWUZPXi34M23QoJ0bcEHQRcDKmWrUXuFVDpcJaJuZP5Y13FMYj-EjrSPaSMVaVYFWfA3kvHcomADe17z9VC6VFCDO8MaY8WO7ZmvSQu16_0ZShRiPQYjmRtlnTeIcnwXdoNJgRJ27pR_cg5YqqfZkh7KoA0g8UjbTHvezrEZhT7Crt8LA_TRwdilg9X6PHk_FgnE4g9plDhBZ8saYEE-FkDlOwAhw9sFWw522Z8f9ikftfWy0_ENrvQFmGeiCOv83aiDBkOUbC68Tux1lDo4QtU1ixfWMoUCCGuQJRuRFIzTJ2EJXa8tAJOYMD80nubuIhZntiqsnS1g4IgvI77FjA-iDOzm96tgjw25jUck-f-Eaax9n8Hij4QINvB6TwVLCFwHCx4tTdYs28S84qKePhfuop6S1CeMUhhS68ZAjhqxMiNDYwX9uvewd1I1NUqzM-cHnhcJDssFjebigOw0rl8Cvyc88Nkr0sH-bd1cF0gcDrBTXx7KELR5m8engmbJDZO1-TI3wm58KznVEful-PmDHhZFFG73L_ob4WoogAgm-FizL8KDnexuSbZBfWUoUWXPKy2eUhgn0qeeIBXXQOBnJ0XkvfMIQEt_7r18ACZykvqP4-iOWTlEyHSF5BIKQ83rbGLqjwHXuzQPfEjCnUsajtQBNEUnqoBzaSIGILaUA7PVOy5LpRB-cpdV1mug6LIlARPHU1NN0_HDAmAnl3RuYMSS1Gi1EdyV4PuAFhfUzzClGeLX6QMJeM-LbPvk_TQewOa3R86LAm9f-xky4G2IKd4EQp3uUs_MLP4YnQxakYLHFjqcoabDLw1C1XjYTYGMt8c1zwmJWSuT91RKhgsD_NzKsF3kFdoeYz043GihCeIrcWQNp45FAqIsj1BpGYmjcT84EXuMYfptDM968H6V3uMWH66ym6JmPZRYOwKcxxQQaAOtsgjko5tsdTbWmUWLoQFIB1wBOvPmbF9iKqag6bZ8tUl-2GHuwM3upK8yioqFq24MWXsQjMn_7XCOi4ie2HZe_zUwzJly2lBh79UFk0wQIc555A1Jp9DeOBdeyT0ER8fYqEaQY-yn1RE8jgkNafvDAeX-DVnhd6XQdQIzuyMcvuLHjqBKHN81OseXni-HcelR8eSO32p7ys0yv5CyiSi5HcbEl8sQif6dd9jTnBlnn4yWMu-W-I_aTYUD4G6-3OY9gwB7GnX_DjCl2_tmyKG9v967YTBqk5ha6z5VnY0QvFtymlSEYeTrF24cM8UAqCzpJtzcuoFBOGxHQmPxUPz0vDhl7DDEpefqBwLGhfPeOscQKwHGfcVd1i4hM6Mbg_FulHUUDFj7d4ikDSg9yw8Q_s7xB7wp_NngRfR0RZgJLRoO-slrKfEa620cRjfelJHyV8Lv77XGu4WD7sQ0jvXs6iNESX2f-CZgkaPIRXfvsfNMVD1mfXhlzB0ec48xO_JE5D-WzmKjhKZuc8vZHhQiyBDIZXmW1sGUK05UkQp8CpDq5-VlNnCij9ZPOKVY6jganKjMtskwVFMoobrBPm3zVfvXZXyA449gzGX0n4mBOnQw7TVPL5xBMSdCjMzbsmWuzRJnf4x-KZadkCPFjEv5GkBwqDPaabvgfMIBBVszdi0Zls_dOG4xvrwpxCvUvBWxIdlRMNQu98Z0moR2iwLu7PM-B1qneeMBQYBwQ-UuVWIQx6StdZBjkb6W6ZsRmb7ip1wGVCd4gDEiqNGX5yP4RLeiA_Pxg5QKhJ-4mpfqgJGHKpGLDwUAk_vCpyuL6XqDmZAJTG3R2b5YXAXHbP_g5NfvVjF4CwnEXabIuhbrnXCFsNu25eOkPBYI6UTtylGyEDzLHAXcuXDm44Dxt6nAX2T4HkTtcPGYMEdZ1Cfpspq7gWfo5XJd-abl0Cv7fm5v5LN_GaWPm53_4VH1Gvzabg-UalzLQRed76T18v8AQQd29ac398QCtgFZEa8i_piCZ34elRoC6PVoO5WGYECUkzl7UW4Cw3bbBubF4rtzGVMlf2QwNtAEsLvKjBminqnV8sv7UlTr3jLryUw5Bs_6_M87BglO0-K4V2s_z2F_-muPjK3NDqeRxxewxbSz9PGEagkhn-9nliJsvFghkYvHp0ZwnmXbbQAeKVQsza9b9y1-X9xdVmdLIPuOKuS1TWQzbYefZr_ClHDAaW5c1OkYrVMptZqAqt9b2gfjnRRAvS2WWfD7Z7gEmccOWBGylVBDevH8vAoyJxXJnOjlHesmVYnTWwTFefL7l1giDg-pqzpopt_dNX7eY2CTDaX-KobLE2oIJ4-PU9OZBowLc6w7WUaqdRMoP4-Ra6JJwM91ghCOhPWlNzhW7EjGTjdO8CwkyMvhoD3y-In28whNYHN2Z2kU5dPmI0Q9xhh0dHO7Ql5Bb7WY1_gwuJq6E3cNPcpop7UiDmaLsicMHDBeBB3TiDVohqgguWQqPEaAHZkTBBJ0e7KN9MfQPK6t0oiGGYOiOUTbVw1NTZ95ljxPAQZNfn9ynxaHt5YX6NKw9qz0ry6hRUmJw1wiwO-BKu0zjg4wjXc1CvMyziAVp_3IV2gzfjmgdcEz6i77r1w6CieAQ_HYbupVfXeABdjPe_Nt9oFcK_FhctXvS5lNQ31_djNjF3k-oloc-BvTfziz6mbkGe5hCCKlYeh7dqPbxC6ZvrUc7om3MqGxzRhrFj4DnYShloxN-kQtWPucLtVO0Qq8_Lmek0l5HRD_4JRkX4zi6i60s39QNYph1cEGTsfMVm5px1LxQKofwViDhG4I-H4WMIAZfoQH_hvZiySCcVp-HNWO6PdZS57LTom8Q0I4-bk9AaPcRkpv9rzUPrdOFQ3ZTv5_RkceAmp6DFboeWG3pA0mNzCN4Zm5GNkbsaDMci9yrzpLC31YEzalCFaRD1-qHyN329kb7Theu5MDNvuMCBUL9mI32ah7euJwbvhiJ-W0XaDG56TSGH76WhQTJzzuqxRBqAUtpw90rG3MjLN2AlXoPBKNLwpQMxqWAEwnbVEsFpd83hNnfZiMxTYjxMe_2cXCGYY9-BpP7lf6fRD_WpxNmVFkznZgk6yrxrqLdgdUoMamgbY7zrb3XaMheRukHOVa6Axu4K_SSNAWJYQ86wb35OvTuBGnKNgzH15U0hgsJ6jzYMYLGEUJ-ZPl908qji_Svb6qypsL4oxDe3gtuBTWfhBB944CFElf7qgDvFkLYGeDwT6Ohz8_5qs7qBDjnLV8uILEhEVVn8PzVRtXEU8J_d5eXKzQ_F7RaqVriUdVZy5t0a1wgmOEAo71q2CM61p6hxICFOS3j9hQNsb3cDhljnVfE3qr09i0rPqDTua8zLsn2c8dMRB1A08PJ1v6ixyCDx0_mih7Lk6jYKHfkKPXFiHOVnOP0N94J2k8-CwzZJ8ZM8W2hqC6g4eTh9lu7jpRCSIPukGXilfQRtzCawQHEz80H4RQQabmzyIj75xs2G0yoeKJLpehcbck19Cumc62tj88YdoVs2WQnNpT0nUrrCYMbTVsQE35rIWFtuIjGAUTU&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=4042712434472144400&adk=943508955&idt=225&cac=0&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc13921a91dafac60dd05306b23424c5d618b5e3b1a2c5894ef71864a879d575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16931
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FBF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6334816612877&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FBF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6334816612877&version=m202301230201&ct=76&x=1&cor=11531820878333293000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8FBF 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CO02-6NvbIdROsc10UJBJDg1_E_dttED2K3XRqfUbhic-nfU1dADVh9mxPuIZTifONd5gMIGKqMcZpYPF0u-a56SlDp9bWh6TAVqw1Stkw8YTKR2hhsck-O8AzYqCp0QzwIIw0uWgcF_08Yrdyz5_WN-ZAFXsM3RDOJn-V2aufgXPZUuQ&dbm_d=AKAmf-CicySAJhdyblkCdRnl2-8q-e1ZrhaUGKz4lY2_iN5wGbDOwpEaWqxFOT4TCtXeRtgLe905QyY9wD5sn1hAC2BOgwJ6TUYM77YuJLf71wwjroQGFQLn9EfJ-KbQmBkG192C_zyqOi6wM5BcIsa0WwrJI01CnPpu2tk6C1oWGSz6l0Q05KAqpy_edkkyEcgiz5Y7NADjrGZYIFW7nKqavKFt52YuQOGZuCTy6lO_DXNhZWGr1I77h4gQ8UdTz5Twz3jEAIiSf3dm54xUTPmBmDupk22ylQoGGqJwFZWhLUuqZmUd6kLNx27xZg0MMXRza9yIzcFg_2fkg-pw4QeJtwxBnDKiKgHnRCYrsHIjfeo24k6uMuvd5JCTAJWd7Xlze4TbL4_RIUdNoYcVRAcQMwo-H5P4-B_4ZXTOraooblD3-Ynn6-MK-2YqNBLEF_H5rcEMnUWFbgTnGBQLhE3QaEvp01208k7ArspECI1rfcyGxyk2TyAM3bOu_Pptip1MqV6XJ0kkT6UDLy5QUB4-NK2ZMIt-r7MSN72HrGZaKCV7UzKcR_Ws2IZtexHETKQzTHnbx6pOfyD2-h-0E1fmiBTL5i0Q-JHYbKjLvb4-0BzsbXeBZ8z8FmOpt5iIfaLAZZ1mUsbzabva7fwU5gaT5tIuSsJY9EVdyRZd9evAYoj65nT4ZgeFERTMXCI0tZ3UVi4KqXE2M4uv0R8WRaEUiUcdmF86AT_76Uz6zm2-aSR79i7xvjHWkNfO1JPm3eTq1tqjLL2JxIfjcoOjm0k8XG7M6eEKR0OB0cc49Kq-Kx0BVe3kD6U9YiDyHlIiwRg9LBeOWJJvRMndQCXMlf-zci2RtydV3GKAK1L_zfus2Kolo56rLPm8tkrIXtc81swD5Ky908REROk9Diox8s-WX7Fuy7DrBVBH4jZjBDNXUp5kYBcokkxLCWGvc1pstptYdPOhE2Iv1XAPw-LgPJwamHMvJctgoeLby3iNlqB2eNK7PTsKoJIsPMN-CFqgteSO_SA4o6WYIBXU6ixKcKeGHJg2f60NtGK_u6vdAa3WzlTljmo5lHcOBX-qMOpUaTEXnlx_IC30bRBfDzuG5NMRi-a44yn99ysx0cSsmDzqQAx_PE-QwbjVnlMhj1FkcD9FEF-l9fJcbNN8L15A5gUUZntWSjkqvqJKGX9qWzDNDLBQtFffUQxxznO21CiFGi4mUpNBuAJyRjAX45iyFCJxmrkTjB_HRLvWYYK0iSINxefDKIQfw_OPGaRw14LC-0k6e3yUNgi5N_42cuuJO9lURiZ_Z4RPB66CwuHqMd6BSias9R31dzvc6fzHlEzJ5KRZgZ96pguy_uXewdhIQz7heImjbqRaIPQbW5cBjSOGpQd1dgpe6_eUjt4P48LzcZwo-v0yF2XptBQsNRRjZrgsDkA1UU3iFtYca3k0kBhKKekad0gVJHZhvBWtE5Wdobxuh-zZNsiYWOTKISrFXXbAoSZn4yZL-HskbdTVZwgXqCUUpFJKntMjG2TQifq_Hj_vhkOWx_aS7fmeBTvom5uLoBq_rD5UFFepfnBxzKLBTex7ixmjklB2CKwdr_uKmB0oF7ID21yqh7HoQeFLDdo48KPo9ubR-9XJKxNN8ZEAgU2joeorcrV-bUCnthOpowzO3ZnoSC2ch1NjYS9XOdsalIrletZi_I_KHaRE8ySQdTEopOzfTfCqhA4MDfLm6KZyTMk8555CF9Ko_YRIwGqKVe4yoHho_doMOn8fWy_v_QGht57BHzp0CZHaVt95bKI9Bol6u6e7EVRijX-X1zF74ic3iO9HpdYr09jojQ713uahI-l1e115y8E_eo0kDRNl1eK2SkREoR4EckXui-OT1h0FRqTDdau1T_rfzIsyrkiqUQ1l7KW32P_6qCtJr_J7wlDDKjuR2Z-Ho8tjTpia96rHcuakd1Up4In0ClW3cMmjQTN4P7w5X0OnGX-eS8OQoCuyz_sv6vPkKdKiwUtV2TzrtG1Ka38AI9QhQ6wadHWuATOnt5YQbbA407VzPpYqXxiu557TAWOKR1HdMfwmNZvYhBpckhioDRcamxkRrhIfmpnq7RoOFaS-7NKKlOg9OaWqfyA7oKkou3ObGcCk2W3a_bk23PKHei3PzVbXJNcOVP1Sy6HyT086H5WRD4JRvBOyZ4VGvEpeXP7_LIVLp3W934LgLByg4sKwDFHIb53mDHggVX1vHtt9Z5Du3-t1_82Z7wBSnkMw15lPewxTmkMsg3mC-rdkee2jAM4-Juo2feSjcCBm7_NP1SnMZVOKz3gQ22ryHc-7r_fnwE9RE0kj2-ymfBpn5jPa6UulHnm9Kde3KRbYDXTrG_089L7vacXyLgaXgdhk__bmN4uIPQdBrjCYumAwKRcgCjO2-5jdVz30Heh9nkedpeS4wbYN08FhXP1374mqpCFinBCzoEuJ6cMIxe8LFUBaV3ouRBabKVqxlxJLoR6Mxz7imcfTNlT2XAlWgot9IwAaqAgTJNYKF_37g5Z8QZyOs_29QK7fsZtjsUk6ZAohxn_84zsPbW14krjiAi3rRx14fdFJKzTEZmLJmWnjOgCAhS4neKbpTJ8QBmBNtoJ7VXSHG4mMjDBcI6XcAWeqIWAHNEZHJJHRuxaJrd0Bav3fICYOHT4ZXG7ppMRKrvU7faCB4nkeqp1Scn9mUkYDU-gv6m4OKE_BaAeh0QvO-J5WRVchCz44RSCg6iUGl23GQlisDh9Pjq7koSC14lW4QtNjbB0oI35FI-YnSYSA3jcUNYq0lIimjvAB5t_4AM4ohSIKIt8nRZwDifas_F5MTGzGnQ4PtbfI21IFsJYxZSnEMC-NoQCwO1cqdXx_wXIV1jF8caklf3lYDVJcHcSl0DXlfP8FdnPY7_0G3m3wyck21Q_LUSIE7fo4J0XHK3oMPkv1EIj3jDjF2abzZZEFUK795S6fRfUzbsIpDHgedcUy9Rfv1RGsBOS5PNshb5dcebaWQoWjfxdQ5GNsaGQykvGiCM3hvl37NIwKzNRs6LER9znSKx73luA7DaV7KSUjHGPdB0tSEkgzFet5pzf8xHKGO9VP0hPxD_I9SeIL4Vzav_mEpfeQxNhzzPkcxAQXQfHLVQfOhd87rSrEBc39aeOfGfzpW0rLqKgr--mt-QaFrDREMxaoJC1r6aYo4wY1ZOaTAeDpEZurOicZe7s52-FLOUoDUDIOL7ibSu32kio9zktPus4vsN9ewVWXMyf-3kS2SD683EeRVJOH-CbCS8sU8yif-BqD5MNqG686jIbLcS2FjpYubtWgQBFG_Hr-FCBCVaPFc3fAsi7vjwEP3Ca7VdzeirzVu4kWGk7j66QOI_loGHnWVv4dEmjYVdneUk9eApnsmIFUYvQkOuIcrfkYhxP4vqX1V9AhbNUd56FVJ-vH6bDoev-FnE9CODuORw7UbyHKZLw5hzzlo-Mpt8DC_bkK6Z9DXh98O0Xqrn8HSXxFzzFExx7WZQKChjMKYYEhInvvV9tf30zx4xAPKe2iv-EHOAKJo7fW5A2xBUENdq_oqSBrdWvvNIuqsXf1MP2ZYXgp6aM8_fjgDDfVsKM2Cmo56lLAkxrcqbXjM87LGz3IEuAfuObNdixCKdu_LHPzxZqtz8zqZlZURqh--NF7UnflPBnfZnwbGkhfIX0cmPT2KRdyTJMrdBQKHXBRdyjrx4d7tEDrS6dJ&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=11531820878333293000&adk=3944675600&idt=230&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb5d420d66b3bf0663f906da9469bed70b9b149c849ecde277988801eadefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36731
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A864 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8224572732818&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A864 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8224572732818&version=m202301230201&ct=76&x=1&cor=13957174342427460000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A864 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKo3M0LYnPzslVHxlmWyfzEIMJhT82cWxhTICZ55QasCPLJcGjyhkBKF3S0YF12FDmLqfXA8M6QtqZ3iOSk3x5TzXtd_VofWpxWfyBuWqK1f_EdM0&cry=1&dbm_d=AKAmf-CPfnNO0wYT9W7A0OLe0V28qlxKvDYhTJYXxqpqNVO-DAPOhXRHcICyFnWyHJLcybZ8ovMTUP8O_wpMHnK1-mbx85ri8JMdmrdscnbl9Y9GLL7tyJBqhHVff9bDzENcuytClpfNPo35BeJh-gWQWgtN3lWkdR5rwcEJh3--kN0BwVHxkfv2kel9R5Ysglq2xCakX_wnqaPxOD8FolhCpwhoxGTvaUvxARrpxl2Z7Fgwa13xA5ugh967-1jMELG_aB6jtKV7NiGe7_5ufY90DjAlUBRT4GeN1vfEkmAJBogUXe5XawE9qP3W3Q7hTr5vgIQFvWkqAzc04ujtp26vpqOq2LczNg76pwHDjYmGNtu5OnvsadVWSRO75LtCtvnGy3MdgYa_QRiUeB9YylR2zENJ8goqPgN_f4hIDDDuXdz-upHTAL148A5DJBSb-8n95_LWUWLWjD5ev1vJHY_h6S6u-Imxb_6XuQum4FKGAz8nnS2pmqb4AalJc1KgvSA-8a9lVdWQLkT_1Xij-dZ7EhzCY47tezy5MWnVWTZaCZAjDqr_XOt05ubxu4rd6ubo-14B0o_OzG7kPQHKJQV1nc8wxtyb7di4Izr54-Cm4uabt01N8qSZB3ZIkzYg9syy_Tlbbeg1dzYbZ4dpFdXiGMMMZ5BI5AsWBfGrduydXwU5Wzi9aLzcKO1G6r2crRWOF3stru1ul2mH10vP-lOb3txaVz38PvbrLcdlJ6SVfgGJm6fkS_KoaqvKkxb1eupXuc53v_nUxX0KM05kir1A2VHGGz4JlwG__8g_2-vxUxSeVbqsQ7ePB9gqmOvVBEfgwu8-f2LU6ZNSVnTrfEonvdw6zm95PqfxrLUOoi-rcnRJcQp_PRn8xQWob9-1OILskCmRV6260RPAc0HZYGsaQrTqlGf03DDdbgjUKsVp3Wp36ftURslfry5oNDz6bPOZdL299m_oujr0ISAcEKewcxWWG52AqCd5WYLLN35XVcSUAPRPctn5rsHmlrl34GH3eDhAO9uVDd7pRW_GoHa0Um49KkTQAoOypNQg3CWwc0nG1iyk0wXjCuccBiuKPzxGpqH_yak1ZOhUnh6-15jupGY2ibcWSTg82bkaEiBOu45SBee-kzhT1Gf1Cr4j4E2jCyfrMhzFuneYPXNhpuEuOXVLAkN4bYrSwP3mhehhjxme3hutpvRu2sbcwDHq1FMg8yM7m16yc_atthOVesWNnYNRuOwL0vML6DmiO8xnZ5NcYCsJNw5ItaehXP3ZiVxT1DkOT_7p0SqzXfI9YCgFw1CC1kHnt1s7FD4_yRjGkzcmnCSLb3Wdt8yPjSClMA_4GxExpAvkGMGgGKCJIc6ghBs0YE1OXyqZIBjeNLU-dzvHg2YMSWs-SRBbj1aIGEuOlC20ToYJOiHlicE2ehUlvfbQUa3VPng6RFXgS4Nw6mseB51FaqM_YXfvS_8TIdxwZutZE8HSBMSo8ADd7T6LhmG9lLzWpixergIF0CHApMJFALcbkqFshuOR4cFChWvJX25kGrGmMLFXMRiCvH5FTT7JEdu-6RJNNxGBNNDzEuaqMJbR_PTJiw5SQuCcPbZGWeVFzgg28ohf08ZwaRlZcIYgCNm7fpM5Pa51kpWaFc8DXry6nz0vHF-Z2PM3CUU7bVoF_wB1uuAXU4oXjqQoQDfXvpfGsv0aX5FjY8GqSxkAOujcPppf20BU8S9DlF5EUD6GodbQrIXklD8TWGxVGKEizid0c-Xr0GTopNzuOMeWusQueqMqsylIRbTFDyaTImEBZBDf9rp8PAt5OZ-ybBVC32nT9qILWKCzxPdtniteZjmVxVQknN9CYdYTc6Vl4mmfPJQnsQQKW4hvy5siw1PNsgEDU8AyUlfcL037ZMab2DI_vTm-MblRg3psKDc2fNjLkBML8ejahnuMlfIq4r-8PAVCVW02jDne_NR9yQ8VVNJPJuWLTVAr1hMRtISbhVRtC_C0dxK31fNukaZFvhbisLLA41Pzr80kWVQyLst9ncsw-3FsrUsSx7jK7RvcEGBKgd8kOP1JWlc_1nizEMk6vGjJ9I_Q-mXIlIzbPzZFvYH__rT4rlSWww7Vas5Qz3_rsVrUEPuBKdrlTMMh8zfqBrKVkMAaSBMVDjosSgbg9_pzlKO3yWm-HhF1e5mGLc_CAGdr_WtS5iFYzcD83Afv72lE14nuoL51cYCD4wOlKbOOwblegkmh1FVKFCpf8GWmTmFtNQmiY8Vcr4adycdgXvvX5nV3uZuvOUibSoe2_Rh--dHz4FV_BObk-LyZ9bXGeNtgePmJi2dxZzgg9QRNWmLsZb90JLJ4735AxSYTcFogPt1aQBPvlJox66l75Q0KZ9NwziE-7_MjSzAC6PEKk8jGfWEH0jbyoIMCX4G2XX-WKaTD7cTcApUxBMcqAU5MAcUUv7_d8l3gBZZ1Q1CxtfLz1a-3ru_xdBOJveYyHpYn5IIH1NhR4TP5taj2JJjt40DqDwRv5U8gj8l-f-5WffNiDB0vh8pE_PpOhaErvykLbRZRCVxK8-E8x9rHQbiaXDWeJ2HUeZIsZzK4CD9wZF1UN3l0HawxnFri6plbAGpl1ykahEJqmF3rXgvQvf1YbDwRw8mi6NrRGZ1vKOVO03N4itPC7REJ_jXQ-SLnSmabWbZq1oV7CdvdceJ-uknDNE0Ay4PbtxlOstHUF7d6Bk2iDn_7P2LIGHKf5hLCDQHdXHFrgJ9pHLtjmwEQ7vhbKZ_vDUSPEOLAlINa1NWHm9LftVTtXMeHQBJltbP4LVnH5En8sviKHqBoJz2shwNzdcr1MklQsMQDmTmK9Tm33G0d0B5cThIoIPgC6zJ-1pOW5RcV5xgrEO0u8VZlsxx76P3z242pBGNkgtE0fHxdUxuuiU-rEjZzcAgDo8ABw0epX5F1F78OAPVoAscp6OdIbEm27HWO2fODDpt4O_WFdNww8GNjiPeiVcBcZKUV58H9R_H6nzpEwz_rvIMA203hgVUqNPVv6BWO952JdxS5Te6pmNkiqETRGFZn-l2b3ls2D4SENVHTBW6XiupJJRx0n1BKOEJ7NdU9lvcln2COnm4xwfCCDJBOU0cLQJlt-FWsfYtiqA_IO6yOZtI56cgZ8C9CkxciR7HUCW48HnL2szH9Cfs34d57YNKZ22ZDZ2YzwqiwVLnXMXi-ek-uoyH3ROyTkejRH6kcWS1ZtoDgIH5cqki9Rg4cgVkaJprIRLwHzlsN45U5mUaE1-wodWTn4aaW574SCSe7fNXg9yE_UybtsjCTIT4ZJNVgZLm-vJLcIaBWGpnKY8lfmdzi_wUmML4lnUMkVQLWnV89lNKM1uBGIwdlL67fSJok2da1d15nld69yIYyXGf8r2GuRuL37vkVBIUmx6qI05O_OO6HLvF4u6IsY1UxiLdhLthF_0T8yrXEnM1Pzv5MZzTF3Z9lmnygUsc0XFiY4BGQsQYd41qcVH4qg0A0gxIA-FhcTB_oV4_XrO0jIA_GUGUKUkdbT23hEI5hRg5lI8WMMvsH9uJV7R855kPTsOQ5I6vk2pgdG3xYoejuKcvBRTtkxJP4pmWBLp_fWBuQPjBnTXpbVzVzgw9TcdBo0U4mlAPpvN4u6gPPsshX35CYDCbdWhPXSfPYc8EJgqyMlrFEAkZrgSTx6yYHK53Z1gZxOM_a4vW2jXWTLqLO9zsO4mN3tzCaMUJlDWAUkffkCm-g_IcllZsrJ47yJJbsZiDswM6Ax7q8uWbRf8DWPKidlyi0ztwWtDthK-lx3l8HtUcj418Z2xzQ3CCfK_tHuQt1IQGFsKB9kFY1zpfuKnr6lCwlnwNeorv4Z5B_R_nsm6z6aPcFQNDH7Q&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=13957174342427460000&adk=2004672170&idt=211&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cffbea1b3aaf749587f19e7713d17192b691c887f68b94791e8ee337985d874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36776
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9972057466073&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9972057466073&version=m202301230201&ct=76&x=1&cor=9861339183145736000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6E0D 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D91vhUm-zg1vgLW8EAO_QvUF2lsb8ws66dbyNUXC1HC8IXUQpErLcGiww1Ukuj_P-wsjwPBi3jCuXM-T1bhZCbJ8fuyNS-4AUQW00swRlU_B4TLgdeYoSmStQgTo6HJYn2j2TQ5zlp17rweKRE_XJYi3VoyEIw7_CZ5Vi1_NeaEXULS40&dbm_d=AKAmf-AlCQB6Pr87RtfEGavuGUfK4j_lnKgT4WH12fyoGrLa7QlwLkhmx-p-84pt19UtlWoP0oJHnOemPGROaWY7eTbr-oxkO9xpcTuFTn5tMO_nj23vDSI2h6nYNsJ1CgjjLjQZvBp2z-zDa79O6R-vbGwBY1lQAV_BRpvdfCLcgbvj2cpuOMx4a_P8gd89LkJTdvCvZKtwufBHQSR4ZlTImMH1_gN0qZq_Se9gv54BIAzOLl4PAER_cYDD1fTbnG3SxgTYc_68iDIUMOtzgPJAaRvTLfXfrkud43xa1xysde5DeJlOCdwTrf2o7iwwa2GNJKfBwfAQc8qL9gE6hV6R2OM7AOTKTvnVvwKsdZFnONR6D7cFpIqJjBEOvIaZOeC4_AdUtBlEhibgHIvGZjalkQAVNPu7qXwYJ_6F3Ik1-bZRoM548sfYaGmNFBxd6VXgSEwQ0hiwilS5T3lUQ71Erkh2t2YDXltKCB0xt1Ke79ivII8NoT7SslL1f5V1uk8-Lhs2-C-2YBNl9v6XyrdTxh_38mYCYpJgxR2ptj94RIjupbNQJGYE8m0QbSoo9nfGcPLtLE2Ehhd6xk6OF5YWdmSvQNaQzxK9YfUZq18FqMq3pbY5fyLWBD91kjIKNlCSUa2mjTfw78O31UQY3gwh90l59yioBe9WU8Onje-RlJFVdzlcjubrEME6wRKTCcsQIctE27EgBHincbAOF7nRSQ6Jf3U9VAoaeth93O9-CeQ2gVADRsBdV4UatHSK3lZfmAKy7kKDMHQJ-rKE8QQRNPb_tw0t40_U2xb9RRVt-AxLD78jNhuDA0RewW20jU3Dvuh8xIWyB5CIQQvwFZGgE-BjCK0b53CSmKWHYrkZ7yXz153WHDFNP_QftpJrosaUQhcGCP-ojIcibYW3aJ5hmvJm1EXAT8vBBBTZ8g1j-fzOiLlc8Pntk_T3pKqhIjK5bJxEdjSO92w4fT5hJt3OabM8lVzCj2navawLAvr8aqqs3AUXIjyYh-mwg1Bracfadze05-yHiBWGywYbiBcRDmgyURYEXZMu7frZbX-Qg2c1QQWWfX4dQw2QdbhQKhPImIjWjP0suLXG89-YTiWW0dLjPSyLmB2tc3D29sGdZAy70__M0sPN_X4DZCGjZRM6AH2MCxNAWp2HvDyDgq0RPEgYsqcblserrWbK9aQSdm785M5eNd6ZLOb1yGUci52N0JfjIhAKNdQSoyY-AUY-pUgmg2Uydnhu4TlIXXIVvKZhMK_ipoZBOC-2R49utmtdpMEs-godqvgA_JgyyfvlKvT7jwCnmQzLFfwI--C5StoK1lGIyj5PrA83QJMgOFa_VCT6jvLRHDn2RnHmXRd6nSdY2EgnHpr2l3c39aEKb6tf-UGAbCAJOrizUgMLS7KSBCVZ_WtctoVImIfH4ClDeGrjLddcwSEyDEz9IHen6oxf68UB8NkD67LSqVhgpkabEyxDyy_tXja7K67Mr8A7EwI6ijN4v4UilyS-hqv53g_4PgGukWuNeA5Nd7VBmc0uPhGMxBXvTsZML8E-eD7Ig9gO7jcqhAF-F_oqJIl9lKZUWyS4_b06HELgi9JLhmdhx81jI2V7bocLiz7YRq2o1a8ScjL3JUrJsUuXbrmwGWSK7cHVFiwCWaMMscbImEKE3pKTu3h9QakEm_vIcCqJ-YfWbpD8DYI-sVeNIbtpg65l1SIPaabn7opjTr40BG57fDz5USR_fIfUtWkHrhvgTdGmwGVLGELmTCNTgdqnkg_AbjOmbOxxCCJlolP6jhQVYcwUvFJFmP16BYGPhvAyIiNGspNSCc7NiFVO7Rm-xdOHO2IbtgxOvdxNh6e8tRFs6RwAWjzihw_u6XSh-9i52qubn-T7Te0qz1kRHGgMJm_MVLA7KpeJOcdGQOhV7OHtpzp9CQ_GAlZOwfzcZP-fRufIcbuTdzuBSN8Gwi7upOJNRyJiU2WTItAvsoW4cNWZzzIyd7FRiZZ4DchAwyU3txIXNd7bZMd7ryKxlnQpkWrAo42a-vzfc-NEvj2df4WnRcWF0RMhb6wUs0uCpSf5lS4lH-b_-BUtAXYeWAKDQtDh2BOhBp_AtW-e1y6hsjeYJwBYHQwbUFdi5JYOPWypgJ6cSRbGPpUfPpI0Z2W7W4Ht9um4zg3HJZ8cqxkqAjA-l5ISXshDDI_BAyBMDiSQN-j7TbIV9Y36kGKivTSUAhQY86mHK3DrFrP-UaAhofR4_F9xA4wgVGhOho0vrQmtObtNOaRIKWz4iKS71cnWwk_jfcV2xUSjAZ_VK4CjuxajlkkrAhgcgsY9Nu55KoM2PuxBwR8GT9678Ip7ITv7caTPhFOqNTtBtPbImQNKfHAv0kj5VABd9NtFup0TqngUXZmzLxmcCu8UHKAm8kU64jd8Xr_Tui3neUIRyEkTNtuUynlA5ZwX1vj8I1vFIqobhQfa2v7K2jWaecDWggANsDPR3RdH2RJebrMZeP34jMAxsRWQdpt0zSlj0Wr33n5HsOmXR6IeqHIS8yMw4V8NYYk6hXGfu691ps5y_LzlsT5SZNSZFDHl5J7rGTMh91Pe9OJb5TVFxzXw5M_HCvWZwqQ1ZFT7skebCxzwYuSgtGodeGKejzYYSfeUZH-9Bb85hRMOSjYSWV-UeYP8EpJaXZ8y7qY2-5AiAs4FwFFgFp2GLiHq1470zrcB4GqIswvIX7n-v68C8uewbvDSJdLRvtmUKMzJyRla5eDuCnxVVs6wmNvxbvfpNuVI16n--pipwJ510TwEZAN-NVdLem0GHOqWgtYonRwQ33IGi92uIIpca8NIBNhTkts_35EQVCFvwD9omy_vqEDa5knPhhPK5G8ZcDYcf7HV1lClEpcNJu8DSBXnN9SArR4Zer_HS6BYG9EEemYzSFkMWW9l3Rjwx9K91ZpwyrvxZGYQO_IwX2MDeQNYLqqiKO0mcV8MgqtVDxLhFli5afPJ02QO9xu29rjszg9sN4JmAauHSvn9aybjzaJFeVdthND84-qhX-ju6O3ea59YZf8ZBAWj7vWsEvjHESJzeyODJlTLE64u5hG_pqIdgsIKAS3CaWsU1aJpAsPh35i9J5HGSVhqJNs88cTLI7_omGtEZQ8zR2ntH9_5m16Nupw0HjG9Qr2ECVa70hotmvP2_AXeniJ1LlaFJvydZYw67znT6j324DEzL9ezbff1vMuCKfawVPMxanOtaWF_g4ouJ2i9g9Sq64fpr3mjzdA27RmEOUCw4R5fFyq51gF8o_8s8OwgVZDOy0mQ7PU-I_xWPV2unWaQ4Q_sj-uy0eD2P4zQJYEJEEAYxamp8TqIO8SQYpfD3-kvbcmUxo-7bQHGllZnj0aHWYDSUi_KDUOUFFwzWCyIUBInKVXCZClYqgdZ7bA5lULqRE_E8lkjuvkkVsQHnseOFdvSqW50TqCctihC2Anl_QW3q4DE94coXvWvMQf8XieH8JM8Wzu04haWarRqVSPeeOzFcUvlfrFnEqo-Jr0FbBfrkRdXEpccSxlOsO85bY3lVWx04b3Jd0NbEU3YHTqd9H3QeILb3a26A4wFnXtLzJNvu5MC4glEFE9BXi40g78ggMHTgIufgYmW5OjeGgU7c3wkZETCj4f2t0-EAoufBLyn3IQnD5iZLvA-&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=9861339183145736000&adk=4188270525&idt=230&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d1e359bcb01f052f6aae20c04a72fe98f7e25354f64dac1b733c96cec0b77f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36926
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D01 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5071910773583&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D01 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5071910773583&version=m202301230201&ct=76&x=1&cor=4731035321920342000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3D01 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLLy2umNii6slGTg0X7x3IKoIjYEn8uKBkA4iLrH-Le9Wj0bOILapt-KH4wcP1J5OpGUnUdI3NHZB3KIIz20AD50Nk-s81y5Tnx8H9vQ1eMh7Y2507gG3LSoG_RY33HYYQinp29lBLm_arJV9VbsfVItqmq3o1J5csITSYE-Sn6OigHY0&dbm_d=AKAmf-CplSIn4PeD2t4yAM2OQFwdX3ih9fNVddV4s_E-Zmvjbky8THRpH4cvu5oZAih1IPy1VL_KzV7lCx2ePlHmsBofAPgs6CLywmUDwggTLSYM_xshOQlQEJV9lPakgqd58EVUn8JGi_jUBB-xHpBp41bPt-SyZP41U-3fQoE8v8KNDK7F71bkS-pKNsDwYNBoa7PhtsEqnlNbsP4BEsOZrM6qslpxUxOtN5Df_eYKMncW-3VuHO821eGFKNNE0NY7Y_02y13-uOc7BdOeVWw4A-Yzay81VFsxRPaAIzdl_M4zRJ2AihOtiiB2yho0tI8w2iI2ZX_PFDPASe8b10BxdIakHc_dm4a-tcFjaVl7PIwJgSUuFYRFhxWe2_T41joyDYRxuennUMscqjwEDtrpmRpqXJaho3jtaSTc7R4j8svNwVpUw74cfYDZwtonuWYVdI8ii0GdtasSeXNtZbX9qejDX29e7X6PVnV0Szmk5tthr5xG17vZDWKp_L7vH4nzRVib_AxlNaLZRRYxr48XGn1n0q2RZJakwUNgRzszqd6-dVzTp7mOBOsWY2fQ2gETU13v-7q0Yg9_6Pd6jE6E1anEMVm7ygh_NVXOTV3VpY_ilAbt1ifw2RivUQPuHAnkh_-aquBOdZIVNtmgKOgz8RzqgZYYe2wsmpgwAleXLY8L-QgFIoMQaScw72I6l0hcx4fovydAJFzUopFRDz7gkzQOvg3-LjX38G664A1qJ3qRsQc_NDabEZ2QEGK8XUZIRiUeKvQUAhcB1v3gH-v1l9hafW2fE0dO2IHLGX1hB-diIly9hkLNP9TKFiIeafwRFoXgF89HYI9XfOPSCDcGdCLltPb3YsuQsewFM8czwPzwi5KDlCjFWqhwUPbRZoeJW-AML1NGJY5-xpYEypoxrohHsy3BHjY1QLT0khjB3E3xWjJtzeuwgFrVv--09hlgzdrYIe9pRmMn1hXQ0Mf_NjtIThz7F4Ozd5v3o-oY3BZawraC1hF5fVqXpnvINsH5SEIiQLW7Vpli0E0tCvNLKi7Q-zIVKvlapNv0BqSzNw276PFEsORpLCo1DYW8jJiXUsqqokCBiQ8GhEOz3gwMMomSD6XuLe3gZp71VlxxeYCs_1W2HcE5bJlNK5NN9Gl6JRpXffbINgIz2QlBWEYvKin_KUT64pz_57tudmawl7JrUZJTcaeuarzvtwqW8HngwTKWeN713Hogibcw6Hu0oBizXEAFdvSmkLMumesW_IKe5M0mtLlls8wOQhj0dFzK1FGNDpLOc2P2LXS0jZOUEWHqI6Hf48Xan47a1aZwjCRBC5V4K5UhaPsSq6oi3U1GC9UvGnSfHr6U05Kj_pKZ3BIKc1wBfem5D4lcTlXCvqKmotbsfa0ds_j9JGc6cf6KSlBzaLHGk_VKvrVCrnXaarJz2uQpmIMj8dWuAfnLMmNmUvEQufcrHxrOhGx8Zr-dEM1fk3tjwE7fJqrEBqJJM9svirmT_zwprUFjP1kGHt021XHifghEAiKzdGbUXtEqfBDLR1Nox2Z3SfDDr4jaZoXHd1F9n3U-7SxwTWxOnc61-kkmrxUzCppEa2kldSYALy6H50PxiUYa2UQsF7erUJUiY1HSBSFfqWzmElBvLtaeqbFLnbA2h4T_cejPevINwISWtpysXnlrjGkTHX2bcklpJqt9epO2dajB2vmpcTCZEGtNj1A4uOGvMli2hnixGUJe0GnSd8lmGUI_6uFp34f-4SKuVTZcq2f5FafZZA4Nfza6Ss8MPSexcMWwMW5mG7RutLUOcqcoM3T0U8i9Gz5g3GY4NQ1v4RYdQXofwf8vMKPaMnIY45j9aybZxO3PH7xXp4vMjZ4UCc5ZKL-7RNFW1QtiiunqEM1V8s-Yf8RilAVcqpdCE44DwsjaATtgbYrf0NxoHP5iFFXn4kVesckg0ik_M24T3eJ0WEu68hrbJLgRmQK-xqGg6Iyy3DnKRGzWo1nHxiZNCIBMVzfgC2DLh2h_DMlC0NGEr1cjjnfNlG7e1pG93QRuLamLRYlEMpqNu-mFkzztOeMj6Ll7buU7r5DuCouSZHNGJnwudu9ItMBWGmri5TwIAgLAys67AlJZizGaaXXv-3KZ1yCx3B-Q6cOd94PBMsXAmpKXaOhhJVHHQMgY-Vb1Fyv2PB2BXWoxQJwTmHnSW_mz9k4VNLJKmfgBqitO2rkyDtXN3yVpusxiXmWxMmGpp2DwvcNpQQg4_VoRJ-SMXB-z8PZcMt-DWmXwqtM5rFvcxxdIDwJH4b4lVipmxp2GWVum7dTYn4Mo0ZcM8WcInQaotB8cVhYacZae33JWM1OWooIvvicgzYLuhiHsDFbGyMH2iQH9BeNUS1wDg6O0tSdlWPklgD0Im-ZB3C9aCOtsFwyqFu6xSnxeLwLmZ2XQW1p6Kg4GO5w4RzCjYaRssUXkTIq-EzmS9iUUbiKf4cGdyuKHlmfBJsB_8WJOqj80AkOK4EEJ2TuthwhfNe478dJJn5e41Bglalq0VGIeJEv34VYdKXxWxgqmQR91_y9-Eny16zWkCYNMVKuqEsLoGRAZ4k1Zr8gSD8nB52_gIIp1L4SCpmtiwEVTu5yTVRRRpjYlI7IIDmvMhEQUVXc2_IShBB_kQ2cREZyz2GPIlCPolMZoVuCRmFhsJz8zDGP9IzxfGC4QRGuGPahIWJZuzH9SDekXwhYlJ-9QmfXCOUncx60HMb-cVbtf5m3g2w0jETqCexNR02iHR_hMgcBLDG2x3rUB9gdRHZDaeY0CDUuNpYgEHdbfq1L_n2gpoQg8WkDSH3I9vdOFIZNcSbP_G8LxNzFbJUWYbAZFZT8JFnJTQFB9IZAS--C4zjjAFgjGODfsJYmRg5w-xS7dffLGBWLrQ132whI0DeMDGmQR5JccrKpTHzh8AneU74ZREK-hlQtlKo98004P5sjn3ybkSxRFTvMsGb0jFCOL78mVFmvbEQ7o2odDygRT-MTryFH-aWprUwnRwJDibPsq8sSxr5YWnZp9XkvuceXkmGCFzj9R73DVkoAOKNyusOL27fyLyV7zkbD8OoQUVkWZ3kqrGYPu8DuL93kpryRIx-wGEpwHcUgAuAog2seVoWSKIWZoX53hTJ2P92lIMjomt4srLrGlYgUDjBUjctVeQFhuEygo8fhwVJjGZonrY-JnQhFA9grvVRqMLYnvkxTQi5A8gLd2m8F_fPouPfwIxIb7ihm1fN9Cz8wyclyrHDLPy2Z-EJ7ddvyL9FFjYbdRosHTf6PJbZF82yv0GRnwvuuQQy7oIaqsPBzx9vnzXH8k1AAsToiG-JxhGQA2yP4oqcFPbnm2sF8A0hhq9mtz3zuhBHW_jtMe3t05zlSVtvmWbsm8CblWHqHKYKUmPqOj4mvxnS_o7jaAtEJbP7fZSR5EzVZQ8Opw_bQ16ZgNjw4oMH5vODdbAr_Qamshjc1muJtfCf-Lg09t73Vp1JSgj4ow3Q8d6BJLvroOkcJ_fZmLMHLMuFZf3C4ZaV1YTRbAr90AnD_VTACPihm5KukSbJRku1nAoYVv-nwiv03GqG83M8do0Sk76lCq7-MJT9Vp35CpuPhxza3XuGniUVoLBLGuJ2DUqvcyFflO76vOD-5VMpsY9nckogln66b8LhMH&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=4731035321920342000&adk=3037181500&idt=231&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
521af6605e9d51e73c9ff3caaa44e8f05b520f55894fc2bb4d299f1077b1704b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36889
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4003 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:09:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC52 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5434370634661&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC52 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5434370634661&version=m202301230201&ct=77&x=1&cor=2213676487666267600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CC52 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSRG52Vu1neFKYuyKEH1QALrbkwxx2LvuoT7AtuWyayOOTSKapNWU5z_NnqfuW6S-uitTLltwiOxlOhIieBvRtsJz48gvyHg3DNtzU-nDJy4T8_fT15SzP8zf7PQZ0U8n7hAf_tTMz71nEybPBCLcevDGgGW62rURsP12Ief_xt-WvrNc&cry=1&dbm_d=AKAmf-DULY0xK6dM7sI3scnC0ctf-JXTgIoJixjRAQFsoDBELtqwb9xaO3Waffe79_eqWAvtVQ6botHL-Tp71OFBjoJKzsjJdRmLNfSR_UuLGjWJXOPMoRoxlNeBxK_objTa-kW3SlKXIRyL0CDNy4g-8mQSnd5rjB2rB2ymK6itr3neyJBsBwwjwI1juFwzEtokPQM8ngWzIQC4J4JPTSTb7eFU1K3G-qEOsVrxD8pqCe6a8-_UuyWwC9_abKumCn3uq5YIK8slMYxuq4e4FDET97NH3TW_8job5tCzqu0EQq8yo-THOj4PTevFKwu8R9NKfrrKv9UK-x1Ic4trOXjLuA5xCexF5yXiNrDnVx8DJEuA0ZAFdWqaptkahS-MqVM9TrpP3YBxxW4ROSSTRDkf23S-I7dYIMPYo-F8RWtOz4YlwJBcrXxY93PRbVA7-QoyTBlW1TaRCCTb4l0d3DnqTlKo1iVgnBcA1dv3D96yoRdYRpnSi-J5r0wHHjQsgimh-DUhkWel_xzWgQMlv3pgAwCJUt3q_PvcpN_R56ZMVyUlXsVWMl-ULK7rxY0EDOambV0GN3xDcsT3CODquyIjyZEzfVL8l_As0_kpsNrc67Pzu_oeOdCtAQvAsCieo6VAYLkW2y_hlECtIi_8Z-1O5NuFvuZcUrOK6vPA0VXD_ktLxvSmzMK-1lUeeQL33-YWGNL02YhAB0u_RLKtC1G-1qQXUru-29DBvRzwseKW4WZhdhf8XDLAbNCzMmOihJynQQ7zccw3layfOBWXkIs__gSN1OP8L97zUypSWkxAhnIUrwjXbq2a80uAcxFTB_O48Ssn5qQlnnpssDXxSk54mfJULfx15NvGEhEhX1DneIIThMIjitwFXMgpFHIq1Jpd9iNeXxMohnMp6jZm_CuL6INCR8j7Hw8TfPgcD9-Tyqmr6MX3zmcf3b4OXzQqZbmAHxDW3ViLqM9ZwyC2_20wwVu0NNGNYwFcq3t3ilGnibZNg7x6niL0gBq9OTJcd1lHjA6uqbywx6c8xPeVxAu2s2PmXG9ItDhr0g3HdNXgD6R4_X_OmWLfw-789CBJ9a8sFANJlVkkYDEff0ZE5gp5-sxXnMIW1-6oDvOU-3RaTIWR20upI-GEoZVl3cuJ_XVTxs1yZ79T1CP0H1eFga3p2egrW_AYuhuruE5gwzzCFMDxH__5-h2XHQ4LKA7bzC8DDx4vWBGsPTgaBhVg3L_yWSIVFMkUY9FuwsMdobHf1r_8mZKYPK3dPVjyj8HNvdWh8g5_RUILMzR4ry-R8dhbRvx_FLcU4TxseZeqYDtgKh_Y0Vka7i-sfo_6UH3O818OPoGvapnRx27wliuJePixTvBBNQ5wabFZZ6sFU0mEHN2oHQ2B9auXZEyWm0KLLP230aVPnBnCKFhcKB6HUi8hVAHfdCwlYXtns5AKuEk_y5duOE0g-O9LtcXeeVdXqbUpd5kJ3HRhoUj1Ck_tV-4n_AzzzeaHL0vkCl5JFhAIxJJuMo9DDHt0idKf9kuUbGFSd2RDfRttRSSPPJEJ19042C04_rfNme5gzHcJ5_t1MsackxRB3mpf9nUWDXyJDt_niTv1dACyxmL1cUVwL0HTZcZxNfBtR9WOfu1ebkP5RMLmTVtdid-KO6GQ0v9OyGmnQfQ0BLzvpCzWYtX-tF93yn6fhEEPXav7SZDGfviAtydcbL7zR6urSSBGRyZwOAx8cldC3Ux6WRk6M_rRpNq8Bb1eTnG-WgWMSRe9u9KbLrAeJTN-yG7QpTClCXmosHgy1MxH9ohox0EE0DeW1bJU8wz3oIRfaDev06Tc7qLCJ8YFLQXRpabZC9xRqfdrajC-8nReoqy3-PZnkaylJzgxtyLBcRW-H777oqKly4GRcAwRlb9M5Rnq-n2rHiYoXPMAM1JVSxmLPMU0v93GfCOf3G2NyKAc8Wq7fTkXK-5QnA-23yGrFn5AIioEUnRh4Qg0u81YYaLiB6OaVaA-hIcophv_MiNZynkVJB20mNiscXeNiBFopSM-uPqk82sZZpmCp1scBGybT24rTvOHmUpZ0u9nS3zDf4Vsnq5hWXvGAl40rOIHGOJ-hSL-gIq4neyN1SrxvQmNmP_hi6VtLiMbfqLNaeYsCdtIOrjMtenk0PIfgi-AYZFsRZllMSaLx5G8XEnRD8j9voQd_46XGVQup3LflVTParPUzHWcja78ywTYIWFN1sM124AqJ7MLcjOHoCMJBMGHdZr9GjqePI0mNDDtFE_Q0SCC8y6-1Vwna2EW9qrxpALSu3rtWkWWVii12WTvn1uNqIzMRpULv7pDYWUVRkrouaMmQ3mmM0NVUXVM2QL6Jyt7tf9MO9t3M8cbvFfhqT6wykCD2s7ILxqm78TNVFkNwmvLyFRpEBHBWQheLuHbVQ2KAbkv63f4XTfPzBBpVpLKysgngXQqdsgTplH97wBVv1N_eUjZVr-ME3UZ88Jqceel9ana0Sd6INNbWtiA63U7SZNBqGTKdCTTvL0uvLyHoHBmsC3lMGOZAWyhVgHXJPlGUHYrKZJJ2yvBHVvwjViiDyciXxMxEVj44cyBs9Foazb3Cw8hEesGXvBsL3F1-joHnlGaYppS8Dwjpv-VGdIu_t0e5itFB3LnyudRX7jLkxxY58OYkAL3wsdRGqer0lRIyIteI3jbRzkKU7X1PJbl7qHSIdCrMK1CpkXh9cwpm2NpEp4y6mKNWXBNLAoetFbP6xYtLzgEiSI6kdMAQ3TSSv7yUlIJRmXdeJiIS9aFLDQttYKwo8ejbyJpNEj5Qfx7U0WTk6XZGQBCjPUFjqITUZomr9WLZffrEnof7kCVvg3WaeOG4tqQvD5Vk9TUGFlK1m87siXNEv8RXmdIM-nhz1IwoXobuuhH6HXwDzzMKJ_jsO-WVXz0gi7HfttaKgrkoH6oY46LNXeTXXyse1Rb055G7IqZRte7wt9fc4Wc3ovtPDkj5gtcY16-Erwzh0GI9titfu-AeBA8uVvb4e7FnGFLYlmlLkKcikBe9qYHsOwzOEIfF9XG3G3mK-T3dJRsXR0RsIeIO8ZFFo87jrYknIoG7uJ761ixtSoXzuVz-dCSHxWMry6QEzL8dnGtHrtpuLjZK42se7stFusmYgKGvFxAx-IkKqD-UevIHtUk8_R3NLAFYNLc3ZPjr4txxqo_fotZpDAfln_q2OnyOZl2ocKllqY8MvubkrZv2LT94cdeAP_bk2eBcos7D2VzzJUPKXh6zl73k3v0h-824g1Bx_OfC4OcTZpNybZW1uhlp6AMp1Bgs3hguU0tDosSY26GOixs5dcwwBl_in_kXyprKOHw4xDLdNzKyE8iXQ5GBdBpeAOtnBDTJlHwzDWQOykpAfMUuXr_QH4GzKCEM7p5kSHSmLLLv6uoASEvJresAfT7TtXz4XK32dyEufnnf1VpbdolWw0OOYwRk-s0FbTZBFmq0-h7DiXvf0ifKyN4GdNi2u6m9N0ZrlNqqK55fn2xUkLoiZKAzY3yXWirpUlqfgX6o6xH0BHlj6T7Lmv6ZWNfoOosdxFiHq-s7EAfDeTCB6G_WvNtmuGzkjODfr-LDgaTkU3FGamYrdzY_EVqBtLElJ3M3UFBNaUAINuR165QLoOaJ5tKmTcEACRCXrmT0TEv3ff0Ceq8Z14z0QfzE5DrFC__DSVI1Q0VH1GlS1L5bXKHu03gJVgTQ1y4Ea_g&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=2213676487666267600&adk=1033480531&idt=244&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
482aa80c18fe97787e186f3d5bd8b80dcd8306da4cc027544dfb5d29bb09a543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6050 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4753489576038&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6050 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4753489576038&version=m202301230201&ct=76&x=1&cor=15021870031130157000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6050 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBtvwhxGtyUaSkDtRoSpjyHY1dlg8jytNHIEDJsRxALZ2ei9l48VbYNqvxnBBlvbtt-ryBPbJ7-m_MsPIFQ226VXiTnLfWD8dB7lG5jPBoiWuh1HU&cry=1&dbm_d=AKAmf-APPbnTEo_tWIHk8RrlrzTUeSvwWo2D8zuJSpgTCj0njC_yUt6k3BptwPtRdc8Tsxr7ruaXfwwSXsnJ65wJJJlOTrIx7c9lRZLKFEH6eiQ2kBBAZ5rdUMgPV_wEgX8gul0H-yasaK6bjd2kWSAbnfuBp9QyNFhQeAuafaENNtjInTiMMRKlpjPz8VzoRxt4Nb1GOuYf29px2ruFy2ZZ_DNL6l0UTlGhhkU5DgeNFb9-mW6UqrHzLJib3z4daoFA-2bA_CVubptY9OG-xiMmsYygb6wf3rVJdSe37dLt6hnMpIozT5z4cES_E2D9AVVpDl1pBBdwy0RK3hj368xKxkYJCShp7PpAjHVSlvIyQsBjv06cZviIQV0A8Tpul0hIZ720rEcTkCTbp-GSwBqziau6XMyGweu6tzpejQMfWAJ8di8mLVxqEZfjd3VQykEu5FcANrwK3nX688VQYXasd2jgpRjJnpkpSDhU6A8umHj8hwpIHoPitILI2NjP9Wo3EwnEwBCjgxC160rRvD36kGtCvocvEnkM4XvybWHuwgU-kElmYT8E4mT3_j-d3XhAtha7nH4FtDOFq1U2ZwSvfPzU7qOJdehHPbFon2wSBY7B3lcqXlbic7kIFu0Q8bE0Tuv8p5lf3j-JbQGQ9XklblgjmHGXkZAMFRaSXhzVWdU0pHhb5xAuIpGf8KjwMKzT0kYP_tSUmr3fNFhVgFKiNR0vnwlQx9BoVg4gT-nQnMp3B7vu2k3YgeR9ootmBT5nnfuOfUTvUlWrDVmJWRpIhPhfTWXQQquhfqhZ4erZUhTCiysUjJhWkszTHqrdwOyZsMqAPQi8xn8zhHdwGE-uNwCokBp_VFogZzluRgaVuqE11aZMm1nPAKDMNaKBrKk9PTuzigbQjfYtX8jqZ-IXzI1XTK5TsXb-93dJfduGzqEQQ-0N43ZEoAj3PnMPISPncQ_7EmP6JUJnJhsF6HKvasvLZc8Ub8SPHk0o5ac6yrTjWVb4cxaQ7HfahZUifOchzSE4TKh95-4xc0-ySU4KF4nTV2cLdOskcg8srtKaRpDfMRIupZdjldI9pJotg6CpCQNU3HeHtnk69iUJ4OswzMNYWcMa-vpgUPj99pKG6glxjrTp6UBeWJdQsdB4uX6FY9iKTWdDhpARYSPelfDqIJXtdoN4zRqCMAEZG6ekDwgeWteUMIQRqL3Yu9wgvziF5-0pdqsQ-cPTyvYx5nHmPP-SUWxZXF0BTgcir0Kvb3RpWlf39A0ZXgkyTTAy1bOoYacxqlUOtPK9H4GSWzfRQunBrlHF-SnU8TUjISNxSOv5jpBfsO5dj_iREYES9RMtzAlWjx0qGkE5EsrmEvCsI0w4HrtWHu8BlL9QTaG8PPoujebY6Gm9aega57wpgCKVP-iK72yvNwZAUNKSBjyhsYpOuOL3TfQ3f05Xp4u5s4jmJSqfElInj-vWBKKdlhVssfNl4d9DKXvpLmghjts-dKfrt1Mbtxt87i46offKm3UckfpERWp7sYYLqiVsFMkBJJ2Xr0-8bJWFIrOco3M5qpmxn2q0s-AdKR6mO2umgD3mum8PyiDXrKo1uCY5tcRTPSw18Zt_hgTVBpNRbmGrFghtaVmaZJMtvDYxy6Kx4AmI2QRpW_kSr-dfuYspfvcD5F26_Y3a7te6k07trwlokONaGdLMc5EwBGbgNTKuVpC9glzUysChC7LvtXe14YpdBGEeX9pbUoCF6sm6pjZlVVwC2_18zOgksblAjrpkKnfziPaMedcwKT0eeQU6pzvr2vceBb3xfotGNgKjtJdV7h0Ita6mT1kB6ySzICte_vQdfBCGmf4Cc6kCUm_BbZptm9iqFXH8DGcKBjjEt20wZYOaRAx627w90N9EQsFN8cSm_TaFhtMe-_wk1tdrrimG39vrkGD9RKembHD8Gn2BqtzmaOaiZVfjYHP-BJLUWuOic1gMPiKoMHHGD56fepuIYi8_FbCiSZUmuAzDFthyS4gQHe7xL6-jQtPIHFuAIMyAayOcrlwOUqNLULC5EWhrb_UdsO2EKsGSQbtma9ut2gW_nR41Z2sRopLqS-kuN0DOaIibM8Ge01vzAwp02FimbioprTPyns0dW9PTXSQj6lX58lwATH7wpnUziZaWCMl2A4z00wgw2qV8UH6AWveSo82Bj87JDjf8wfJPEh_Iv56c45Xaom6Jm5OFZKQdYDUyLHRC-CIdYVVC7WA_p-v-zguTwMTxNpBapPyaE0tDTkhJgEzu2fzodoPAfE-vuBpjdOkd7g8vF-LMacpKudX5vknTVFqpMmtL3T8GkIAbi21wLMIh3H-XAPZ2PkMSaOX1ZOt-vYmZ0dCuEv_gs5BFV4zuVgYaFisbhW89FjuWQp-icki580PgXzqdWt1xYJcxX181qeQD5Sg7XU7L9Nc0QXkuPSSx7i9fSaSiAOZFgi5W70Ok_wE8SyQ-WhurQdoSWgg_xyHFtvXv3A5nn6aT_LnLig2-WFOWdKqNuCs6MfGOT2CtbmZwGpX74_G0q4d4JqtVeK_usRZ5BcKtb9-s2oqbWlXQYDeO-3BsqJxdOMcrERjn5f0iKwTeRfV-IJX3xyOj6nlBZ0F6Rx1xzEG1El2VIWFPk6odV5O7F1Ylp8y6gWxeMCJ3Otu03S3Dj_zJVxe86ShSJsI8YyFwPNJYb2cMpstPfZ2sJXl2ADkfwnXjs_vRM4tKUpz7WzbWOGbDsix_vRIEATefSwceK1ZrcjxiDxfSIx8iVEKci9e6X0U8CadBlRncTRkpJRzt4_KinO4f84vQFzSe4hJQJ6fU_g9tJ-zZRVoh60yUMwM2Cifm7TIXng2ldzkO9ZW1mjvnc7uXfz_qdPqGxvvGoA_qva4t2mW9BFaYY1ojSBh6R95fhl_eSvKp1DBUhRX9K9T5nsxaU7qaC4GfLejOqJrRcHLEZvuMBrHZNEn3J6sqaUg4WxkODsrQjYyn3hxpRhw2eDPVW4SIsy5mqVAL5E7trNtBbBxh24Nj_fXTneTXP6M-j4Wy6U9BeU-X3bn39RRXdw8P6mdhHBYrdzJnV5CKbN-BhXV-xAL0g3kC7f-XGOCrUn2mNUGJxntXHLfWxVyb8W8E6X-L49mAAQvde1zIgDdMhxZ2gBwAjLIlyo-_cQiSKEqXrpbw3jFixNyeuAaxx4FJstgQDvFWG00Vjbmc1PtKjIsoAAyNlDlEv_0r-p-x_r4vcpBQzAqvKXhMpBoutdeuBrsnpWoy6rDwNrI_DSSopCrgDvFo-LSNQN7N0R5qL21YwVJLmqOav8M2QhgtduLZ9bFCdqTeGUwjUkSvULBItvkDFU3m5pWBoN9I8dEHGtnZi0IaovUZ_NEvwwR0fcAe6qdpOeUqs7QEE3He_YpytLzOBDLriHOJ8H1d_TFY3IviG6cw5KA5TZxS6WSZyFNEFxxXuM9yhedWCkMtqILJvPpHDHQsgMp67DamhScOt3AjEwa226bCzK1V-Vr5aqRkZEOo1eFSPrRc0cnV3-ogwCm9jnJa1EnooS72TOWj99RVcv0AadzAsJCDWxd6mqJD22HiZFOR1b84At3P_iObiWNebB31qdQ4Napb4LefmLfb3C4IQBRm9zuw6qqtM0QQ4AI6Q4cGl3bqrsuohrQKWQzR5mkkSCqlf35z_arS1fYuflLJ3X46bQGVU2eBrhAZrJrkVimawts9rfyIpygcTvSoVoiZyRXRIcRUkc4plciOBzEDBSvkeShXuJ5JX964CZUrpdW88pu0hdPy-GnRd7mkggzf1W9B9_NcHmgXbh8xkAEgRzNBDQQo4GDWKYk7yTJGxAAUZxIMyZhp_knfY3juBjwbphfA-M-v6-gQ3f4uVg&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=15021870031130157000&adk=4020099329&idt=212&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de7416ea93d5748d4a5e1d46e9d3c7e6df20d67a76fdc613f15acabfdf341b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36660
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6078453528036&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6078453528036&version=m202301230201&ct=76&x=1&cor=1328212885567866600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1D02 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9hlPl5-F2nkwuUNT2B7SkIb5D09hmO48PVChJd6c13DeXogXgxzWLVuO0n0czHXTktuBuKayTY7crTXcX49ptUaofRYYt8UQ3lyiYh81qkc4dliA&cry=1&dbm_d=AKAmf-Cne2VgJe1_3LvHwusNP2hKAbs4d8xefnynszNHFfRpW98dnCZHeZJU_tCk3wYlMC6Eh74jTfAIPs6J4qxx9V4UJbdSoV7YQsfCC4eHTF0mzyYQ_eQkRYlo2XGzbJdrrGbd0l__HbQecb1OmDDvnchaNWCw8ZR4-6dSoC0_0mqWvbQnNXwa64N1oI4bEGi3I9LVZ2dZOO3kOKx_sk4CW137jurMo7grCmNY8veNaimpNQgDcJh26H0QxNpIUYqOUVyNyxBbXlztnO3gskcNPyvI8XnjIWSjuPWq9awhahtNWTrsewepmBOPuM3WA2FscfV34MtUTyRmUKExpogb5NYmBekWRgGglhuy6-1eYuekVl9t3QC4Jt_Vddzdnsx_934gBRBTFP2qwGQr9X3M6iapmoVc9n82T1fZsaGATWpp-GIPg-V4oJsycU40yb1RVUCNzXkUCkVnVHhMTB8VW2RaRk96UfddYatj04fatfd2SJgOyHpMoWRCo4g-6PzRuHwPNfU2npYjnqXxpUbJ49ulqPjrpVDUwZ8yNE8G4AWt1-xwx4B2E4iTt_73ersC8OegjsU7sD3fzwt8V8eFXJnGEn9-D1ZODGm0vheDn3JwmkOLbtLTzhp2q9kpM3rmaGRL0hru3DzZK1zQt3GgT0yxMcJ-Nb5ozOOVxJ0BE3nXmn2oW1L9t92S95XZoSSaws6355tcYe4mDgpr1DH9QitJwJooP_CtEOqWFDp00CXA7tUGwU8GVgHWb3UBFkCnimkIBCgKdhgOukLLA3zjezQlvK0q2X-olpOqeie9BvV6PW6zmjiTkxc5HOTQfIJrBKLg2O6JwX-EXq7VXkPaZtuiXMF54iGr8ZYbO-hPONWFsoqYULzgwnr5B5zYWhKeNDrVyUIkP0WkpgwkEj0_c-i7IRwdGBZv9KZoDBDzCmNqtYNEOVTpLScHNwk4mHRxzK7Ft6vf1uHDpcSJ64B8_d64xZ5PJinaZUnDg2xgdwNuGdnoDKOZNfhxboLTXcwfe0KvlnUveH8sK3w1MRtS7M19ktPIN715j2xyYk1lsJo4sA7VTUwNKxgqya1vw9tLewP2zCPOJi6yvsCYZoDX4boTrPoruXFKNvaRxPvlSSLlvOJTDdMwpWw8lFVJskYqkNexiPWgQFmiHLHt7TXg_HOzCWdrneoLBKbBKTGqmLfW-EyMY7lW2ELER29X0XOmaR3ufgL3zeTuT4n6jnJ2fAaeDMJFlvJyse84CKB5QuDC3cv2knfCDVwNdawC3pS2MZRTO4HrYsvr7xavfEgUgGDmYD2IUMznQo10Wvwt0xsp0NAuef75VDDY8cMtOk5g6Mc-FNTUWit2bJeLDtO1nZV_5xXPEp2Fy4YiEUr9QmkQ5K0cTMhIGzHe1gow-m52wdps476yXNOCGb3rL_UcvkezGGwn21_fMnlupIr9DExJZKv2ehe1y9KibO0OSg7vy21yaA3xK-cWDZeok_XDXZoSrW07i9UxWniJXsA4jfCaoq6OKT7_UspTNGwGdiH1g_SnxDMQBtjHeqgYpZgOzYcP-g_C6BFw3Idisj5bonK4nYlWXEUF35Wx-WNmriBMpH4zmtsg8POZwF9wN2yMrr1s1oG5PfUEEJYkqynyCM336gIaG7rof9omP_4n-4xQt_GUgmYRQgRhCoULKb5gWI8COiMYf6RoFHJ3-KtHU4K4k7DGR7z3E0k6A55oDSBHZDJRzdxRL5YwVPtQ6iHf4Qw37u1FBpDAD1rvunFAfPifbJs_b0ffmq2tisDoN_eiHK80US0_c0c9cNuGDwW8vqHcPt7M3pOK8CfxWWDmfaPaFEFYqcNPzEoz9QjEccHy7eV2uk_JRXoOmDCeepsRWzbnwUoZYJBBPwHUb_fStugIzEtNHvU6lp9rkKeFn-z2aQxUqpVt8D90SXGByT1DgH9qwiL0rZTax8a0pE1rOiPFB7j_9RajqxQFrld2XuzlDjbwvaQrKq8VBjnMW2kX0V87Yh-zHBPMVqZ9NqeSAxJREhg2UfFTel9cZNO3x0i7JBX4_gctuvhvktgRTwXWuC4G8s-siW7KTPiu9rr8U4rk2dnBIA5E-2b_wuod74ewbBhdTHrqweQ3vYgIenjco2FWKKAFYewcqikPjmJi0RkS_6F9r6ZF19hKtPbg-XfbmwdZnOotSi6PuJ0QcXm_vAA_DDMdxCNH1Id71cG0_Gt0g7bcK1GOMBfkJJh46YSI6IaYO2WhEnSjzyyp9kGWwTkcdo-MV1z_KACYy5beLQqTfb52jAstL9vgr6Usltl9VxQF5cbDeOjSPIw9iUWrp-PLfBVHpFKEzeBjX1dM8gDxbRy-Wtt8i7ATZd7RTM6NjrUm7lbh5ab_d3Bgv4mDHWTPjZW8F-uzMPOQsm5LUQVR_AHQSDMB5jYqGcw1nTlVc19CCu3NrewiMIkldm7cIsVE8mHNnfO6Hcw8JPLt9o-xiEDr2yK_bzqRpClTNAFPh95_7RwZsZzi2byhrgTUPBCqdsf3Yxrk9NfOXrFzFCN72XU8La3qWWWSCT8G-W-kUzEGehk1blwHup-ZrMt0iix6FmD7N5516j2gX_4nt9lkndEfgVnaqNR7wQmzrbIeQUHf26c6gBClx9q8NSKOhX7UynnP-nvPrGvnjRiBX_df7FlZzz0FOcJj9z5UZaTmEnPKUgXmeJ98Iyc1QNbKxLGyWdOlfoLuWbbrDo2pv4Vz7IMZInxqCrSMMVcfBOskRxh9V_yhRd9RkcjX1TB6Q1CBb5wyjYL1y1Kj1GEA8ZLM6kncvr8W55mOr6Dp2osUxgdNY-cTRkMqr1O8_1qqrSjBB98Ck-RH0ZljbpKNKVv7B3-yRkG6k5GiM9aKlE_c3USVXUJocsGAF0dQ5vJ_ZYGwZLr5HpmzZ_nLP-I8ZQMlFVcO7u1BcWtcAxMv_KBrZ4FyoneMA1IV6iuDth1rO6HQcFJvBA6coALyyQUal5Cpp4yRlbEztx2dHv2W1i2Vs4m_7OYOBd_A-whXuZRlLsX1oP3oqkwiFDfQbyf3yv9pAQ77vuHT67JNQNkpxXJWOEsoHNmDGxm0dyy3p8oi682be_A5WoWDLnqYjoNBjFWh1JWMFrQ6HcxH_T1OZ9FjCZiOfKc33K_knnQa0qFuke3vSGO34FhgIA0q1JF8ASfFDo1SDHHW0VaV6zDL0l1T_lDO3VuY3ZKWj-TJlEctXKcoZwHbD53OLTINrKJh7swr90WAYA36z574R-8UyD2RQpPVwKMA9bofweFYB31v9zdCnFBt_nzJduWlwOuT-TXf4_OYRpWmbz5Cp56L26BT0F1oWXo03KDJuzRQc42qKh4uX1QGNOYhWsXoIj0yNj6Pm3j7O37GxlzSsz35qJPBPeViSgqu1kfhjxW3OZm34_4-8G_J9YzR84vAacecHdeYgNaX5Larbnwy3RalbyqItqOrX9mAJNKsihIs4O8ErKe3Ng47FzD5MDFwVD32Ph25hHxbNjlHAZnD179HpP0hTqIdGqLlUX04QvofG3Ao8GKLtL_XWK_y9oFfOLeMfqBLpk4WbMcmzHlsSPx-MuWPdwwUkGxLLp9DLhGJYbwI865dWZB7G1gURqorfUlLjEoYOFhMH058FRwiM98dYX1eh3P1f7JZYYYbGGtOV8TCvlPvIpmotYb6QLJ4gixdDnF4soYxg692b60CTlCTOB_3FK6VSTTpaYEsaBK_piUkELVUorVtLZeRanetpj8vbZ5ZQZvKXVbbkoWhopc6Q7xYyZrnJLDz8HBWAyMIbCjQPVrmhzcE0xxJ4LgrfMGTiwTRhV-CcZpZzPloh89YbEUc6GNHpB-8SqlDFMHf-47f_RPeSu9WK-ielJ61gIHF8ZJsu3T5gxQ&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=1328212885567866600&adk=548554675&idt=222&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7407d52430657bba6899ca3ec53127c1053238e4a309c37817cc34826212cd16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36770
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1682689539297&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3dvcmRfcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MiwicmVxdWVzdF9hZCI6MTAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlYWx0aC5ncmlkLmlkIiwidXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJsb2dpZCI6IjBiMmIwYTYwLTM5ZTYtNGI2Zi1hODJhLTM0MmNmOGM0NzEyYSIsInVpZCI6IjEyM2EwNjBkZTVkMjVlYTQ5ODcxNjgyNjg5NTM3MDgyIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IkRhcGF0IFRlbGVwb24gdW50dWsgQ2VrIFN0YXR1cyBWYWtzaW5hc2kgQ292aWQtMTk%2FIEtlbWVua2VzIE1pbnRhIE1hc3lhcmFrYXQgV2FzcGFkYSBQZW5pcHVhbjogJ01vaG9uIERpYWJhaWthbiEnIiwidGRfdXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImhlYWx0aC5ncmlkLmlkIiwidGRfcGF0aCI6Ii9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjIzYzliNzZiLTEzYTQtNDBkYS04ZWI2LTg2MmFiOWRhNDc5MyIsImNvbW1vbl9jYXRlZ29yeSI6IkhlYWx0aCIsImNhdGVnb3J5IjoiSEVBTFRIIE5FV1MgVE9EQVkiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.220.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-220-48.compute-1.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Fri, 28 Apr 2023 13:45:39 GMT
Strict-Transport-Security
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
logo.png
api.popin.cc/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.popin.cc/images/logo.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:39 GMT
x-amz-version-id
null
Last-Modified
Tue, 02 Apr 2019 12:00:56 GMT
Server
nginx
ETag
"b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status
HIT from 10.252.55.25
Content-Type
image/png
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2316
Expires
Fri, 28 Apr 2023 14:45:39 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1682689539320&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6IjUzX2ZlZWRfd2l0aF9zel9wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoyLCJyZXF1ZXN0X2FkIjoxMCwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjoxMCwic21qYWQiOjAsImFwaV9ob3N0IjoiaWQucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGVhbHRoLmdyaWQuaWQiLCJ1cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsImxvZ2lkIjoiMGIyYjBhNjAtMzllNi00YjZmLWE4MmEtMzQyY2Y4YzQ3MTJhIiwidWlkIjoiMTIzYTA2MGRlNWQyNWVhNDk4NzE2ODI2ODk1MzcwODIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIyM2M5Yjc2Yi0xM2E0LTQwZGEtOGViNi04NjJhYjlkYTQ3OTMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiRGFwYXQgVGVsZXBvbiB1bnR1ayBDZWsgU3RhdHVzIFZha3NpbmFzaSBDb3ZpZC0xOT8gS2VtZW5rZXMgTWludGEgTWFzeWFyYWthdCBXYXNwYWRhIFBlbmlwdWFuOiAnTW9ob24gRGlhYmFpa2FuISciLCJ0ZF91cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVhbHRoLmdyaWQuaWQiLCJ0ZF9wYXRoIjoiL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwiY29tbW9uX2NhdGVnb3J5IjoiSGVhbHRoIiwiY2F0ZWdvcnkiOiJIRUFMVEggTkVXUyBUT0RBWSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.220.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-220-48.compute-1.amazonaws.com
Software
/
Resource Hash
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Fri, 28 Apr 2023 13:45:39 GMT
Strict-Transport-Security
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
191586896b0f846d4c691a41232fa812.png
imageaws.popin.cc/ML/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/191586896b0f846d4c691a41232fa812.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6a44064eb80d0022edec5cc6e7348d55e7653a57b2a9286a19fa46b7e076c18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
jQY2b8tsb81D1vSHZ.gpNtulbpqwPBNn
Cross-Origin-Embedder-Policy
require-corp
X-Cache-Status
HIT from 10.252.43.46
x-amz-replication-status
REPLICA
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
26357
Last-Modified
Tue, 27 Dec 2022 11:22:34 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"191586896b0f846d4c691a41232fa812"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Sat, 27 Apr 2024 13:45:40 GMT
30e4edb91e678bbc4f7b446c1292ea3e.png
imageaws.popin.cc/ML/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/30e4edb91e678bbc4f7b446c1292ea3e.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
29ae66060b7f121cc2e095a336002d02fde9e9b0f7f972dc251128f0e58540c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
xct24lQhHImWQzOvcGWC2yrEc2lewSWX
Cross-Origin-Embedder-Policy
require-corp
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.43.26
x-amz-replication-status
REPLICA
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
48081
Last-Modified
Wed, 26 Apr 2023 11:09:04 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"30e4edb91e678bbc4f7b446c1292ea3e"
Content-Type
image/png
Cache-Control
max-age=31536000, max-age=31536000
Accept-Ranges
bytes
Expires
Sat, 27 Apr 2024 13:45:40 GMT
c13049044a8003031eb1c17174ae1801_160.jpg
imageaws.popin.cc/article/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/article/c13049044a8003031eb1c17174ae1801_160.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
c3b0bb86c444d3af0de2f344d5649f3dea22b78006ec660b8c57a9d3099ee1b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
iOM1G6i2eVTHyyXpfmuzasPZpMsqcvzG
Last-Modified
Sat, 10 Dec 2022 04:08:58 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"4a61f7086b5ecb398e69f7fefeb70e28"
X-Cache-Status
HIT from 10.252.43.46
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21878
Expires
Sat, 27 Apr 2024 13:45:40 GMT
10619eccbd59cf9517cf7aa3da046e79_160.jpg
imageaws.popin.cc/article/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/article/10619eccbd59cf9517cf7aa3da046e79_160.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
648f19750e1743a5b99b146aead04560a24cb778fa709d4fd524745ffbe0fe6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
a5W8dY1AWQQu02tAPMmMuu404D_Jdnf.
Last-Modified
Thu, 23 Jun 2022 08:46:46 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"013b3621fff1936782688499f8ec3b4e"
X-Cache-Status
HIT from 10.252.43.28
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28122
Expires
Sat, 27 Apr 2024 13:45:40 GMT
af263727a4f9289fb44c8afcb958ad7a_160.jpg
imageaws.popin.cc/article/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/article/af263727a4f9289fb44c8afcb958ad7a_160.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
35cda10301108a8fe6ef37fe10171f2b1362dc48b8c2a27cab1aeaff143fd430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
O_DqHlVrU4TA.VMIB9o0Ii.CdODwR.dW
Last-Modified
Mon, 14 Nov 2022 17:25:49 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"8f6536038fd13204073d0d7c246c3b64"
X-Cache-Status
HIT from 10.252.43.26
Content-Type
image/jpeg
Cache-Control
max-age=31536000, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16644
Expires
Sat, 27 Apr 2024 13:45:40 GMT
34ea5a92db8858e238310f4628f7d0fe_160.jpg
imageaws.popin.cc/article/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/article/34ea5a92db8858e238310f4628f7d0fe_160.jpg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
39dff9c036ea060f330b4fe5155a1c40c05dbe3c855cb570bbdf503a688a1de8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
HqWnISBlVeUfQgk7.wtHVHTO8c3tuhdW
Last-Modified
Sat, 18 Feb 2023 08:55:05 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"d4da6547795471bd39786159de5494ad"
X-Cache-Status
HIT from 10.252.43.26
Content-Type
image/jpeg
Cache-Control
max-age=31536000, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20973
Expires
Sat, 27 Apr 2024 13:45:40 GMT
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlYWx0aC5ncmlkLmlkIiwidXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ1aWQiOiIxMjNhMDYwZGU1ZDI1ZWE0OTg3MTY4MjY4OTUzNzA4MiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjIzYzliNzZiLTEzYTQtNDBkYS04ZWI2LTg2MmFiOWRhNDc5MyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVhbHRoLmdyaWQuaWQiLCJ0ZF9wYXRoIjoiL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wLjU2MTUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1682689539272
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
log.popin.cc/log/popin_ads/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3dvcmRfcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MiwicmVxdWVzdF9hZCI6MTAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlYWx0aC5ncmlkLmlkIiwidXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJsb2dpZCI6IjBiMmIwYTYwLTM5ZTYtNGI2Zi1hODJhLTM0MmNmOGM0NzEyYSIsInVpZCI6IjEyM2EwNjBkZTVkMjVlYTQ5ODcxNjgyNjg5NTM3MDgyIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IkRhcGF0IFRlbGVwb24gdW50dWsgQ2VrIFN0YXR1cyBWYWtzaW5hc2kgQ292aWQtMTk/IEtlbWVua2VzIE1pbnRhIE1hc3lhcmFrYXQgV2FzcGFkYSBQZW5pcHVhbjogJ01vaG9uIERpYWJhaWthbiEnIiwidGRfdXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImhlYWx0aC5ncmlkLmlkIiwidGRfcGF0aCI6Ii9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTIuMC41NjE1IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjIzYzliNzZiLTEzYTQtNDBkYS04ZWI2LTg2MmFiOWRhNDc5MyIsImNvbW1vbl9jYXRlZ29yeSI6IkhlYWx0aCIsImNhdGVnb3J5IjoiSEVBTFRIIE5FV1MgVE9EQVkiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1682689539299
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&uid=123a060de5d25ea49871682689537082&type=pc_pv&nid=pc&media=health.grid.id&r5=ca_HEALTH%20NEWS%20TODAY&t=1682689539300&tz=id
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
last-modified
Thu, 16 Sep 2021 06:17:57 GMT
server
nginx
etag
"6142e195-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoiaWQucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGVhbHRoLmdyaWQuaWQiLCJ1cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsImxvZ2lkIjoiMGIyYjBhNjAtMzllNi00YjZmLWE4MmEtMzQyY2Y4YzQ3MTJhIiwidWlkIjoiMTIzYTA2MGRlNWQyNWVhNDk4NzE2ODI2ODk1MzcwODIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIyM2M5Yjc2Yi0xM2E0LTQwZGEtOGViNi04NjJhYjlkYTQ3OTMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiRGFwYXQgVGVsZXBvbiB1bnR1ayBDZWsgU3RhdHVzIFZha3NpbmFzaSBDb3ZpZC0xOT8gS2VtZW5rZXMgTWludGEgTWFzeWFyYWthdCBXYXNwYWRhIFBlbmlwdWFuOiAnTW9ob24gRGlhYmFpa2FuISciLCJ0ZF91cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVhbHRoLmdyaWQuaWQiLCJ0ZF9wYXRoIjoiL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wLjU2MTUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwiY29tbW9uX2NhdGVnb3J5IjoiSGVhbHRoIiwiY2F0ZWdvcnkiOiJIRUFMVEggTkVXUyBUT0RBWSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1682689539300
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
other
inrecsys.popin.cc/PopinService/Logs/ 		0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIyM2M5Yjc2Yi0xM2E0LTQwZGEtOGViNi04NjJhYjlkYTQ3OTMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiRGFwYXQgVGVsZXBvbiB1bnR1ayBDZWsgU3RhdHVzIFZha3NpbmFzaSBDb3ZpZC0xOT8gS2VtZW5rZXMgTWludGEgTWFzeWFyYWthdCBXYXNwYWRhIFBlbmlwdWFuOiAnTW9ob24gRGlhYmFpa2FuISciLCJ0ZF91cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVhbHRoLmdyaWQuaWQiLCJ0ZF9wYXRoIjoiL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIxODUuMjEzLjE1NS4xNjYiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTEyLjAuNTYxNSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJkaXNoX2NvbW1vbl9jYXRlZ29yeSI6IkhlYWx0aCIsImtleSI6ImtleTE2ODI2ODk1MzcwODgiLCJub3ciOjE2ODI2ODk1MzkzMDEsImNsaWVudF9pZCI6IjIzYzliNzZiLTEzYTQtNDBkYS04ZWI2LTg2MmFiOWRhNDc5MyIsInVybCI6Imh0dHBzOi8vaGVhbHRoLmdyaWQuaWQvcmVhZC8zNTI5MDAwODIvZGFwYXQtdGVsZXBvbi11bnR1ay1jZWstc3RhdHVzLXZha3NpbmFzaS1jb3ZpZC0xOS1rZW1lbmtlcy1taW50YS1tYXN5YXJha2F0LXdhc3BhZGEtcGVuaXB1YW4tbW9ob24tZGlhYmFpa2FuIiwidWlkIjoiMTIzYTA2MGRlNWQyNWVhNDk4NzE2ODI2ODk1MzcwODIiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6ImhlYWx0aC5ncmlkLmlkIiwiZGlzaF9jYXRlZ29yeSI6IkhFQUxUSCBORVdTIFRPREFZIiwiZGlzaF9kb21haW4iOiJoZWFsdGguZ3JpZC5pZCIsInZfZGlzaF9sYWJlbHMiOiJtZW5nYXRhc25hbWFrYW4sa2Vta29taW5mbyxtYXN5YXJha2F0LGJlbGFrYW5nYW4scGVuaXB1YW4sZGlhYmFpa2FuLHZha3NpbmFzaSxrZW1lbmtlcyxsaW5kdW5naSx0ZW50YW5nIiwidl9kaXNoX3RsYWJlbHMiOiJkYXBhdCB0ZWxlcG9uIHVudHVrIGNlayBzdGF0dXMgdmFrc2luYXNpIGNvdmlkLGtlbWVua2VzIG1pbnRhIG1hc3lhcmFrYXQgd2FzcGFkYSBwZW5pcHVhbixtb2hvbiBkaWFiYWlrYW4sMTkiLCJsb2dpZCI6IjBiMmIwYTYwLTM5ZTYtNGI2Zi1hODJhLTM0MmNmOGM0NzEyYSIsImFwaV9ob3N0IjoiaWQucG9waW4uY2MiLCJkb21haW4iOiJoZWFsdGguZ3JpZC5pZCIsInBvcGluX3ZlcnNpb24iOjZ9
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/plain
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&uid=&type=pc_channel_pv&nid=pc&media=health.grid.id&r5=ca_HEALTH%20NEWS%20TODAY|ch_standard_word_pc&t=1682689539312&tz=id
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
last-modified
Thu, 16 Sep 2021 06:17:57 GMT
server
nginx
etag
"6142e195-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF93b3JkX3BjIiwiZXhwZWN0ZWRfYWQiOjEsInJlbmRlcmVkX2FkIjoxLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlYWx0aC5ncmlkLmlkIiwidXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJsb2dpZCI6IjBiMmIwYTYwLTM5ZTYtNGI2Zi1hODJhLTM0MmNmOGM0NzEyYSIsInVpZCI6IjEyM2EwNjBkZTVkMjVlYTQ5ODcxNjgyNjg5NTM3MDgyIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IkRhcGF0IFRlbGVwb24gdW50dWsgQ2VrIFN0YXR1cyBWYWtzaW5hc2kgQ292aWQtMTk/IEtlbWVua2VzIE1pbnRhIE1hc3lhcmFrYXQgV2FzcGFkYSBQZW5pcHVhbjogJ01vaG9uIERpYWJhaWthbiEnIiwidGRfdXJsIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImhlYWx0aC5ncmlkLmlkIiwidGRfcGF0aCI6Ii9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTIuMC41NjE1IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjIzYzliNzZiLTEzYTQtNDBkYS04ZWI2LTg2MmFiOWRhNDc5MyIsImNvbW1vbl9jYXRlZ29yeSI6IkhlYWx0aCIsImNhdGVnb3J5IjoiSEVBTFRIIE5FV1MgVE9EQVkiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1682689539312
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
log.popin.cc/log/popin_ads/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6IjUzX2ZlZWRfd2l0aF9zel9wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoyLCJyZXF1ZXN0X2FkIjoxMCwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjoxMCwic21qYWQiOjAsImFwaV9ob3N0IjoiaWQucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGVhbHRoLmdyaWQuaWQiLCJ1cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsImxvZ2lkIjoiMGIyYjBhNjAtMzllNi00YjZmLWE4MmEtMzQyY2Y4YzQ3MTJhIiwidWlkIjoiMTIzYTA2MGRlNWQyNWVhNDk4NzE2ODI2ODk1MzcwODIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIyM2M5Yjc2Yi0xM2E0LTQwZGEtOGViNi04NjJhYjlkYTQ3OTMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiRGFwYXQgVGVsZXBvbiB1bnR1ayBDZWsgU3RhdHVzIFZha3NpbmFzaSBDb3ZpZC0xOT8gS2VtZW5rZXMgTWludGEgTWFzeWFyYWthdCBXYXNwYWRhIFBlbmlwdWFuOiAnTW9ob24gRGlhYmFpa2FuISciLCJ0ZF91cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVhbHRoLmdyaWQuaWQiLCJ0ZF9wYXRoIjoiL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wLjU2MTUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMjNjOWI3NmItMTNhNC00MGRhLThlYjYtODYyYWI5ZGE0NzkzIiwiY29tbW9uX2NhdGVnb3J5IjoiSGVhbHRoIiwiY2F0ZWdvcnkiOiJIRUFMVEggTkVXUyBUT0RBWSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1682689539321
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&uid=&type=pc_channel_pv&nid=pc&media=health.grid.id&r5=ca_HEALTH%20NEWS%20TODAY|ch_53_feed_with_sz_pc&t=1682689539340&tz=id
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
last-modified
Thu, 16 Sep 2021 06:17:57 GMT
server
nginx
etag
"6142e195-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6dHJ1ZSwiY2hhbm5lbF9pZCI6IjUzX2ZlZWRfd2l0aF9zel9wYyIsImV4cGVjdGVkX2FkIjo2LCJyZW5kZXJlZF9hZCI6MiwiYXBpX2hvc3QiOiJpZC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJoZWFsdGguZ3JpZC5pZCIsInVybCI6Imh0dHBzOi8vaGVhbHRoLmdyaWQuaWQvcmVhZC8zNTI5MDAwODIvZGFwYXQtdGVsZXBvbi11bnR1ay1jZWstc3RhdHVzLXZha3NpbmFzaS1jb3ZpZC0xOS1rZW1lbmtlcy1taW50YS1tYXN5YXJha2F0LXdhc3BhZGEtcGVuaXB1YW4tbW9ob24tZGlhYmFpa2FuIiwibG9naWQiOiIwYjJiMGE2MC0zOWU2LTRiNmYtYTgyYS0zNDJjZjhjNDcxMmEiLCJ1aWQiOiIxMjNhMDYwZGU1ZDI1ZWE0OTg3MTY4MjY4OTUzNzA4MiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjIzYzliNzZiLTEzYTQtNDBkYS04ZWI2LTg2MmFiOWRhNDc5MyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiJEYXBhdCBUZWxlcG9uIHVudHVrIENlayBTdGF0dXMgVmFrc2luYXNpIENvdmlkLTE5PyBLZW1lbmtlcyBNaW50YSBNYXN5YXJha2F0IFdhc3BhZGEgUGVuaXB1YW46ICdNb2hvbiBEaWFiYWlrYW4hJyIsInRkX3VybCI6Imh0dHBzOi8vaGVhbHRoLmdyaWQuaWQvcmVhZC8zNTI5MDAwODIvZGFwYXQtdGVsZXBvbi11bnR1ay1jZWstc3RhdHVzLXZha3NpbmFzaS1jb3ZpZC0xOS1rZW1lbmtlcy1taW50YS1tYXN5YXJha2F0LXdhc3BhZGEtcGVuaXB1YW4tbW9ob24tZGlhYmFpa2FuIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjEyMSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJoZWFsdGguZ3JpZC5pZCIsInRkX3BhdGgiOiIvcmVhZC8zNTI5MDAwODIvZGFwYXQtdGVsZXBvbi11bnR1ay1jZWstc3RhdHVzLXZha3NpbmFzaS1jb3ZpZC0xOS1rZW1lbmtlcy1taW50YS1tYXN5YXJha2F0LXdhc3BhZGEtcGVuaXB1YW4tbW9ob24tZGlhYmFpa2FuIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTEyLjAuNTYxNSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIyM2M5Yjc2Yi0xM2E0LTQwZGEtOGViNi04NjJhYjlkYTQ3OTMiLCJjb21tb25fY2F0ZWdvcnkiOiJIZWFsdGgiLCJjYXRlZ29yeSI6IkhFQUxUSCBORVdTIFRPREFZIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1682689539340
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
log.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-th&uid=123a060de5d25ea49871682689537082&url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&t=1682689539340
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
last-modified
Thu, 16 Sep 2021 06:17:57 GMT
server
nginx
etag
"6142e195-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8925503433284&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8925503433284&version=m202301230201&ct=76&x=1&cor=18147356951416574000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 58E0 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCRMcN64ivYyiJQMAyRHPbuDYlnMNjAS1hpL-vLOfyEkFb2zpLBSstMBzoYJPHHRaEMomsJOgO9HiFwcgUPzdYua_3Kw5wPNIwy1XPFNkJjRYzjrw&cry=1&dbm_d=AKAmf-DD9ervDhTpDV0ZkyKZlAVaVJH6qsFHX6BGWxBNg3NUsiSPMywz2cQ-CXcbsiRE-nzTOIAhV0myt8aBwwp95Jmzw1IY5ZbXqpez7tBHguGgUrISDeVmfVfCiQnUXBGN-OYXFW6H1haMgB0LX60Cq_kvVPy39ilLxv_C_Sx70zIXEac7MlMgWRh6l0_p2cub6dODT2Ca34sxurP9ilRhNP11eWVJtvsNYi4cdRnmOFhOsGrhYcKWGcjaaZCadR0qtRb-gE4yzCNLoReie3-b4vtsnkYdAP7icR_LtvU10NIpQwezyYIrjZtnFNG5FdxTJ5bc1ipkNwvdtruXhcHMUDFhxb6cwT3-yoa51GsERmSK5m2nJ7XtEcHPaxK4HWRPx326kHK2ECCXdsp1CG0HyNFAT_LA1K2l61NnQraOb301hc6mKIhvfh4xa8iUFAmZ0NO0VoyIdL8VLNw4fOI0QKfqPBl5FSGjLmMssGSPCUl7GJtAhJ4xyBg8C_jgB8x_sV9Fu0fkMYibHG4dWqnRz0bqeRfdk1wgTt-qxZnoP1Ozd4iCO2xpbwMLKLkTc4Lu-ByjBywJEh-5M9TMTPJ5C21QiXOBL9izb7PvX1-_r1IiynmSG1w7sAm6eNEZadIdSfu3O9stYfaSckBbcn5xY15JLtck0YsSOtA3bes_sFZrxa1jVtE0VIbxxTrQ-xoalx98eFu8bGpgVQce3hvcU0TlGsclPJJfhwRvv_MpunyiIHMvV30BxLEFCtbFA16xnimgy26dVCEOWbqiU5rTEgdcqif_8uHTDhbz2tjfUEpBZehYbtOx6BRO4-E4l5sQUorzLnt16idz-I8IA_4wuCS4PDw-Yg-MXnpOq_uQhTBaaoMDo_MoYSIvbV_ilcv7xky1QCOCsFYo-tS1vzSbCAxjO7wGf4QoXYE-sSf1nU3er-Fq54gMOTCaSnxbg9AwimuEp52zLDFHxYteduSNPUSlARMhkimH4CRZtrpry5cqj8CzEcWKIds-trLAzw3VCPTSHIB8zxQHL73H5BZu3Yc1j612b2Ul4lV9Laadr9ypTrDOX3SQn5fIX4TugjHgUJpdM4XpGhQVuRHKMgIWMHHgtBmfxHjs5zSvR0xs8D0OKSDNDauGf_ikaVL5z9oFqCN3f8ggoVtuMmLruy3P2VEYXCyBdYnIOI7z5PhArLrOentqguP4hKUQdJUEdmJ2ErFmSSGP5mnVwlw_nU7IyAgEXquLC90-miOzjLGa5HGm6lDjzgGxrmXhBisJOMlHFWweHCM6CYvesj07R006VyzZuS5YB7QtSGl8cNyEMY_cidqV7dS6yl1zPDX7Hz96Xbde3UZUEVLgQ6pzJp_U-IcSsNsjNxP4Ojug4bMyhoSyiJup6LWquj0tNDi-97KfoRvM2xYnxfONklhplncdgAKGpuXqjX2a9c27-cr2Ipj97jupvkxXC4I5zHCBiUcq_3nytXmvAO0G709NzLq7u2WKOz31xaProKMM37W3El6a_8BEDmJLGCMkQ4JLUO2n_iPNPsE48oSo1ynBAzfFXH64Jy0QE0Y2P0W7fjqBCEeIIZg2BQ9dhp-a10MSOwvjYSLEBPftw1cLx5z4KoF4R6_Tzz0VLRnhv_ZNrXA6hh-XIwBST7Mpmbtgs0WdXvreon1CEHjPpLmsCRtOU9v-YfdCUJnuz3tBvskapty-rLlM8V1Ct4ooZCggcBdOGz03lEOqMN6sONIfVUHApVSosQxyShLmr4Zn_TBBAi6Pv4piSqNV6iEf5zRGUhSuvLdDsy9Svfj_i7UBmVidU09dsafa4fKBhDvYNpFG_B0rONYf3CQbrRhT80RFq5Dqa4mk8YbxnjayEFawhsGHE8VJt2ZUS4-nfc8U8Ax8eyH7-wIkKIWcETZ13xv5HV2nZlqSDd_tdQbdQkJjUOM31efb2wmUN2X5sy6duzjFdI3Z51IPQF6dyncdu_s4tmkyUMAyWfX_p1Lf-2q_YxLWdabiVqlE2JHv4fY4Rd1IybwJPYaW-z6UQezhtfejgXNgU3MTMmNtm5iIYxCa1MDu0mWAE26wH6ORuR1K2t2rVlNtbXAbKr_3mARHPFD1xFWNPZK59r9HhOUpVEcwasXJpjn947ttmaZ62eI3h8syVrTj46WR4T_cskxNx0BKRWCz1wr-5p5rua-TQ6KQ8udnEwpd9-SFkUFS2Yyn0sOs2r7CSSXqKY_b3WMHad_o1j3D_xIidly6IiUrYzhZDH8kuuTHcQ2A0DxEhY7FB5Sm_ozG4RnQdIwL8KfNj0N2s-4Txdu4g3b0BlVU_5EJZcn_OLUl5e3sZbgicHY5sXuiZ4oexF2RuXTZMHv3ocvTMWiHzjCGxytMCvQagx1Dh-2NfzWYCKxefllx8SlLYVS64rZQMHWrP3yFmMHYihJJhcHQEssMissWwLv0w7E6CBHT0N7x92A_NP3sZcHWPzyXxIEcgcmobxbcSHwB6oLp-GwEnJtuovDZgja9En2njwtNOLbGgTzkv8ya5L84aDj9JLYr-vxhUGn_2ghCrFTBrpxSjlN1g5ert-ZDSwW76Bsm9pYv70IpsTBHau9fkgTYVyFYxAfLxtVoUssmqvMeF43b1AIPM84cKoXqTFPZTKOErbaPwDlFpwrvzfPrwOxU5Ddvujg4-6O_vq58YqhrqtOvJDtYEFDMd5ETSlTzFZUBDOSJL7Da4DjlPPlL72yZJqsC0_oL5IyIJqo3-I4E8bOsbBf6Ay3GXcPqYOddzCTMX3u6MyNl48NXbutwkHK52axnjKWf05qKp7FthQmIEzSeegkbBTIBKHkq00McrTA7COooXGZEz0UJ6ya5Gh0gZPUhGIueOvLSJmm3VHsHrv7uuVe3MQcP8Dw_0Ph82eoOKyVMrykgtfkmd7rYmWhBhL4eYz6WA3XeGbpuxFN6mdSqFUBLBQKfJqUZJSlojgLdJBsVDkuIH3FooGywAAHJWiqLKxopYf1rS1jL0qD3N1kkro1DphKC66nQh_sE1wcGiAmDF6xw06vcWVSuaVFdIs1ycRT-r6h-ZAhAcvKDk78TGQb0R2YTZdi7lv-XKxhl6EkGsbgGaTP09_eg9HgF2fE4NtlNMT-JWugys4gyhHBVX0jSC7YelGRuXOtHgyvUQ9REXn5V7BYjlHPPBtA4fW-jl0c8mTlAVVUD9rqalCGtudDg80n3vYVKPYfmtCaUz4WdsOFBzoB86g2mdsosXIRo9Dpmin7GjueJAiBn74NP29uBxllurpyycdvvfQGELRMA4ynyVtR3movNvzZ8QATrfii3dLbn252zGI_9XJEPVe2hYhTecVyOpAUdrBFOgfAEjYcep-NiVAdE3Gd-HGFYZ7W1vDbCvBXAcJYcBCguNMyAGZI4QmjPyZVaG8hCenmCu6_iP8cLLiHB7lh8EGdEhHCzAPUQb6UPuAyr8HmwOw8ixvSd0w0QJz3H0Rwj6GYwnUhYKmMd_6p3wINex8ST7r1gbSsZwO61nyPtnZXAEV6cGs28HQ60GzY5-9ap8d-wXMV3PiKqOziggLqJMh4W47QtAm_QLxQnms4ILB5He_n6pXsLraRGWpbep1_c7SWx9odnelKCj4ytoaUn9xTGYtNAnvuUqZ9eGtG0FfyLRDnjBbh5joRsAKWAszFkFWTPnHN3VXUkEvVpPZIsrhMlK6JajICgk_n93QPybwXjVNLZYCm3PsmaEv4aDm5aIN4mJRoicFbMzu0p2OTLGdKGScQKQut_Y0Ka8MGY8dCOpBesl8WmxKFXpdW8F0Un3qL_AExHGSrcS2y9Ir2ruDvf-d3L7I61sr0aOxYerhegjxUDzi3n5Fwtpb3JV9dhjgZ-XgkdLhjBUA&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=18147356951416574000&adk=531095043&idt=261&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bbf6d07c92d485bba6c0adc32a03785eddc022a77eaaa73f450a137857bbc4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36795
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ Frame 0A3B 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:36:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
65347
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 19:36:32 GMT
td_js_sdk_171.js
api.popin.cc/ Frame BB45 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/grid_dfp_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:40 GMT
recommend
id.popin.cc/popin_discovery/ Frame BB45 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&&device=pc&media=grid_dfp_1&extra=windows&agency=dhp_id&topn=50&ad=10&r_category=all&country=id&redirect=true&uid=123a060de5d25ea49871682689537082&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTEyLjAuNTYxNSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ1c2VyX3RkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInVzZXJfdGRfcGF0aCI6Ii9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiIiwidXNlcl90ZF91cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInVzZXJfdGRfcGxhdGZvcm0iOiJXaW4zMiIsInVzZXJfdGRfaG9zdCI6ImhlYWx0aC5ncmlkLmlkIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY4MjY4OTUzOTgzNSwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&callback=_p6_990a2b3a9b43
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/grid_dfp_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.197.150 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
27101d3658a60be2ad7c9802e965507b68424dc45e1892bef386adb1094e60d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
Content-Encoding
gzip
Server
nginx/1.13.5
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
popin_discovery5-min.js
api.popin.cc/ Frame BB45 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/grid_dfp_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:40 GMT
x-amz-version-id
rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 06:45:28 GMT
Server
nginx
ETag
W/"dea14647ed42ad93bfc3d619993107a4"
X-Cache-Status
HIT from 10.252.55.26
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 28 Apr 2023 14:45:40 GMT
discoverylogs
log.popin.cc/log/popin_media/ Frame BB45 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoiaWQucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiZ3JpZF9kZnBfMSIsInVybCI6Imh0dHBzOi8vaGVhbHRoLmdyaWQuaWQvcmVhZC8zNTI5MDAwODIvZGFwYXQtdGVsZXBvbi11bnR1ay1jZWstc3RhdHVzLXZha3NpbmFzaS1jb3ZpZC0xOS1rZW1lbmtlcy1taW50YS1tYXN5YXJha2F0LXdhc3BhZGEtcGVuaXB1YW4tbW9ob24tZGlhYmFpa2FuIiwibG9jIjoiaHR0cHM6Ly9oZWFsdGguZ3JpZC5pZC9yZWFkLzM1MjkwMDA4Mi9kYXBhdC10ZWxlcG9uLXVudHVrLWNlay1zdGF0dXMtdmFrc2luYXNpLWNvdmlkLTE5LWtlbWVua2VzLW1pbnRhLW1hc3lhcmFrYXQtd2FzcGFkYS1wZW5pcHVhbi1tb2hvbi1kaWFiYWlrYW4iLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wLjU2MTUifQ==&t=1682689539837
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ Frame BB45 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImdyaWRfZGZwXzEiLCJ1cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInVpZCI6IjEyM2EwNjBkZTVkMjVlYTQ5ODcxNjgyNjg5NTM3MDgyIiwidGRfdGl0bGUiOiIiLCJhYnRlc3QiOiJwYyIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wLjU2MTUiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYifQ==&t=1682689539843
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:39 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 69F4 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU3oRBbZHChm_wY23HpnuMSfIACnZ73Lvm5DNdNRamFuGpvg59mURdlQGzRjeMvJmQojMaL2aJ94Qf23QEJ-tNOfHgD6cMMXdv8BXYnpiTTLqVCqzwk2Zg3EmqFBSshLPL0-_HLxXrCzdtNXVYHkfVgkiVVuzlCoAZW7-dUz5vvPJdZnc&cry=1&dbm_d=AKAmf-BzSwuVpamvFpM9hwdcNIclUhWX1Bu6a-Q4YjcA6lAh2cy48Idm3LXXAqyfWUZPXi34M23QoJ0bcEHQRcDKmWrUXuFVDpcJaJuZP5Y13FMYj-EjrSPaSMVaVYFWfA3kvHcomADe17z9VC6VFCDO8MaY8WO7ZmvSQu16_0ZShRiPQYjmRtlnTeIcnwXdoNJgRJ27pR_cg5YqqfZkh7KoA0g8UjbTHvezrEZhT7Crt8LA_TRwdilg9X6PHk_FgnE4g9plDhBZ8saYEE-FkDlOwAhw9sFWw522Z8f9ikftfWy0_ENrvQFmGeiCOv83aiDBkOUbC68Tux1lDo4QtU1ixfWMoUCCGuQJRuRFIzTJ2EJXa8tAJOYMD80nubuIhZntiqsnS1g4IgvI77FjA-iDOzm96tgjw25jUck-f-Eaax9n8Hij4QINvB6TwVLCFwHCx4tTdYs28S84qKePhfuop6S1CeMUhhS68ZAjhqxMiNDYwX9uvewd1I1NUqzM-cHnhcJDssFjebigOw0rl8Cvyc88Nkr0sH-bd1cF0gcDrBTXx7KELR5m8engmbJDZO1-TI3wm58KznVEful-PmDHhZFFG73L_ob4WoogAgm-FizL8KDnexuSbZBfWUoUWXPKy2eUhgn0qeeIBXXQOBnJ0XkvfMIQEt_7r18ACZykvqP4-iOWTlEyHSF5BIKQ83rbGLqjwHXuzQPfEjCnUsajtQBNEUnqoBzaSIGILaUA7PVOy5LpRB-cpdV1mug6LIlARPHU1NN0_HDAmAnl3RuYMSS1Gi1EdyV4PuAFhfUzzClGeLX6QMJeM-LbPvk_TQewOa3R86LAm9f-xky4G2IKd4EQp3uUs_MLP4YnQxakYLHFjqcoabDLw1C1XjYTYGMt8c1zwmJWSuT91RKhgsD_NzKsF3kFdoeYz043GihCeIrcWQNp45FAqIsj1BpGYmjcT84EXuMYfptDM968H6V3uMWH66ym6JmPZRYOwKcxxQQaAOtsgjko5tsdTbWmUWLoQFIB1wBOvPmbF9iKqag6bZ8tUl-2GHuwM3upK8yioqFq24MWXsQjMn_7XCOi4ie2HZe_zUwzJly2lBh79UFk0wQIc555A1Jp9DeOBdeyT0ER8fYqEaQY-yn1RE8jgkNafvDAeX-DVnhd6XQdQIzuyMcvuLHjqBKHN81OseXni-HcelR8eSO32p7ys0yv5CyiSi5HcbEl8sQif6dd9jTnBlnn4yWMu-W-I_aTYUD4G6-3OY9gwB7GnX_DjCl2_tmyKG9v967YTBqk5ha6z5VnY0QvFtymlSEYeTrF24cM8UAqCzpJtzcuoFBOGxHQmPxUPz0vDhl7DDEpefqBwLGhfPeOscQKwHGfcVd1i4hM6Mbg_FulHUUDFj7d4ikDSg9yw8Q_s7xB7wp_NngRfR0RZgJLRoO-slrKfEa620cRjfelJHyV8Lv77XGu4WD7sQ0jvXs6iNESX2f-CZgkaPIRXfvsfNMVD1mfXhlzB0ec48xO_JE5D-WzmKjhKZuc8vZHhQiyBDIZXmW1sGUK05UkQp8CpDq5-VlNnCij9ZPOKVY6jganKjMtskwVFMoobrBPm3zVfvXZXyA449gzGX0n4mBOnQw7TVPL5xBMSdCjMzbsmWuzRJnf4x-KZadkCPFjEv5GkBwqDPaabvgfMIBBVszdi0Zls_dOG4xvrwpxCvUvBWxIdlRMNQu98Z0moR2iwLu7PM-B1qneeMBQYBwQ-UuVWIQx6StdZBjkb6W6ZsRmb7ip1wGVCd4gDEiqNGX5yP4RLeiA_Pxg5QKhJ-4mpfqgJGHKpGLDwUAk_vCpyuL6XqDmZAJTG3R2b5YXAXHbP_g5NfvVjF4CwnEXabIuhbrnXCFsNu25eOkPBYI6UTtylGyEDzLHAXcuXDm44Dxt6nAX2T4HkTtcPGYMEdZ1Cfpspq7gWfo5XJd-abl0Cv7fm5v5LN_GaWPm53_4VH1Gvzabg-UalzLQRed76T18v8AQQd29ac398QCtgFZEa8i_piCZ34elRoC6PVoO5WGYECUkzl7UW4Cw3bbBubF4rtzGVMlf2QwNtAEsLvKjBminqnV8sv7UlTr3jLryUw5Bs_6_M87BglO0-K4V2s_z2F_-muPjK3NDqeRxxewxbSz9PGEagkhn-9nliJsvFghkYvHp0ZwnmXbbQAeKVQsza9b9y1-X9xdVmdLIPuOKuS1TWQzbYefZr_ClHDAaW5c1OkYrVMptZqAqt9b2gfjnRRAvS2WWfD7Z7gEmccOWBGylVBDevH8vAoyJxXJnOjlHesmVYnTWwTFefL7l1giDg-pqzpopt_dNX7eY2CTDaX-KobLE2oIJ4-PU9OZBowLc6w7WUaqdRMoP4-Ra6JJwM91ghCOhPWlNzhW7EjGTjdO8CwkyMvhoD3y-In28whNYHN2Z2kU5dPmI0Q9xhh0dHO7Ql5Bb7WY1_gwuJq6E3cNPcpop7UiDmaLsicMHDBeBB3TiDVohqgguWQqPEaAHZkTBBJ0e7KN9MfQPK6t0oiGGYOiOUTbVw1NTZ95ljxPAQZNfn9ynxaHt5YX6NKw9qz0ry6hRUmJw1wiwO-BKu0zjg4wjXc1CvMyziAVp_3IV2gzfjmgdcEz6i77r1w6CieAQ_HYbupVfXeABdjPe_Nt9oFcK_FhctXvS5lNQ31_djNjF3k-oloc-BvTfziz6mbkGe5hCCKlYeh7dqPbxC6ZvrUc7om3MqGxzRhrFj4DnYShloxN-kQtWPucLtVO0Qq8_Lmek0l5HRD_4JRkX4zi6i60s39QNYph1cEGTsfMVm5px1LxQKofwViDhG4I-H4WMIAZfoQH_hvZiySCcVp-HNWO6PdZS57LTom8Q0I4-bk9AaPcRkpv9rzUPrdOFQ3ZTv5_RkceAmp6DFboeWG3pA0mNzCN4Zm5GNkbsaDMci9yrzpLC31YEzalCFaRD1-qHyN329kb7Theu5MDNvuMCBUL9mI32ah7euJwbvhiJ-W0XaDG56TSGH76WhQTJzzuqxRBqAUtpw90rG3MjLN2AlXoPBKNLwpQMxqWAEwnbVEsFpd83hNnfZiMxTYjxMe_2cXCGYY9-BpP7lf6fRD_WpxNmVFkznZgk6yrxrqLdgdUoMamgbY7zrb3XaMheRukHOVa6Axu4K_SSNAWJYQ86wb35OvTuBGnKNgzH15U0hgsJ6jzYMYLGEUJ-ZPl908qji_Svb6qypsL4oxDe3gtuBTWfhBB944CFElf7qgDvFkLYGeDwT6Ohz8_5qs7qBDjnLV8uILEhEVVn8PzVRtXEU8J_d5eXKzQ_F7RaqVriUdVZy5t0a1wgmOEAo71q2CM61p6hxICFOS3j9hQNsb3cDhljnVfE3qr09i0rPqDTua8zLsn2c8dMRB1A08PJ1v6ixyCDx0_mih7Lk6jYKHfkKPXFiHOVnOP0N94J2k8-CwzZJ8ZM8W2hqC6g4eTh9lu7jpRCSIPukGXilfQRtzCawQHEz80H4RQQabmzyIj75xs2G0yoeKJLpehcbck19Cumc62tj88YdoVs2WQnNpT0nUrrCYMbTVsQE35rIWFtuIjGAUTU&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=4042712434472144400&adk=943508955&idt=225&cac=0&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 69F4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU3oRBbZHChm_wY23HpnuMSfIACnZ73Lvm5DNdNRamFuGpvg59mURdlQGzRjeMvJmQojMaL2aJ94Qf23QEJ-tNOfHgD6cMMXdv8BXYnpiTTLqVCqzwk2Zg3EmqFBSshLPL0-_HLxXrCzdtNXVYHkfVgkiVVuzlCoAZW7-dUz5vvPJdZnc&cry=1&dbm_d=AKAmf-BzSwuVpamvFpM9hwdcNIclUhWX1Bu6a-Q4YjcA6lAh2cy48Idm3LXXAqyfWUZPXi34M23QoJ0bcEHQRcDKmWrUXuFVDpcJaJuZP5Y13FMYj-EjrSPaSMVaVYFWfA3kvHcomADe17z9VC6VFCDO8MaY8WO7ZmvSQu16_0ZShRiPQYjmRtlnTeIcnwXdoNJgRJ27pR_cg5YqqfZkh7KoA0g8UjbTHvezrEZhT7Crt8LA_TRwdilg9X6PHk_FgnE4g9plDhBZ8saYEE-FkDlOwAhw9sFWw522Z8f9ikftfWy0_ENrvQFmGeiCOv83aiDBkOUbC68Tux1lDo4QtU1ixfWMoUCCGuQJRuRFIzTJ2EJXa8tAJOYMD80nubuIhZntiqsnS1g4IgvI77FjA-iDOzm96tgjw25jUck-f-Eaax9n8Hij4QINvB6TwVLCFwHCx4tTdYs28S84qKePhfuop6S1CeMUhhS68ZAjhqxMiNDYwX9uvewd1I1NUqzM-cHnhcJDssFjebigOw0rl8Cvyc88Nkr0sH-bd1cF0gcDrBTXx7KELR5m8engmbJDZO1-TI3wm58KznVEful-PmDHhZFFG73L_ob4WoogAgm-FizL8KDnexuSbZBfWUoUWXPKy2eUhgn0qeeIBXXQOBnJ0XkvfMIQEt_7r18ACZykvqP4-iOWTlEyHSF5BIKQ83rbGLqjwHXuzQPfEjCnUsajtQBNEUnqoBzaSIGILaUA7PVOy5LpRB-cpdV1mug6LIlARPHU1NN0_HDAmAnl3RuYMSS1Gi1EdyV4PuAFhfUzzClGeLX6QMJeM-LbPvk_TQewOa3R86LAm9f-xky4G2IKd4EQp3uUs_MLP4YnQxakYLHFjqcoabDLw1C1XjYTYGMt8c1zwmJWSuT91RKhgsD_NzKsF3kFdoeYz043GihCeIrcWQNp45FAqIsj1BpGYmjcT84EXuMYfptDM968H6V3uMWH66ym6JmPZRYOwKcxxQQaAOtsgjko5tsdTbWmUWLoQFIB1wBOvPmbF9iKqag6bZ8tUl-2GHuwM3upK8yioqFq24MWXsQjMn_7XCOi4ie2HZe_zUwzJly2lBh79UFk0wQIc555A1Jp9DeOBdeyT0ER8fYqEaQY-yn1RE8jgkNafvDAeX-DVnhd6XQdQIzuyMcvuLHjqBKHN81OseXni-HcelR8eSO32p7ys0yv5CyiSi5HcbEl8sQif6dd9jTnBlnn4yWMu-W-I_aTYUD4G6-3OY9gwB7GnX_DjCl2_tmyKG9v967YTBqk5ha6z5VnY0QvFtymlSEYeTrF24cM8UAqCzpJtzcuoFBOGxHQmPxUPz0vDhl7DDEpefqBwLGhfPeOscQKwHGfcVd1i4hM6Mbg_FulHUUDFj7d4ikDSg9yw8Q_s7xB7wp_NngRfR0RZgJLRoO-slrKfEa620cRjfelJHyV8Lv77XGu4WD7sQ0jvXs6iNESX2f-CZgkaPIRXfvsfNMVD1mfXhlzB0ec48xO_JE5D-WzmKjhKZuc8vZHhQiyBDIZXmW1sGUK05UkQp8CpDq5-VlNnCij9ZPOKVY6jganKjMtskwVFMoobrBPm3zVfvXZXyA449gzGX0n4mBOnQw7TVPL5xBMSdCjMzbsmWuzRJnf4x-KZadkCPFjEv5GkBwqDPaabvgfMIBBVszdi0Zls_dOG4xvrwpxCvUvBWxIdlRMNQu98Z0moR2iwLu7PM-B1qneeMBQYBwQ-UuVWIQx6StdZBjkb6W6ZsRmb7ip1wGVCd4gDEiqNGX5yP4RLeiA_Pxg5QKhJ-4mpfqgJGHKpGLDwUAk_vCpyuL6XqDmZAJTG3R2b5YXAXHbP_g5NfvVjF4CwnEXabIuhbrnXCFsNu25eOkPBYI6UTtylGyEDzLHAXcuXDm44Dxt6nAX2T4HkTtcPGYMEdZ1Cfpspq7gWfo5XJd-abl0Cv7fm5v5LN_GaWPm53_4VH1Gvzabg-UalzLQRed76T18v8AQQd29ac398QCtgFZEa8i_piCZ34elRoC6PVoO5WGYECUkzl7UW4Cw3bbBubF4rtzGVMlf2QwNtAEsLvKjBminqnV8sv7UlTr3jLryUw5Bs_6_M87BglO0-K4V2s_z2F_-muPjK3NDqeRxxewxbSz9PGEagkhn-9nliJsvFghkYvHp0ZwnmXbbQAeKVQsza9b9y1-X9xdVmdLIPuOKuS1TWQzbYefZr_ClHDAaW5c1OkYrVMptZqAqt9b2gfjnRRAvS2WWfD7Z7gEmccOWBGylVBDevH8vAoyJxXJnOjlHesmVYnTWwTFefL7l1giDg-pqzpopt_dNX7eY2CTDaX-KobLE2oIJ4-PU9OZBowLc6w7WUaqdRMoP4-Ra6JJwM91ghCOhPWlNzhW7EjGTjdO8CwkyMvhoD3y-In28whNYHN2Z2kU5dPmI0Q9xhh0dHO7Ql5Bb7WY1_gwuJq6E3cNPcpop7UiDmaLsicMHDBeBB3TiDVohqgguWQqPEaAHZkTBBJ0e7KN9MfQPK6t0oiGGYOiOUTbVw1NTZ95ljxPAQZNfn9ynxaHt5YX6NKw9qz0ry6hRUmJw1wiwO-BKu0zjg4wjXc1CvMyziAVp_3IV2gzfjmgdcEz6i77r1w6CieAQ_HYbupVfXeABdjPe_Nt9oFcK_FhctXvS5lNQ31_djNjF3k-oloc-BvTfziz6mbkGe5hCCKlYeh7dqPbxC6ZvrUc7om3MqGxzRhrFj4DnYShloxN-kQtWPucLtVO0Qq8_Lmek0l5HRD_4JRkX4zi6i60s39QNYph1cEGTsfMVm5px1LxQKofwViDhG4I-H4WMIAZfoQH_hvZiySCcVp-HNWO6PdZS57LTom8Q0I4-bk9AaPcRkpv9rzUPrdOFQ3ZTv5_RkceAmp6DFboeWG3pA0mNzCN4Zm5GNkbsaDMci9yrzpLC31YEzalCFaRD1-qHyN329kb7Theu5MDNvuMCBUL9mI32ah7euJwbvhiJ-W0XaDG56TSGH76WhQTJzzuqxRBqAUtpw90rG3MjLN2AlXoPBKNLwpQMxqWAEwnbVEsFpd83hNnfZiMxTYjxMe_2cXCGYY9-BpP7lf6fRD_WpxNmVFkznZgk6yrxrqLdgdUoMamgbY7zrb3XaMheRukHOVa6Axu4K_SSNAWJYQ86wb35OvTuBGnKNgzH15U0hgsJ6jzYMYLGEUJ-ZPl908qji_Svb6qypsL4oxDe3gtuBTWfhBB944CFElf7qgDvFkLYGeDwT6Ohz8_5qs7qBDjnLV8uILEhEVVn8PzVRtXEU8J_d5eXKzQ_F7RaqVriUdVZy5t0a1wgmOEAo71q2CM61p6hxICFOS3j9hQNsb3cDhljnVfE3qr09i0rPqDTua8zLsn2c8dMRB1A08PJ1v6ixyCDx0_mih7Lk6jYKHfkKPXFiHOVnOP0N94J2k8-CwzZJ8ZM8W2hqC6g4eTh9lu7jpRCSIPukGXilfQRtzCawQHEz80H4RQQabmzyIj75xs2G0yoeKJLpehcbck19Cumc62tj88YdoVs2WQnNpT0nUrrCYMbTVsQE35rIWFtuIjGAUTU&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=4042712434472144400&adk=943508955&idt=225&cac=0&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8FBF 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 8FBF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CO02-6NvbIdROsc10UJBJDg1_E_dttED2K3XRqfUbhic-nfU1dADVh9mxPuIZTifONd5gMIGKqMcZpYPF0u-a56SlDp9bWh6TAVqw1Stkw8YTKR2hhsck-O8AzYqCp0QzwIIw0uWgcF_08Yrdyz5_WN-ZAFXsM3RDOJn-V2aufgXPZUuQ&dbm_d=AKAmf-CicySAJhdyblkCdRnl2-8q-e1ZrhaUGKz4lY2_iN5wGbDOwpEaWqxFOT4TCtXeRtgLe905QyY9wD5sn1hAC2BOgwJ6TUYM77YuJLf71wwjroQGFQLn9EfJ-KbQmBkG192C_zyqOi6wM5BcIsa0WwrJI01CnPpu2tk6C1oWGSz6l0Q05KAqpy_edkkyEcgiz5Y7NADjrGZYIFW7nKqavKFt52YuQOGZuCTy6lO_DXNhZWGr1I77h4gQ8UdTz5Twz3jEAIiSf3dm54xUTPmBmDupk22ylQoGGqJwFZWhLUuqZmUd6kLNx27xZg0MMXRza9yIzcFg_2fkg-pw4QeJtwxBnDKiKgHnRCYrsHIjfeo24k6uMuvd5JCTAJWd7Xlze4TbL4_RIUdNoYcVRAcQMwo-H5P4-B_4ZXTOraooblD3-Ynn6-MK-2YqNBLEF_H5rcEMnUWFbgTnGBQLhE3QaEvp01208k7ArspECI1rfcyGxyk2TyAM3bOu_Pptip1MqV6XJ0kkT6UDLy5QUB4-NK2ZMIt-r7MSN72HrGZaKCV7UzKcR_Ws2IZtexHETKQzTHnbx6pOfyD2-h-0E1fmiBTL5i0Q-JHYbKjLvb4-0BzsbXeBZ8z8FmOpt5iIfaLAZZ1mUsbzabva7fwU5gaT5tIuSsJY9EVdyRZd9evAYoj65nT4ZgeFERTMXCI0tZ3UVi4KqXE2M4uv0R8WRaEUiUcdmF86AT_76Uz6zm2-aSR79i7xvjHWkNfO1JPm3eTq1tqjLL2JxIfjcoOjm0k8XG7M6eEKR0OB0cc49Kq-Kx0BVe3kD6U9YiDyHlIiwRg9LBeOWJJvRMndQCXMlf-zci2RtydV3GKAK1L_zfus2Kolo56rLPm8tkrIXtc81swD5Ky908REROk9Diox8s-WX7Fuy7DrBVBH4jZjBDNXUp5kYBcokkxLCWGvc1pstptYdPOhE2Iv1XAPw-LgPJwamHMvJctgoeLby3iNlqB2eNK7PTsKoJIsPMN-CFqgteSO_SA4o6WYIBXU6ixKcKeGHJg2f60NtGK_u6vdAa3WzlTljmo5lHcOBX-qMOpUaTEXnlx_IC30bRBfDzuG5NMRi-a44yn99ysx0cSsmDzqQAx_PE-QwbjVnlMhj1FkcD9FEF-l9fJcbNN8L15A5gUUZntWSjkqvqJKGX9qWzDNDLBQtFffUQxxznO21CiFGi4mUpNBuAJyRjAX45iyFCJxmrkTjB_HRLvWYYK0iSINxefDKIQfw_OPGaRw14LC-0k6e3yUNgi5N_42cuuJO9lURiZ_Z4RPB66CwuHqMd6BSias9R31dzvc6fzHlEzJ5KRZgZ96pguy_uXewdhIQz7heImjbqRaIPQbW5cBjSOGpQd1dgpe6_eUjt4P48LzcZwo-v0yF2XptBQsNRRjZrgsDkA1UU3iFtYca3k0kBhKKekad0gVJHZhvBWtE5Wdobxuh-zZNsiYWOTKISrFXXbAoSZn4yZL-HskbdTVZwgXqCUUpFJKntMjG2TQifq_Hj_vhkOWx_aS7fmeBTvom5uLoBq_rD5UFFepfnBxzKLBTex7ixmjklB2CKwdr_uKmB0oF7ID21yqh7HoQeFLDdo48KPo9ubR-9XJKxNN8ZEAgU2joeorcrV-bUCnthOpowzO3ZnoSC2ch1NjYS9XOdsalIrletZi_I_KHaRE8ySQdTEopOzfTfCqhA4MDfLm6KZyTMk8555CF9Ko_YRIwGqKVe4yoHho_doMOn8fWy_v_QGht57BHzp0CZHaVt95bKI9Bol6u6e7EVRijX-X1zF74ic3iO9HpdYr09jojQ713uahI-l1e115y8E_eo0kDRNl1eK2SkREoR4EckXui-OT1h0FRqTDdau1T_rfzIsyrkiqUQ1l7KW32P_6qCtJr_J7wlDDKjuR2Z-Ho8tjTpia96rHcuakd1Up4In0ClW3cMmjQTN4P7w5X0OnGX-eS8OQoCuyz_sv6vPkKdKiwUtV2TzrtG1Ka38AI9QhQ6wadHWuATOnt5YQbbA407VzPpYqXxiu557TAWOKR1HdMfwmNZvYhBpckhioDRcamxkRrhIfmpnq7RoOFaS-7NKKlOg9OaWqfyA7oKkou3ObGcCk2W3a_bk23PKHei3PzVbXJNcOVP1Sy6HyT086H5WRD4JRvBOyZ4VGvEpeXP7_LIVLp3W934LgLByg4sKwDFHIb53mDHggVX1vHtt9Z5Du3-t1_82Z7wBSnkMw15lPewxTmkMsg3mC-rdkee2jAM4-Juo2feSjcCBm7_NP1SnMZVOKz3gQ22ryHc-7r_fnwE9RE0kj2-ymfBpn5jPa6UulHnm9Kde3KRbYDXTrG_089L7vacXyLgaXgdhk__bmN4uIPQdBrjCYumAwKRcgCjO2-5jdVz30Heh9nkedpeS4wbYN08FhXP1374mqpCFinBCzoEuJ6cMIxe8LFUBaV3ouRBabKVqxlxJLoR6Mxz7imcfTNlT2XAlWgot9IwAaqAgTJNYKF_37g5Z8QZyOs_29QK7fsZtjsUk6ZAohxn_84zsPbW14krjiAi3rRx14fdFJKzTEZmLJmWnjOgCAhS4neKbpTJ8QBmBNtoJ7VXSHG4mMjDBcI6XcAWeqIWAHNEZHJJHRuxaJrd0Bav3fICYOHT4ZXG7ppMRKrvU7faCB4nkeqp1Scn9mUkYDU-gv6m4OKE_BaAeh0QvO-J5WRVchCz44RSCg6iUGl23GQlisDh9Pjq7koSC14lW4QtNjbB0oI35FI-YnSYSA3jcUNYq0lIimjvAB5t_4AM4ohSIKIt8nRZwDifas_F5MTGzGnQ4PtbfI21IFsJYxZSnEMC-NoQCwO1cqdXx_wXIV1jF8caklf3lYDVJcHcSl0DXlfP8FdnPY7_0G3m3wyck21Q_LUSIE7fo4J0XHK3oMPkv1EIj3jDjF2abzZZEFUK795S6fRfUzbsIpDHgedcUy9Rfv1RGsBOS5PNshb5dcebaWQoWjfxdQ5GNsaGQykvGiCM3hvl37NIwKzNRs6LER9znSKx73luA7DaV7KSUjHGPdB0tSEkgzFet5pzf8xHKGO9VP0hPxD_I9SeIL4Vzav_mEpfeQxNhzzPkcxAQXQfHLVQfOhd87rSrEBc39aeOfGfzpW0rLqKgr--mt-QaFrDREMxaoJC1r6aYo4wY1ZOaTAeDpEZurOicZe7s52-FLOUoDUDIOL7ibSu32kio9zktPus4vsN9ewVWXMyf-3kS2SD683EeRVJOH-CbCS8sU8yif-BqD5MNqG686jIbLcS2FjpYubtWgQBFG_Hr-FCBCVaPFc3fAsi7vjwEP3Ca7VdzeirzVu4kWGk7j66QOI_loGHnWVv4dEmjYVdneUk9eApnsmIFUYvQkOuIcrfkYhxP4vqX1V9AhbNUd56FVJ-vH6bDoev-FnE9CODuORw7UbyHKZLw5hzzlo-Mpt8DC_bkK6Z9DXh98O0Xqrn8HSXxFzzFExx7WZQKChjMKYYEhInvvV9tf30zx4xAPKe2iv-EHOAKJo7fW5A2xBUENdq_oqSBrdWvvNIuqsXf1MP2ZYXgp6aM8_fjgDDfVsKM2Cmo56lLAkxrcqbXjM87LGz3IEuAfuObNdixCKdu_LHPzxZqtz8zqZlZURqh--NF7UnflPBnfZnwbGkhfIX0cmPT2KRdyTJMrdBQKHXBRdyjrx4d7tEDrS6dJ&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=11531820878333293000&adk=3944675600&idt=230&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 8FBF 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CO02-6NvbIdROsc10UJBJDg1_E_dttED2K3XRqfUbhic-nfU1dADVh9mxPuIZTifONd5gMIGKqMcZpYPF0u-a56SlDp9bWh6TAVqw1Stkw8YTKR2hhsck-O8AzYqCp0QzwIIw0uWgcF_08Yrdyz5_WN-ZAFXsM3RDOJn-V2aufgXPZUuQ&dbm_d=AKAmf-CicySAJhdyblkCdRnl2-8q-e1ZrhaUGKz4lY2_iN5wGbDOwpEaWqxFOT4TCtXeRtgLe905QyY9wD5sn1hAC2BOgwJ6TUYM77YuJLf71wwjroQGFQLn9EfJ-KbQmBkG192C_zyqOi6wM5BcIsa0WwrJI01CnPpu2tk6C1oWGSz6l0Q05KAqpy_edkkyEcgiz5Y7NADjrGZYIFW7nKqavKFt52YuQOGZuCTy6lO_DXNhZWGr1I77h4gQ8UdTz5Twz3jEAIiSf3dm54xUTPmBmDupk22ylQoGGqJwFZWhLUuqZmUd6kLNx27xZg0MMXRza9yIzcFg_2fkg-pw4QeJtwxBnDKiKgHnRCYrsHIjfeo24k6uMuvd5JCTAJWd7Xlze4TbL4_RIUdNoYcVRAcQMwo-H5P4-B_4ZXTOraooblD3-Ynn6-MK-2YqNBLEF_H5rcEMnUWFbgTnGBQLhE3QaEvp01208k7ArspECI1rfcyGxyk2TyAM3bOu_Pptip1MqV6XJ0kkT6UDLy5QUB4-NK2ZMIt-r7MSN72HrGZaKCV7UzKcR_Ws2IZtexHETKQzTHnbx6pOfyD2-h-0E1fmiBTL5i0Q-JHYbKjLvb4-0BzsbXeBZ8z8FmOpt5iIfaLAZZ1mUsbzabva7fwU5gaT5tIuSsJY9EVdyRZd9evAYoj65nT4ZgeFERTMXCI0tZ3UVi4KqXE2M4uv0R8WRaEUiUcdmF86AT_76Uz6zm2-aSR79i7xvjHWkNfO1JPm3eTq1tqjLL2JxIfjcoOjm0k8XG7M6eEKR0OB0cc49Kq-Kx0BVe3kD6U9YiDyHlIiwRg9LBeOWJJvRMndQCXMlf-zci2RtydV3GKAK1L_zfus2Kolo56rLPm8tkrIXtc81swD5Ky908REROk9Diox8s-WX7Fuy7DrBVBH4jZjBDNXUp5kYBcokkxLCWGvc1pstptYdPOhE2Iv1XAPw-LgPJwamHMvJctgoeLby3iNlqB2eNK7PTsKoJIsPMN-CFqgteSO_SA4o6WYIBXU6ixKcKeGHJg2f60NtGK_u6vdAa3WzlTljmo5lHcOBX-qMOpUaTEXnlx_IC30bRBfDzuG5NMRi-a44yn99ysx0cSsmDzqQAx_PE-QwbjVnlMhj1FkcD9FEF-l9fJcbNN8L15A5gUUZntWSjkqvqJKGX9qWzDNDLBQtFffUQxxznO21CiFGi4mUpNBuAJyRjAX45iyFCJxmrkTjB_HRLvWYYK0iSINxefDKIQfw_OPGaRw14LC-0k6e3yUNgi5N_42cuuJO9lURiZ_Z4RPB66CwuHqMd6BSias9R31dzvc6fzHlEzJ5KRZgZ96pguy_uXewdhIQz7heImjbqRaIPQbW5cBjSOGpQd1dgpe6_eUjt4P48LzcZwo-v0yF2XptBQsNRRjZrgsDkA1UU3iFtYca3k0kBhKKekad0gVJHZhvBWtE5Wdobxuh-zZNsiYWOTKISrFXXbAoSZn4yZL-HskbdTVZwgXqCUUpFJKntMjG2TQifq_Hj_vhkOWx_aS7fmeBTvom5uLoBq_rD5UFFepfnBxzKLBTex7ixmjklB2CKwdr_uKmB0oF7ID21yqh7HoQeFLDdo48KPo9ubR-9XJKxNN8ZEAgU2joeorcrV-bUCnthOpowzO3ZnoSC2ch1NjYS9XOdsalIrletZi_I_KHaRE8ySQdTEopOzfTfCqhA4MDfLm6KZyTMk8555CF9Ko_YRIwGqKVe4yoHho_doMOn8fWy_v_QGht57BHzp0CZHaVt95bKI9Bol6u6e7EVRijX-X1zF74ic3iO9HpdYr09jojQ713uahI-l1e115y8E_eo0kDRNl1eK2SkREoR4EckXui-OT1h0FRqTDdau1T_rfzIsyrkiqUQ1l7KW32P_6qCtJr_J7wlDDKjuR2Z-Ho8tjTpia96rHcuakd1Up4In0ClW3cMmjQTN4P7w5X0OnGX-eS8OQoCuyz_sv6vPkKdKiwUtV2TzrtG1Ka38AI9QhQ6wadHWuATOnt5YQbbA407VzPpYqXxiu557TAWOKR1HdMfwmNZvYhBpckhioDRcamxkRrhIfmpnq7RoOFaS-7NKKlOg9OaWqfyA7oKkou3ObGcCk2W3a_bk23PKHei3PzVbXJNcOVP1Sy6HyT086H5WRD4JRvBOyZ4VGvEpeXP7_LIVLp3W934LgLByg4sKwDFHIb53mDHggVX1vHtt9Z5Du3-t1_82Z7wBSnkMw15lPewxTmkMsg3mC-rdkee2jAM4-Juo2feSjcCBm7_NP1SnMZVOKz3gQ22ryHc-7r_fnwE9RE0kj2-ymfBpn5jPa6UulHnm9Kde3KRbYDXTrG_089L7vacXyLgaXgdhk__bmN4uIPQdBrjCYumAwKRcgCjO2-5jdVz30Heh9nkedpeS4wbYN08FhXP1374mqpCFinBCzoEuJ6cMIxe8LFUBaV3ouRBabKVqxlxJLoR6Mxz7imcfTNlT2XAlWgot9IwAaqAgTJNYKF_37g5Z8QZyOs_29QK7fsZtjsUk6ZAohxn_84zsPbW14krjiAi3rRx14fdFJKzTEZmLJmWnjOgCAhS4neKbpTJ8QBmBNtoJ7VXSHG4mMjDBcI6XcAWeqIWAHNEZHJJHRuxaJrd0Bav3fICYOHT4ZXG7ppMRKrvU7faCB4nkeqp1Scn9mUkYDU-gv6m4OKE_BaAeh0QvO-J5WRVchCz44RSCg6iUGl23GQlisDh9Pjq7koSC14lW4QtNjbB0oI35FI-YnSYSA3jcUNYq0lIimjvAB5t_4AM4ohSIKIt8nRZwDifas_F5MTGzGnQ4PtbfI21IFsJYxZSnEMC-NoQCwO1cqdXx_wXIV1jF8caklf3lYDVJcHcSl0DXlfP8FdnPY7_0G3m3wyck21Q_LUSIE7fo4J0XHK3oMPkv1EIj3jDjF2abzZZEFUK795S6fRfUzbsIpDHgedcUy9Rfv1RGsBOS5PNshb5dcebaWQoWjfxdQ5GNsaGQykvGiCM3hvl37NIwKzNRs6LER9znSKx73luA7DaV7KSUjHGPdB0tSEkgzFet5pzf8xHKGO9VP0hPxD_I9SeIL4Vzav_mEpfeQxNhzzPkcxAQXQfHLVQfOhd87rSrEBc39aeOfGfzpW0rLqKgr--mt-QaFrDREMxaoJC1r6aYo4wY1ZOaTAeDpEZurOicZe7s52-FLOUoDUDIOL7ibSu32kio9zktPus4vsN9ewVWXMyf-3kS2SD683EeRVJOH-CbCS8sU8yif-BqD5MNqG686jIbLcS2FjpYubtWgQBFG_Hr-FCBCVaPFc3fAsi7vjwEP3Ca7VdzeirzVu4kWGk7j66QOI_loGHnWVv4dEmjYVdneUk9eApnsmIFUYvQkOuIcrfkYhxP4vqX1V9AhbNUd56FVJ-vH6bDoev-FnE9CODuORw7UbyHKZLw5hzzlo-Mpt8DC_bkK6Z9DXh98O0Xqrn8HSXxFzzFExx7WZQKChjMKYYEhInvvV9tf30zx4xAPKe2iv-EHOAKJo7fW5A2xBUENdq_oqSBrdWvvNIuqsXf1MP2ZYXgp6aM8_fjgDDfVsKM2Cmo56lLAkxrcqbXjM87LGz3IEuAfuObNdixCKdu_LHPzxZqtz8zqZlZURqh--NF7UnflPBnfZnwbGkhfIX0cmPT2KRdyTJMrdBQKHXBRdyjrx4d7tEDrS6dJ&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=11531820878333293000&adk=3944675600&idt=230&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-44BZGBH5PG&gtm=45je34q0&_p=1322728739&cid=48352262.1682689534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682689534&sct=1&seg=0&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&en=scroll&epn.percent_scrolled=90&_et=19
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44BZGBH5PG&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DEHFJ8M3W4&gtm=45je34q0&_p=1322728739&cid=48352262.1682689534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682689534&sct=1&seg=0&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&en=scroll&epn.percent_scrolled=90&_et=92
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JL4WNPXLQ8&gtm=45je34q0&_p=1322728739&cid=48352262.1682689534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682689534&sct=1&seg=0&dl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&dt=Dapat%20Telepon%20untuk%20Cek%20Status%20Vaksinasi%20Covid-19%3F%20Kemenkes%20Minta%20Masyarakat%20Waspada%20Penipuan%3A%20%27Mohon%20Diabaikan!%27%20-%20Grid%20Health&en=scroll&ep.ArtikellD=2900082&ep.Author=Nikita%20Yulia%20Ferdiaz&ep.AuthorID=8455&ep.Editor=Gazali%20Solahuddin&ep.EditorID=164&ep.TotalWords=332&ep.Category=Health%20Update&ep.PublishedDate=2021-09-20%2014%3A30%3A00&ep.SiteName=Grid%20Health&ep.SitelD=35&ep.ArtikelSource=&ep.SubCategory=Health%20News%20Today&ep.ArtikelTag=telepon%2Ckemenkes%2Cpenipuan%2Cwaspada%2Ckementerian%20kesehatan%2Choaks%2Cvaksin%20Covid-19%2Cvaksinasi%20Covid-19%2Cstatus%20vaksinasi%20Covid-19&ep.ArtikelType=Standard&ep.ArtikelTitle=Standard&ep.Lipsus=&ep.Lipsus%20ID=&epn.percent_scrolled=90&_et=35
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A864 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame A864 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKo3M0LYnPzslVHxlmWyfzEIMJhT82cWxhTICZ55QasCPLJcGjyhkBKF3S0YF12FDmLqfXA8M6QtqZ3iOSk3x5TzXtd_VofWpxWfyBuWqK1f_EdM0&cry=1&dbm_d=AKAmf-CPfnNO0wYT9W7A0OLe0V28qlxKvDYhTJYXxqpqNVO-DAPOhXRHcICyFnWyHJLcybZ8ovMTUP8O_wpMHnK1-mbx85ri8JMdmrdscnbl9Y9GLL7tyJBqhHVff9bDzENcuytClpfNPo35BeJh-gWQWgtN3lWkdR5rwcEJh3--kN0BwVHxkfv2kel9R5Ysglq2xCakX_wnqaPxOD8FolhCpwhoxGTvaUvxARrpxl2Z7Fgwa13xA5ugh967-1jMELG_aB6jtKV7NiGe7_5ufY90DjAlUBRT4GeN1vfEkmAJBogUXe5XawE9qP3W3Q7hTr5vgIQFvWkqAzc04ujtp26vpqOq2LczNg76pwHDjYmGNtu5OnvsadVWSRO75LtCtvnGy3MdgYa_QRiUeB9YylR2zENJ8goqPgN_f4hIDDDuXdz-upHTAL148A5DJBSb-8n95_LWUWLWjD5ev1vJHY_h6S6u-Imxb_6XuQum4FKGAz8nnS2pmqb4AalJc1KgvSA-8a9lVdWQLkT_1Xij-dZ7EhzCY47tezy5MWnVWTZaCZAjDqr_XOt05ubxu4rd6ubo-14B0o_OzG7kPQHKJQV1nc8wxtyb7di4Izr54-Cm4uabt01N8qSZB3ZIkzYg9syy_Tlbbeg1dzYbZ4dpFdXiGMMMZ5BI5AsWBfGrduydXwU5Wzi9aLzcKO1G6r2crRWOF3stru1ul2mH10vP-lOb3txaVz38PvbrLcdlJ6SVfgGJm6fkS_KoaqvKkxb1eupXuc53v_nUxX0KM05kir1A2VHGGz4JlwG__8g_2-vxUxSeVbqsQ7ePB9gqmOvVBEfgwu8-f2LU6ZNSVnTrfEonvdw6zm95PqfxrLUOoi-rcnRJcQp_PRn8xQWob9-1OILskCmRV6260RPAc0HZYGsaQrTqlGf03DDdbgjUKsVp3Wp36ftURslfry5oNDz6bPOZdL299m_oujr0ISAcEKewcxWWG52AqCd5WYLLN35XVcSUAPRPctn5rsHmlrl34GH3eDhAO9uVDd7pRW_GoHa0Um49KkTQAoOypNQg3CWwc0nG1iyk0wXjCuccBiuKPzxGpqH_yak1ZOhUnh6-15jupGY2ibcWSTg82bkaEiBOu45SBee-kzhT1Gf1Cr4j4E2jCyfrMhzFuneYPXNhpuEuOXVLAkN4bYrSwP3mhehhjxme3hutpvRu2sbcwDHq1FMg8yM7m16yc_atthOVesWNnYNRuOwL0vML6DmiO8xnZ5NcYCsJNw5ItaehXP3ZiVxT1DkOT_7p0SqzXfI9YCgFw1CC1kHnt1s7FD4_yRjGkzcmnCSLb3Wdt8yPjSClMA_4GxExpAvkGMGgGKCJIc6ghBs0YE1OXyqZIBjeNLU-dzvHg2YMSWs-SRBbj1aIGEuOlC20ToYJOiHlicE2ehUlvfbQUa3VPng6RFXgS4Nw6mseB51FaqM_YXfvS_8TIdxwZutZE8HSBMSo8ADd7T6LhmG9lLzWpixergIF0CHApMJFALcbkqFshuOR4cFChWvJX25kGrGmMLFXMRiCvH5FTT7JEdu-6RJNNxGBNNDzEuaqMJbR_PTJiw5SQuCcPbZGWeVFzgg28ohf08ZwaRlZcIYgCNm7fpM5Pa51kpWaFc8DXry6nz0vHF-Z2PM3CUU7bVoF_wB1uuAXU4oXjqQoQDfXvpfGsv0aX5FjY8GqSxkAOujcPppf20BU8S9DlF5EUD6GodbQrIXklD8TWGxVGKEizid0c-Xr0GTopNzuOMeWusQueqMqsylIRbTFDyaTImEBZBDf9rp8PAt5OZ-ybBVC32nT9qILWKCzxPdtniteZjmVxVQknN9CYdYTc6Vl4mmfPJQnsQQKW4hvy5siw1PNsgEDU8AyUlfcL037ZMab2DI_vTm-MblRg3psKDc2fNjLkBML8ejahnuMlfIq4r-8PAVCVW02jDne_NR9yQ8VVNJPJuWLTVAr1hMRtISbhVRtC_C0dxK31fNukaZFvhbisLLA41Pzr80kWVQyLst9ncsw-3FsrUsSx7jK7RvcEGBKgd8kOP1JWlc_1nizEMk6vGjJ9I_Q-mXIlIzbPzZFvYH__rT4rlSWww7Vas5Qz3_rsVrUEPuBKdrlTMMh8zfqBrKVkMAaSBMVDjosSgbg9_pzlKO3yWm-HhF1e5mGLc_CAGdr_WtS5iFYzcD83Afv72lE14nuoL51cYCD4wOlKbOOwblegkmh1FVKFCpf8GWmTmFtNQmiY8Vcr4adycdgXvvX5nV3uZuvOUibSoe2_Rh--dHz4FV_BObk-LyZ9bXGeNtgePmJi2dxZzgg9QRNWmLsZb90JLJ4735AxSYTcFogPt1aQBPvlJox66l75Q0KZ9NwziE-7_MjSzAC6PEKk8jGfWEH0jbyoIMCX4G2XX-WKaTD7cTcApUxBMcqAU5MAcUUv7_d8l3gBZZ1Q1CxtfLz1a-3ru_xdBOJveYyHpYn5IIH1NhR4TP5taj2JJjt40DqDwRv5U8gj8l-f-5WffNiDB0vh8pE_PpOhaErvykLbRZRCVxK8-E8x9rHQbiaXDWeJ2HUeZIsZzK4CD9wZF1UN3l0HawxnFri6plbAGpl1ykahEJqmF3rXgvQvf1YbDwRw8mi6NrRGZ1vKOVO03N4itPC7REJ_jXQ-SLnSmabWbZq1oV7CdvdceJ-uknDNE0Ay4PbtxlOstHUF7d6Bk2iDn_7P2LIGHKf5hLCDQHdXHFrgJ9pHLtjmwEQ7vhbKZ_vDUSPEOLAlINa1NWHm9LftVTtXMeHQBJltbP4LVnH5En8sviKHqBoJz2shwNzdcr1MklQsMQDmTmK9Tm33G0d0B5cThIoIPgC6zJ-1pOW5RcV5xgrEO0u8VZlsxx76P3z242pBGNkgtE0fHxdUxuuiU-rEjZzcAgDo8ABw0epX5F1F78OAPVoAscp6OdIbEm27HWO2fODDpt4O_WFdNww8GNjiPeiVcBcZKUV58H9R_H6nzpEwz_rvIMA203hgVUqNPVv6BWO952JdxS5Te6pmNkiqETRGFZn-l2b3ls2D4SENVHTBW6XiupJJRx0n1BKOEJ7NdU9lvcln2COnm4xwfCCDJBOU0cLQJlt-FWsfYtiqA_IO6yOZtI56cgZ8C9CkxciR7HUCW48HnL2szH9Cfs34d57YNKZ22ZDZ2YzwqiwVLnXMXi-ek-uoyH3ROyTkejRH6kcWS1ZtoDgIH5cqki9Rg4cgVkaJprIRLwHzlsN45U5mUaE1-wodWTn4aaW574SCSe7fNXg9yE_UybtsjCTIT4ZJNVgZLm-vJLcIaBWGpnKY8lfmdzi_wUmML4lnUMkVQLWnV89lNKM1uBGIwdlL67fSJok2da1d15nld69yIYyXGf8r2GuRuL37vkVBIUmx6qI05O_OO6HLvF4u6IsY1UxiLdhLthF_0T8yrXEnM1Pzv5MZzTF3Z9lmnygUsc0XFiY4BGQsQYd41qcVH4qg0A0gxIA-FhcTB_oV4_XrO0jIA_GUGUKUkdbT23hEI5hRg5lI8WMMvsH9uJV7R855kPTsOQ5I6vk2pgdG3xYoejuKcvBRTtkxJP4pmWBLp_fWBuQPjBnTXpbVzVzgw9TcdBo0U4mlAPpvN4u6gPPsshX35CYDCbdWhPXSfPYc8EJgqyMlrFEAkZrgSTx6yYHK53Z1gZxOM_a4vW2jXWTLqLO9zsO4mN3tzCaMUJlDWAUkffkCm-g_IcllZsrJ47yJJbsZiDswM6Ax7q8uWbRf8DWPKidlyi0ztwWtDthK-lx3l8HtUcj418Z2xzQ3CCfK_tHuQt1IQGFsKB9kFY1zpfuKnr6lCwlnwNeorv4Z5B_R_nsm6z6aPcFQNDH7Q&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=13957174342427460000&adk=2004672170&idt=211&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame A864 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKo3M0LYnPzslVHxlmWyfzEIMJhT82cWxhTICZ55QasCPLJcGjyhkBKF3S0YF12FDmLqfXA8M6QtqZ3iOSk3x5TzXtd_VofWpxWfyBuWqK1f_EdM0&cry=1&dbm_d=AKAmf-CPfnNO0wYT9W7A0OLe0V28qlxKvDYhTJYXxqpqNVO-DAPOhXRHcICyFnWyHJLcybZ8ovMTUP8O_wpMHnK1-mbx85ri8JMdmrdscnbl9Y9GLL7tyJBqhHVff9bDzENcuytClpfNPo35BeJh-gWQWgtN3lWkdR5rwcEJh3--kN0BwVHxkfv2kel9R5Ysglq2xCakX_wnqaPxOD8FolhCpwhoxGTvaUvxARrpxl2Z7Fgwa13xA5ugh967-1jMELG_aB6jtKV7NiGe7_5ufY90DjAlUBRT4GeN1vfEkmAJBogUXe5XawE9qP3W3Q7hTr5vgIQFvWkqAzc04ujtp26vpqOq2LczNg76pwHDjYmGNtu5OnvsadVWSRO75LtCtvnGy3MdgYa_QRiUeB9YylR2zENJ8goqPgN_f4hIDDDuXdz-upHTAL148A5DJBSb-8n95_LWUWLWjD5ev1vJHY_h6S6u-Imxb_6XuQum4FKGAz8nnS2pmqb4AalJc1KgvSA-8a9lVdWQLkT_1Xij-dZ7EhzCY47tezy5MWnVWTZaCZAjDqr_XOt05ubxu4rd6ubo-14B0o_OzG7kPQHKJQV1nc8wxtyb7di4Izr54-Cm4uabt01N8qSZB3ZIkzYg9syy_Tlbbeg1dzYbZ4dpFdXiGMMMZ5BI5AsWBfGrduydXwU5Wzi9aLzcKO1G6r2crRWOF3stru1ul2mH10vP-lOb3txaVz38PvbrLcdlJ6SVfgGJm6fkS_KoaqvKkxb1eupXuc53v_nUxX0KM05kir1A2VHGGz4JlwG__8g_2-vxUxSeVbqsQ7ePB9gqmOvVBEfgwu8-f2LU6ZNSVnTrfEonvdw6zm95PqfxrLUOoi-rcnRJcQp_PRn8xQWob9-1OILskCmRV6260RPAc0HZYGsaQrTqlGf03DDdbgjUKsVp3Wp36ftURslfry5oNDz6bPOZdL299m_oujr0ISAcEKewcxWWG52AqCd5WYLLN35XVcSUAPRPctn5rsHmlrl34GH3eDhAO9uVDd7pRW_GoHa0Um49KkTQAoOypNQg3CWwc0nG1iyk0wXjCuccBiuKPzxGpqH_yak1ZOhUnh6-15jupGY2ibcWSTg82bkaEiBOu45SBee-kzhT1Gf1Cr4j4E2jCyfrMhzFuneYPXNhpuEuOXVLAkN4bYrSwP3mhehhjxme3hutpvRu2sbcwDHq1FMg8yM7m16yc_atthOVesWNnYNRuOwL0vML6DmiO8xnZ5NcYCsJNw5ItaehXP3ZiVxT1DkOT_7p0SqzXfI9YCgFw1CC1kHnt1s7FD4_yRjGkzcmnCSLb3Wdt8yPjSClMA_4GxExpAvkGMGgGKCJIc6ghBs0YE1OXyqZIBjeNLU-dzvHg2YMSWs-SRBbj1aIGEuOlC20ToYJOiHlicE2ehUlvfbQUa3VPng6RFXgS4Nw6mseB51FaqM_YXfvS_8TIdxwZutZE8HSBMSo8ADd7T6LhmG9lLzWpixergIF0CHApMJFALcbkqFshuOR4cFChWvJX25kGrGmMLFXMRiCvH5FTT7JEdu-6RJNNxGBNNDzEuaqMJbR_PTJiw5SQuCcPbZGWeVFzgg28ohf08ZwaRlZcIYgCNm7fpM5Pa51kpWaFc8DXry6nz0vHF-Z2PM3CUU7bVoF_wB1uuAXU4oXjqQoQDfXvpfGsv0aX5FjY8GqSxkAOujcPppf20BU8S9DlF5EUD6GodbQrIXklD8TWGxVGKEizid0c-Xr0GTopNzuOMeWusQueqMqsylIRbTFDyaTImEBZBDf9rp8PAt5OZ-ybBVC32nT9qILWKCzxPdtniteZjmVxVQknN9CYdYTc6Vl4mmfPJQnsQQKW4hvy5siw1PNsgEDU8AyUlfcL037ZMab2DI_vTm-MblRg3psKDc2fNjLkBML8ejahnuMlfIq4r-8PAVCVW02jDne_NR9yQ8VVNJPJuWLTVAr1hMRtISbhVRtC_C0dxK31fNukaZFvhbisLLA41Pzr80kWVQyLst9ncsw-3FsrUsSx7jK7RvcEGBKgd8kOP1JWlc_1nizEMk6vGjJ9I_Q-mXIlIzbPzZFvYH__rT4rlSWww7Vas5Qz3_rsVrUEPuBKdrlTMMh8zfqBrKVkMAaSBMVDjosSgbg9_pzlKO3yWm-HhF1e5mGLc_CAGdr_WtS5iFYzcD83Afv72lE14nuoL51cYCD4wOlKbOOwblegkmh1FVKFCpf8GWmTmFtNQmiY8Vcr4adycdgXvvX5nV3uZuvOUibSoe2_Rh--dHz4FV_BObk-LyZ9bXGeNtgePmJi2dxZzgg9QRNWmLsZb90JLJ4735AxSYTcFogPt1aQBPvlJox66l75Q0KZ9NwziE-7_MjSzAC6PEKk8jGfWEH0jbyoIMCX4G2XX-WKaTD7cTcApUxBMcqAU5MAcUUv7_d8l3gBZZ1Q1CxtfLz1a-3ru_xdBOJveYyHpYn5IIH1NhR4TP5taj2JJjt40DqDwRv5U8gj8l-f-5WffNiDB0vh8pE_PpOhaErvykLbRZRCVxK8-E8x9rHQbiaXDWeJ2HUeZIsZzK4CD9wZF1UN3l0HawxnFri6plbAGpl1ykahEJqmF3rXgvQvf1YbDwRw8mi6NrRGZ1vKOVO03N4itPC7REJ_jXQ-SLnSmabWbZq1oV7CdvdceJ-uknDNE0Ay4PbtxlOstHUF7d6Bk2iDn_7P2LIGHKf5hLCDQHdXHFrgJ9pHLtjmwEQ7vhbKZ_vDUSPEOLAlINa1NWHm9LftVTtXMeHQBJltbP4LVnH5En8sviKHqBoJz2shwNzdcr1MklQsMQDmTmK9Tm33G0d0B5cThIoIPgC6zJ-1pOW5RcV5xgrEO0u8VZlsxx76P3z242pBGNkgtE0fHxdUxuuiU-rEjZzcAgDo8ABw0epX5F1F78OAPVoAscp6OdIbEm27HWO2fODDpt4O_WFdNww8GNjiPeiVcBcZKUV58H9R_H6nzpEwz_rvIMA203hgVUqNPVv6BWO952JdxS5Te6pmNkiqETRGFZn-l2b3ls2D4SENVHTBW6XiupJJRx0n1BKOEJ7NdU9lvcln2COnm4xwfCCDJBOU0cLQJlt-FWsfYtiqA_IO6yOZtI56cgZ8C9CkxciR7HUCW48HnL2szH9Cfs34d57YNKZ22ZDZ2YzwqiwVLnXMXi-ek-uoyH3ROyTkejRH6kcWS1ZtoDgIH5cqki9Rg4cgVkaJprIRLwHzlsN45U5mUaE1-wodWTn4aaW574SCSe7fNXg9yE_UybtsjCTIT4ZJNVgZLm-vJLcIaBWGpnKY8lfmdzi_wUmML4lnUMkVQLWnV89lNKM1uBGIwdlL67fSJok2da1d15nld69yIYyXGf8r2GuRuL37vkVBIUmx6qI05O_OO6HLvF4u6IsY1UxiLdhLthF_0T8yrXEnM1Pzv5MZzTF3Z9lmnygUsc0XFiY4BGQsQYd41qcVH4qg0A0gxIA-FhcTB_oV4_XrO0jIA_GUGUKUkdbT23hEI5hRg5lI8WMMvsH9uJV7R855kPTsOQ5I6vk2pgdG3xYoejuKcvBRTtkxJP4pmWBLp_fWBuQPjBnTXpbVzVzgw9TcdBo0U4mlAPpvN4u6gPPsshX35CYDCbdWhPXSfPYc8EJgqyMlrFEAkZrgSTx6yYHK53Z1gZxOM_a4vW2jXWTLqLO9zsO4mN3tzCaMUJlDWAUkffkCm-g_IcllZsrJ47yJJbsZiDswM6Ax7q8uWbRf8DWPKidlyi0ztwWtDthK-lx3l8HtUcj418Z2xzQ3CCfK_tHuQt1IQGFsKB9kFY1zpfuKnr6lCwlnwNeorv4Z5B_R_nsm6z6aPcFQNDH7Q&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=13957174342427460000&adk=2004672170&idt=211&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6E0D 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 6E0D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D91vhUm-zg1vgLW8EAO_QvUF2lsb8ws66dbyNUXC1HC8IXUQpErLcGiww1Ukuj_P-wsjwPBi3jCuXM-T1bhZCbJ8fuyNS-4AUQW00swRlU_B4TLgdeYoSmStQgTo6HJYn2j2TQ5zlp17rweKRE_XJYi3VoyEIw7_CZ5Vi1_NeaEXULS40&dbm_d=AKAmf-AlCQB6Pr87RtfEGavuGUfK4j_lnKgT4WH12fyoGrLa7QlwLkhmx-p-84pt19UtlWoP0oJHnOemPGROaWY7eTbr-oxkO9xpcTuFTn5tMO_nj23vDSI2h6nYNsJ1CgjjLjQZvBp2z-zDa79O6R-vbGwBY1lQAV_BRpvdfCLcgbvj2cpuOMx4a_P8gd89LkJTdvCvZKtwufBHQSR4ZlTImMH1_gN0qZq_Se9gv54BIAzOLl4PAER_cYDD1fTbnG3SxgTYc_68iDIUMOtzgPJAaRvTLfXfrkud43xa1xysde5DeJlOCdwTrf2o7iwwa2GNJKfBwfAQc8qL9gE6hV6R2OM7AOTKTvnVvwKsdZFnONR6D7cFpIqJjBEOvIaZOeC4_AdUtBlEhibgHIvGZjalkQAVNPu7qXwYJ_6F3Ik1-bZRoM548sfYaGmNFBxd6VXgSEwQ0hiwilS5T3lUQ71Erkh2t2YDXltKCB0xt1Ke79ivII8NoT7SslL1f5V1uk8-Lhs2-C-2YBNl9v6XyrdTxh_38mYCYpJgxR2ptj94RIjupbNQJGYE8m0QbSoo9nfGcPLtLE2Ehhd6xk6OF5YWdmSvQNaQzxK9YfUZq18FqMq3pbY5fyLWBD91kjIKNlCSUa2mjTfw78O31UQY3gwh90l59yioBe9WU8Onje-RlJFVdzlcjubrEME6wRKTCcsQIctE27EgBHincbAOF7nRSQ6Jf3U9VAoaeth93O9-CeQ2gVADRsBdV4UatHSK3lZfmAKy7kKDMHQJ-rKE8QQRNPb_tw0t40_U2xb9RRVt-AxLD78jNhuDA0RewW20jU3Dvuh8xIWyB5CIQQvwFZGgE-BjCK0b53CSmKWHYrkZ7yXz153WHDFNP_QftpJrosaUQhcGCP-ojIcibYW3aJ5hmvJm1EXAT8vBBBTZ8g1j-fzOiLlc8Pntk_T3pKqhIjK5bJxEdjSO92w4fT5hJt3OabM8lVzCj2navawLAvr8aqqs3AUXIjyYh-mwg1Bracfadze05-yHiBWGywYbiBcRDmgyURYEXZMu7frZbX-Qg2c1QQWWfX4dQw2QdbhQKhPImIjWjP0suLXG89-YTiWW0dLjPSyLmB2tc3D29sGdZAy70__M0sPN_X4DZCGjZRM6AH2MCxNAWp2HvDyDgq0RPEgYsqcblserrWbK9aQSdm785M5eNd6ZLOb1yGUci52N0JfjIhAKNdQSoyY-AUY-pUgmg2Uydnhu4TlIXXIVvKZhMK_ipoZBOC-2R49utmtdpMEs-godqvgA_JgyyfvlKvT7jwCnmQzLFfwI--C5StoK1lGIyj5PrA83QJMgOFa_VCT6jvLRHDn2RnHmXRd6nSdY2EgnHpr2l3c39aEKb6tf-UGAbCAJOrizUgMLS7KSBCVZ_WtctoVImIfH4ClDeGrjLddcwSEyDEz9IHen6oxf68UB8NkD67LSqVhgpkabEyxDyy_tXja7K67Mr8A7EwI6ijN4v4UilyS-hqv53g_4PgGukWuNeA5Nd7VBmc0uPhGMxBXvTsZML8E-eD7Ig9gO7jcqhAF-F_oqJIl9lKZUWyS4_b06HELgi9JLhmdhx81jI2V7bocLiz7YRq2o1a8ScjL3JUrJsUuXbrmwGWSK7cHVFiwCWaMMscbImEKE3pKTu3h9QakEm_vIcCqJ-YfWbpD8DYI-sVeNIbtpg65l1SIPaabn7opjTr40BG57fDz5USR_fIfUtWkHrhvgTdGmwGVLGELmTCNTgdqnkg_AbjOmbOxxCCJlolP6jhQVYcwUvFJFmP16BYGPhvAyIiNGspNSCc7NiFVO7Rm-xdOHO2IbtgxOvdxNh6e8tRFs6RwAWjzihw_u6XSh-9i52qubn-T7Te0qz1kRHGgMJm_MVLA7KpeJOcdGQOhV7OHtpzp9CQ_GAlZOwfzcZP-fRufIcbuTdzuBSN8Gwi7upOJNRyJiU2WTItAvsoW4cNWZzzIyd7FRiZZ4DchAwyU3txIXNd7bZMd7ryKxlnQpkWrAo42a-vzfc-NEvj2df4WnRcWF0RMhb6wUs0uCpSf5lS4lH-b_-BUtAXYeWAKDQtDh2BOhBp_AtW-e1y6hsjeYJwBYHQwbUFdi5JYOPWypgJ6cSRbGPpUfPpI0Z2W7W4Ht9um4zg3HJZ8cqxkqAjA-l5ISXshDDI_BAyBMDiSQN-j7TbIV9Y36kGKivTSUAhQY86mHK3DrFrP-UaAhofR4_F9xA4wgVGhOho0vrQmtObtNOaRIKWz4iKS71cnWwk_jfcV2xUSjAZ_VK4CjuxajlkkrAhgcgsY9Nu55KoM2PuxBwR8GT9678Ip7ITv7caTPhFOqNTtBtPbImQNKfHAv0kj5VABd9NtFup0TqngUXZmzLxmcCu8UHKAm8kU64jd8Xr_Tui3neUIRyEkTNtuUynlA5ZwX1vj8I1vFIqobhQfa2v7K2jWaecDWggANsDPR3RdH2RJebrMZeP34jMAxsRWQdpt0zSlj0Wr33n5HsOmXR6IeqHIS8yMw4V8NYYk6hXGfu691ps5y_LzlsT5SZNSZFDHl5J7rGTMh91Pe9OJb5TVFxzXw5M_HCvWZwqQ1ZFT7skebCxzwYuSgtGodeGKejzYYSfeUZH-9Bb85hRMOSjYSWV-UeYP8EpJaXZ8y7qY2-5AiAs4FwFFgFp2GLiHq1470zrcB4GqIswvIX7n-v68C8uewbvDSJdLRvtmUKMzJyRla5eDuCnxVVs6wmNvxbvfpNuVI16n--pipwJ510TwEZAN-NVdLem0GHOqWgtYonRwQ33IGi92uIIpca8NIBNhTkts_35EQVCFvwD9omy_vqEDa5knPhhPK5G8ZcDYcf7HV1lClEpcNJu8DSBXnN9SArR4Zer_HS6BYG9EEemYzSFkMWW9l3Rjwx9K91ZpwyrvxZGYQO_IwX2MDeQNYLqqiKO0mcV8MgqtVDxLhFli5afPJ02QO9xu29rjszg9sN4JmAauHSvn9aybjzaJFeVdthND84-qhX-ju6O3ea59YZf8ZBAWj7vWsEvjHESJzeyODJlTLE64u5hG_pqIdgsIKAS3CaWsU1aJpAsPh35i9J5HGSVhqJNs88cTLI7_omGtEZQ8zR2ntH9_5m16Nupw0HjG9Qr2ECVa70hotmvP2_AXeniJ1LlaFJvydZYw67znT6j324DEzL9ezbff1vMuCKfawVPMxanOtaWF_g4ouJ2i9g9Sq64fpr3mjzdA27RmEOUCw4R5fFyq51gF8o_8s8OwgVZDOy0mQ7PU-I_xWPV2unWaQ4Q_sj-uy0eD2P4zQJYEJEEAYxamp8TqIO8SQYpfD3-kvbcmUxo-7bQHGllZnj0aHWYDSUi_KDUOUFFwzWCyIUBInKVXCZClYqgdZ7bA5lULqRE_E8lkjuvkkVsQHnseOFdvSqW50TqCctihC2Anl_QW3q4DE94coXvWvMQf8XieH8JM8Wzu04haWarRqVSPeeOzFcUvlfrFnEqo-Jr0FbBfrkRdXEpccSxlOsO85bY3lVWx04b3Jd0NbEU3YHTqd9H3QeILb3a26A4wFnXtLzJNvu5MC4glEFE9BXi40g78ggMHTgIufgYmW5OjeGgU7c3wkZETCj4f2t0-EAoufBLyn3IQnD5iZLvA-&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=9861339183145736000&adk=4188270525&idt=230&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 6E0D 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D91vhUm-zg1vgLW8EAO_QvUF2lsb8ws66dbyNUXC1HC8IXUQpErLcGiww1Ukuj_P-wsjwPBi3jCuXM-T1bhZCbJ8fuyNS-4AUQW00swRlU_B4TLgdeYoSmStQgTo6HJYn2j2TQ5zlp17rweKRE_XJYi3VoyEIw7_CZ5Vi1_NeaEXULS40&dbm_d=AKAmf-AlCQB6Pr87RtfEGavuGUfK4j_lnKgT4WH12fyoGrLa7QlwLkhmx-p-84pt19UtlWoP0oJHnOemPGROaWY7eTbr-oxkO9xpcTuFTn5tMO_nj23vDSI2h6nYNsJ1CgjjLjQZvBp2z-zDa79O6R-vbGwBY1lQAV_BRpvdfCLcgbvj2cpuOMx4a_P8gd89LkJTdvCvZKtwufBHQSR4ZlTImMH1_gN0qZq_Se9gv54BIAzOLl4PAER_cYDD1fTbnG3SxgTYc_68iDIUMOtzgPJAaRvTLfXfrkud43xa1xysde5DeJlOCdwTrf2o7iwwa2GNJKfBwfAQc8qL9gE6hV6R2OM7AOTKTvnVvwKsdZFnONR6D7cFpIqJjBEOvIaZOeC4_AdUtBlEhibgHIvGZjalkQAVNPu7qXwYJ_6F3Ik1-bZRoM548sfYaGmNFBxd6VXgSEwQ0hiwilS5T3lUQ71Erkh2t2YDXltKCB0xt1Ke79ivII8NoT7SslL1f5V1uk8-Lhs2-C-2YBNl9v6XyrdTxh_38mYCYpJgxR2ptj94RIjupbNQJGYE8m0QbSoo9nfGcPLtLE2Ehhd6xk6OF5YWdmSvQNaQzxK9YfUZq18FqMq3pbY5fyLWBD91kjIKNlCSUa2mjTfw78O31UQY3gwh90l59yioBe9WU8Onje-RlJFVdzlcjubrEME6wRKTCcsQIctE27EgBHincbAOF7nRSQ6Jf3U9VAoaeth93O9-CeQ2gVADRsBdV4UatHSK3lZfmAKy7kKDMHQJ-rKE8QQRNPb_tw0t40_U2xb9RRVt-AxLD78jNhuDA0RewW20jU3Dvuh8xIWyB5CIQQvwFZGgE-BjCK0b53CSmKWHYrkZ7yXz153WHDFNP_QftpJrosaUQhcGCP-ojIcibYW3aJ5hmvJm1EXAT8vBBBTZ8g1j-fzOiLlc8Pntk_T3pKqhIjK5bJxEdjSO92w4fT5hJt3OabM8lVzCj2navawLAvr8aqqs3AUXIjyYh-mwg1Bracfadze05-yHiBWGywYbiBcRDmgyURYEXZMu7frZbX-Qg2c1QQWWfX4dQw2QdbhQKhPImIjWjP0suLXG89-YTiWW0dLjPSyLmB2tc3D29sGdZAy70__M0sPN_X4DZCGjZRM6AH2MCxNAWp2HvDyDgq0RPEgYsqcblserrWbK9aQSdm785M5eNd6ZLOb1yGUci52N0JfjIhAKNdQSoyY-AUY-pUgmg2Uydnhu4TlIXXIVvKZhMK_ipoZBOC-2R49utmtdpMEs-godqvgA_JgyyfvlKvT7jwCnmQzLFfwI--C5StoK1lGIyj5PrA83QJMgOFa_VCT6jvLRHDn2RnHmXRd6nSdY2EgnHpr2l3c39aEKb6tf-UGAbCAJOrizUgMLS7KSBCVZ_WtctoVImIfH4ClDeGrjLddcwSEyDEz9IHen6oxf68UB8NkD67LSqVhgpkabEyxDyy_tXja7K67Mr8A7EwI6ijN4v4UilyS-hqv53g_4PgGukWuNeA5Nd7VBmc0uPhGMxBXvTsZML8E-eD7Ig9gO7jcqhAF-F_oqJIl9lKZUWyS4_b06HELgi9JLhmdhx81jI2V7bocLiz7YRq2o1a8ScjL3JUrJsUuXbrmwGWSK7cHVFiwCWaMMscbImEKE3pKTu3h9QakEm_vIcCqJ-YfWbpD8DYI-sVeNIbtpg65l1SIPaabn7opjTr40BG57fDz5USR_fIfUtWkHrhvgTdGmwGVLGELmTCNTgdqnkg_AbjOmbOxxCCJlolP6jhQVYcwUvFJFmP16BYGPhvAyIiNGspNSCc7NiFVO7Rm-xdOHO2IbtgxOvdxNh6e8tRFs6RwAWjzihw_u6XSh-9i52qubn-T7Te0qz1kRHGgMJm_MVLA7KpeJOcdGQOhV7OHtpzp9CQ_GAlZOwfzcZP-fRufIcbuTdzuBSN8Gwi7upOJNRyJiU2WTItAvsoW4cNWZzzIyd7FRiZZ4DchAwyU3txIXNd7bZMd7ryKxlnQpkWrAo42a-vzfc-NEvj2df4WnRcWF0RMhb6wUs0uCpSf5lS4lH-b_-BUtAXYeWAKDQtDh2BOhBp_AtW-e1y6hsjeYJwBYHQwbUFdi5JYOPWypgJ6cSRbGPpUfPpI0Z2W7W4Ht9um4zg3HJZ8cqxkqAjA-l5ISXshDDI_BAyBMDiSQN-j7TbIV9Y36kGKivTSUAhQY86mHK3DrFrP-UaAhofR4_F9xA4wgVGhOho0vrQmtObtNOaRIKWz4iKS71cnWwk_jfcV2xUSjAZ_VK4CjuxajlkkrAhgcgsY9Nu55KoM2PuxBwR8GT9678Ip7ITv7caTPhFOqNTtBtPbImQNKfHAv0kj5VABd9NtFup0TqngUXZmzLxmcCu8UHKAm8kU64jd8Xr_Tui3neUIRyEkTNtuUynlA5ZwX1vj8I1vFIqobhQfa2v7K2jWaecDWggANsDPR3RdH2RJebrMZeP34jMAxsRWQdpt0zSlj0Wr33n5HsOmXR6IeqHIS8yMw4V8NYYk6hXGfu691ps5y_LzlsT5SZNSZFDHl5J7rGTMh91Pe9OJb5TVFxzXw5M_HCvWZwqQ1ZFT7skebCxzwYuSgtGodeGKejzYYSfeUZH-9Bb85hRMOSjYSWV-UeYP8EpJaXZ8y7qY2-5AiAs4FwFFgFp2GLiHq1470zrcB4GqIswvIX7n-v68C8uewbvDSJdLRvtmUKMzJyRla5eDuCnxVVs6wmNvxbvfpNuVI16n--pipwJ510TwEZAN-NVdLem0GHOqWgtYonRwQ33IGi92uIIpca8NIBNhTkts_35EQVCFvwD9omy_vqEDa5knPhhPK5G8ZcDYcf7HV1lClEpcNJu8DSBXnN9SArR4Zer_HS6BYG9EEemYzSFkMWW9l3Rjwx9K91ZpwyrvxZGYQO_IwX2MDeQNYLqqiKO0mcV8MgqtVDxLhFli5afPJ02QO9xu29rjszg9sN4JmAauHSvn9aybjzaJFeVdthND84-qhX-ju6O3ea59YZf8ZBAWj7vWsEvjHESJzeyODJlTLE64u5hG_pqIdgsIKAS3CaWsU1aJpAsPh35i9J5HGSVhqJNs88cTLI7_omGtEZQ8zR2ntH9_5m16Nupw0HjG9Qr2ECVa70hotmvP2_AXeniJ1LlaFJvydZYw67znT6j324DEzL9ezbff1vMuCKfawVPMxanOtaWF_g4ouJ2i9g9Sq64fpr3mjzdA27RmEOUCw4R5fFyq51gF8o_8s8OwgVZDOy0mQ7PU-I_xWPV2unWaQ4Q_sj-uy0eD2P4zQJYEJEEAYxamp8TqIO8SQYpfD3-kvbcmUxo-7bQHGllZnj0aHWYDSUi_KDUOUFFwzWCyIUBInKVXCZClYqgdZ7bA5lULqRE_E8lkjuvkkVsQHnseOFdvSqW50TqCctihC2Anl_QW3q4DE94coXvWvMQf8XieH8JM8Wzu04haWarRqVSPeeOzFcUvlfrFnEqo-Jr0FbBfrkRdXEpccSxlOsO85bY3lVWx04b3Jd0NbEU3YHTqd9H3QeILb3a26A4wFnXtLzJNvu5MC4glEFE9BXi40g78ggMHTgIufgYmW5OjeGgU7c3wkZETCj4f2t0-EAoufBLyn3IQnD5iZLvA-&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=9861339183145736000&adk=4188270525&idt=230&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3D01 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 3D01 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLLy2umNii6slGTg0X7x3IKoIjYEn8uKBkA4iLrH-Le9Wj0bOILapt-KH4wcP1J5OpGUnUdI3NHZB3KIIz20AD50Nk-s81y5Tnx8H9vQ1eMh7Y2507gG3LSoG_RY33HYYQinp29lBLm_arJV9VbsfVItqmq3o1J5csITSYE-Sn6OigHY0&dbm_d=AKAmf-CplSIn4PeD2t4yAM2OQFwdX3ih9fNVddV4s_E-Zmvjbky8THRpH4cvu5oZAih1IPy1VL_KzV7lCx2ePlHmsBofAPgs6CLywmUDwggTLSYM_xshOQlQEJV9lPakgqd58EVUn8JGi_jUBB-xHpBp41bPt-SyZP41U-3fQoE8v8KNDK7F71bkS-pKNsDwYNBoa7PhtsEqnlNbsP4BEsOZrM6qslpxUxOtN5Df_eYKMncW-3VuHO821eGFKNNE0NY7Y_02y13-uOc7BdOeVWw4A-Yzay81VFsxRPaAIzdl_M4zRJ2AihOtiiB2yho0tI8w2iI2ZX_PFDPASe8b10BxdIakHc_dm4a-tcFjaVl7PIwJgSUuFYRFhxWe2_T41joyDYRxuennUMscqjwEDtrpmRpqXJaho3jtaSTc7R4j8svNwVpUw74cfYDZwtonuWYVdI8ii0GdtasSeXNtZbX9qejDX29e7X6PVnV0Szmk5tthr5xG17vZDWKp_L7vH4nzRVib_AxlNaLZRRYxr48XGn1n0q2RZJakwUNgRzszqd6-dVzTp7mOBOsWY2fQ2gETU13v-7q0Yg9_6Pd6jE6E1anEMVm7ygh_NVXOTV3VpY_ilAbt1ifw2RivUQPuHAnkh_-aquBOdZIVNtmgKOgz8RzqgZYYe2wsmpgwAleXLY8L-QgFIoMQaScw72I6l0hcx4fovydAJFzUopFRDz7gkzQOvg3-LjX38G664A1qJ3qRsQc_NDabEZ2QEGK8XUZIRiUeKvQUAhcB1v3gH-v1l9hafW2fE0dO2IHLGX1hB-diIly9hkLNP9TKFiIeafwRFoXgF89HYI9XfOPSCDcGdCLltPb3YsuQsewFM8czwPzwi5KDlCjFWqhwUPbRZoeJW-AML1NGJY5-xpYEypoxrohHsy3BHjY1QLT0khjB3E3xWjJtzeuwgFrVv--09hlgzdrYIe9pRmMn1hXQ0Mf_NjtIThz7F4Ozd5v3o-oY3BZawraC1hF5fVqXpnvINsH5SEIiQLW7Vpli0E0tCvNLKi7Q-zIVKvlapNv0BqSzNw276PFEsORpLCo1DYW8jJiXUsqqokCBiQ8GhEOz3gwMMomSD6XuLe3gZp71VlxxeYCs_1W2HcE5bJlNK5NN9Gl6JRpXffbINgIz2QlBWEYvKin_KUT64pz_57tudmawl7JrUZJTcaeuarzvtwqW8HngwTKWeN713Hogibcw6Hu0oBizXEAFdvSmkLMumesW_IKe5M0mtLlls8wOQhj0dFzK1FGNDpLOc2P2LXS0jZOUEWHqI6Hf48Xan47a1aZwjCRBC5V4K5UhaPsSq6oi3U1GC9UvGnSfHr6U05Kj_pKZ3BIKc1wBfem5D4lcTlXCvqKmotbsfa0ds_j9JGc6cf6KSlBzaLHGk_VKvrVCrnXaarJz2uQpmIMj8dWuAfnLMmNmUvEQufcrHxrOhGx8Zr-dEM1fk3tjwE7fJqrEBqJJM9svirmT_zwprUFjP1kGHt021XHifghEAiKzdGbUXtEqfBDLR1Nox2Z3SfDDr4jaZoXHd1F9n3U-7SxwTWxOnc61-kkmrxUzCppEa2kldSYALy6H50PxiUYa2UQsF7erUJUiY1HSBSFfqWzmElBvLtaeqbFLnbA2h4T_cejPevINwISWtpysXnlrjGkTHX2bcklpJqt9epO2dajB2vmpcTCZEGtNj1A4uOGvMli2hnixGUJe0GnSd8lmGUI_6uFp34f-4SKuVTZcq2f5FafZZA4Nfza6Ss8MPSexcMWwMW5mG7RutLUOcqcoM3T0U8i9Gz5g3GY4NQ1v4RYdQXofwf8vMKPaMnIY45j9aybZxO3PH7xXp4vMjZ4UCc5ZKL-7RNFW1QtiiunqEM1V8s-Yf8RilAVcqpdCE44DwsjaATtgbYrf0NxoHP5iFFXn4kVesckg0ik_M24T3eJ0WEu68hrbJLgRmQK-xqGg6Iyy3DnKRGzWo1nHxiZNCIBMVzfgC2DLh2h_DMlC0NGEr1cjjnfNlG7e1pG93QRuLamLRYlEMpqNu-mFkzztOeMj6Ll7buU7r5DuCouSZHNGJnwudu9ItMBWGmri5TwIAgLAys67AlJZizGaaXXv-3KZ1yCx3B-Q6cOd94PBMsXAmpKXaOhhJVHHQMgY-Vb1Fyv2PB2BXWoxQJwTmHnSW_mz9k4VNLJKmfgBqitO2rkyDtXN3yVpusxiXmWxMmGpp2DwvcNpQQg4_VoRJ-SMXB-z8PZcMt-DWmXwqtM5rFvcxxdIDwJH4b4lVipmxp2GWVum7dTYn4Mo0ZcM8WcInQaotB8cVhYacZae33JWM1OWooIvvicgzYLuhiHsDFbGyMH2iQH9BeNUS1wDg6O0tSdlWPklgD0Im-ZB3C9aCOtsFwyqFu6xSnxeLwLmZ2XQW1p6Kg4GO5w4RzCjYaRssUXkTIq-EzmS9iUUbiKf4cGdyuKHlmfBJsB_8WJOqj80AkOK4EEJ2TuthwhfNe478dJJn5e41Bglalq0VGIeJEv34VYdKXxWxgqmQR91_y9-Eny16zWkCYNMVKuqEsLoGRAZ4k1Zr8gSD8nB52_gIIp1L4SCpmtiwEVTu5yTVRRRpjYlI7IIDmvMhEQUVXc2_IShBB_kQ2cREZyz2GPIlCPolMZoVuCRmFhsJz8zDGP9IzxfGC4QRGuGPahIWJZuzH9SDekXwhYlJ-9QmfXCOUncx60HMb-cVbtf5m3g2w0jETqCexNR02iHR_hMgcBLDG2x3rUB9gdRHZDaeY0CDUuNpYgEHdbfq1L_n2gpoQg8WkDSH3I9vdOFIZNcSbP_G8LxNzFbJUWYbAZFZT8JFnJTQFB9IZAS--C4zjjAFgjGODfsJYmRg5w-xS7dffLGBWLrQ132whI0DeMDGmQR5JccrKpTHzh8AneU74ZREK-hlQtlKo98004P5sjn3ybkSxRFTvMsGb0jFCOL78mVFmvbEQ7o2odDygRT-MTryFH-aWprUwnRwJDibPsq8sSxr5YWnZp9XkvuceXkmGCFzj9R73DVkoAOKNyusOL27fyLyV7zkbD8OoQUVkWZ3kqrGYPu8DuL93kpryRIx-wGEpwHcUgAuAog2seVoWSKIWZoX53hTJ2P92lIMjomt4srLrGlYgUDjBUjctVeQFhuEygo8fhwVJjGZonrY-JnQhFA9grvVRqMLYnvkxTQi5A8gLd2m8F_fPouPfwIxIb7ihm1fN9Cz8wyclyrHDLPy2Z-EJ7ddvyL9FFjYbdRosHTf6PJbZF82yv0GRnwvuuQQy7oIaqsPBzx9vnzXH8k1AAsToiG-JxhGQA2yP4oqcFPbnm2sF8A0hhq9mtz3zuhBHW_jtMe3t05zlSVtvmWbsm8CblWHqHKYKUmPqOj4mvxnS_o7jaAtEJbP7fZSR5EzVZQ8Opw_bQ16ZgNjw4oMH5vODdbAr_Qamshjc1muJtfCf-Lg09t73Vp1JSgj4ow3Q8d6BJLvroOkcJ_fZmLMHLMuFZf3C4ZaV1YTRbAr90AnD_VTACPihm5KukSbJRku1nAoYVv-nwiv03GqG83M8do0Sk76lCq7-MJT9Vp35CpuPhxza3XuGniUVoLBLGuJ2DUqvcyFflO76vOD-5VMpsY9nckogln66b8LhMH&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=4731035321920342000&adk=3037181500&idt=231&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 3D01 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLLy2umNii6slGTg0X7x3IKoIjYEn8uKBkA4iLrH-Le9Wj0bOILapt-KH4wcP1J5OpGUnUdI3NHZB3KIIz20AD50Nk-s81y5Tnx8H9vQ1eMh7Y2507gG3LSoG_RY33HYYQinp29lBLm_arJV9VbsfVItqmq3o1J5csITSYE-Sn6OigHY0&dbm_d=AKAmf-CplSIn4PeD2t4yAM2OQFwdX3ih9fNVddV4s_E-Zmvjbky8THRpH4cvu5oZAih1IPy1VL_KzV7lCx2ePlHmsBofAPgs6CLywmUDwggTLSYM_xshOQlQEJV9lPakgqd58EVUn8JGi_jUBB-xHpBp41bPt-SyZP41U-3fQoE8v8KNDK7F71bkS-pKNsDwYNBoa7PhtsEqnlNbsP4BEsOZrM6qslpxUxOtN5Df_eYKMncW-3VuHO821eGFKNNE0NY7Y_02y13-uOc7BdOeVWw4A-Yzay81VFsxRPaAIzdl_M4zRJ2AihOtiiB2yho0tI8w2iI2ZX_PFDPASe8b10BxdIakHc_dm4a-tcFjaVl7PIwJgSUuFYRFhxWe2_T41joyDYRxuennUMscqjwEDtrpmRpqXJaho3jtaSTc7R4j8svNwVpUw74cfYDZwtonuWYVdI8ii0GdtasSeXNtZbX9qejDX29e7X6PVnV0Szmk5tthr5xG17vZDWKp_L7vH4nzRVib_AxlNaLZRRYxr48XGn1n0q2RZJakwUNgRzszqd6-dVzTp7mOBOsWY2fQ2gETU13v-7q0Yg9_6Pd6jE6E1anEMVm7ygh_NVXOTV3VpY_ilAbt1ifw2RivUQPuHAnkh_-aquBOdZIVNtmgKOgz8RzqgZYYe2wsmpgwAleXLY8L-QgFIoMQaScw72I6l0hcx4fovydAJFzUopFRDz7gkzQOvg3-LjX38G664A1qJ3qRsQc_NDabEZ2QEGK8XUZIRiUeKvQUAhcB1v3gH-v1l9hafW2fE0dO2IHLGX1hB-diIly9hkLNP9TKFiIeafwRFoXgF89HYI9XfOPSCDcGdCLltPb3YsuQsewFM8czwPzwi5KDlCjFWqhwUPbRZoeJW-AML1NGJY5-xpYEypoxrohHsy3BHjY1QLT0khjB3E3xWjJtzeuwgFrVv--09hlgzdrYIe9pRmMn1hXQ0Mf_NjtIThz7F4Ozd5v3o-oY3BZawraC1hF5fVqXpnvINsH5SEIiQLW7Vpli0E0tCvNLKi7Q-zIVKvlapNv0BqSzNw276PFEsORpLCo1DYW8jJiXUsqqokCBiQ8GhEOz3gwMMomSD6XuLe3gZp71VlxxeYCs_1W2HcE5bJlNK5NN9Gl6JRpXffbINgIz2QlBWEYvKin_KUT64pz_57tudmawl7JrUZJTcaeuarzvtwqW8HngwTKWeN713Hogibcw6Hu0oBizXEAFdvSmkLMumesW_IKe5M0mtLlls8wOQhj0dFzK1FGNDpLOc2P2LXS0jZOUEWHqI6Hf48Xan47a1aZwjCRBC5V4K5UhaPsSq6oi3U1GC9UvGnSfHr6U05Kj_pKZ3BIKc1wBfem5D4lcTlXCvqKmotbsfa0ds_j9JGc6cf6KSlBzaLHGk_VKvrVCrnXaarJz2uQpmIMj8dWuAfnLMmNmUvEQufcrHxrOhGx8Zr-dEM1fk3tjwE7fJqrEBqJJM9svirmT_zwprUFjP1kGHt021XHifghEAiKzdGbUXtEqfBDLR1Nox2Z3SfDDr4jaZoXHd1F9n3U-7SxwTWxOnc61-kkmrxUzCppEa2kldSYALy6H50PxiUYa2UQsF7erUJUiY1HSBSFfqWzmElBvLtaeqbFLnbA2h4T_cejPevINwISWtpysXnlrjGkTHX2bcklpJqt9epO2dajB2vmpcTCZEGtNj1A4uOGvMli2hnixGUJe0GnSd8lmGUI_6uFp34f-4SKuVTZcq2f5FafZZA4Nfza6Ss8MPSexcMWwMW5mG7RutLUOcqcoM3T0U8i9Gz5g3GY4NQ1v4RYdQXofwf8vMKPaMnIY45j9aybZxO3PH7xXp4vMjZ4UCc5ZKL-7RNFW1QtiiunqEM1V8s-Yf8RilAVcqpdCE44DwsjaATtgbYrf0NxoHP5iFFXn4kVesckg0ik_M24T3eJ0WEu68hrbJLgRmQK-xqGg6Iyy3DnKRGzWo1nHxiZNCIBMVzfgC2DLh2h_DMlC0NGEr1cjjnfNlG7e1pG93QRuLamLRYlEMpqNu-mFkzztOeMj6Ll7buU7r5DuCouSZHNGJnwudu9ItMBWGmri5TwIAgLAys67AlJZizGaaXXv-3KZ1yCx3B-Q6cOd94PBMsXAmpKXaOhhJVHHQMgY-Vb1Fyv2PB2BXWoxQJwTmHnSW_mz9k4VNLJKmfgBqitO2rkyDtXN3yVpusxiXmWxMmGpp2DwvcNpQQg4_VoRJ-SMXB-z8PZcMt-DWmXwqtM5rFvcxxdIDwJH4b4lVipmxp2GWVum7dTYn4Mo0ZcM8WcInQaotB8cVhYacZae33JWM1OWooIvvicgzYLuhiHsDFbGyMH2iQH9BeNUS1wDg6O0tSdlWPklgD0Im-ZB3C9aCOtsFwyqFu6xSnxeLwLmZ2XQW1p6Kg4GO5w4RzCjYaRssUXkTIq-EzmS9iUUbiKf4cGdyuKHlmfBJsB_8WJOqj80AkOK4EEJ2TuthwhfNe478dJJn5e41Bglalq0VGIeJEv34VYdKXxWxgqmQR91_y9-Eny16zWkCYNMVKuqEsLoGRAZ4k1Zr8gSD8nB52_gIIp1L4SCpmtiwEVTu5yTVRRRpjYlI7IIDmvMhEQUVXc2_IShBB_kQ2cREZyz2GPIlCPolMZoVuCRmFhsJz8zDGP9IzxfGC4QRGuGPahIWJZuzH9SDekXwhYlJ-9QmfXCOUncx60HMb-cVbtf5m3g2w0jETqCexNR02iHR_hMgcBLDG2x3rUB9gdRHZDaeY0CDUuNpYgEHdbfq1L_n2gpoQg8WkDSH3I9vdOFIZNcSbP_G8LxNzFbJUWYbAZFZT8JFnJTQFB9IZAS--C4zjjAFgjGODfsJYmRg5w-xS7dffLGBWLrQ132whI0DeMDGmQR5JccrKpTHzh8AneU74ZREK-hlQtlKo98004P5sjn3ybkSxRFTvMsGb0jFCOL78mVFmvbEQ7o2odDygRT-MTryFH-aWprUwnRwJDibPsq8sSxr5YWnZp9XkvuceXkmGCFzj9R73DVkoAOKNyusOL27fyLyV7zkbD8OoQUVkWZ3kqrGYPu8DuL93kpryRIx-wGEpwHcUgAuAog2seVoWSKIWZoX53hTJ2P92lIMjomt4srLrGlYgUDjBUjctVeQFhuEygo8fhwVJjGZonrY-JnQhFA9grvVRqMLYnvkxTQi5A8gLd2m8F_fPouPfwIxIb7ihm1fN9Cz8wyclyrHDLPy2Z-EJ7ddvyL9FFjYbdRosHTf6PJbZF82yv0GRnwvuuQQy7oIaqsPBzx9vnzXH8k1AAsToiG-JxhGQA2yP4oqcFPbnm2sF8A0hhq9mtz3zuhBHW_jtMe3t05zlSVtvmWbsm8CblWHqHKYKUmPqOj4mvxnS_o7jaAtEJbP7fZSR5EzVZQ8Opw_bQ16ZgNjw4oMH5vODdbAr_Qamshjc1muJtfCf-Lg09t73Vp1JSgj4ow3Q8d6BJLvroOkcJ_fZmLMHLMuFZf3C4ZaV1YTRbAr90AnD_VTACPihm5KukSbJRku1nAoYVv-nwiv03GqG83M8do0Sk76lCq7-MJT9Vp35CpuPhxza3XuGniUVoLBLGuJ2DUqvcyFflO76vOD-5VMpsY9nckogln66b8LhMH&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=4731035321920342000&adk=3037181500&idt=231&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame CC52 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSRG52Vu1neFKYuyKEH1QALrbkwxx2LvuoT7AtuWyayOOTSKapNWU5z_NnqfuW6S-uitTLltwiOxlOhIieBvRtsJz48gvyHg3DNtzU-nDJy4T8_fT15SzP8zf7PQZ0U8n7hAf_tTMz71nEybPBCLcevDGgGW62rURsP12Ief_xt-WvrNc&cry=1&dbm_d=AKAmf-DULY0xK6dM7sI3scnC0ctf-JXTgIoJixjRAQFsoDBELtqwb9xaO3Waffe79_eqWAvtVQ6botHL-Tp71OFBjoJKzsjJdRmLNfSR_UuLGjWJXOPMoRoxlNeBxK_objTa-kW3SlKXIRyL0CDNy4g-8mQSnd5rjB2rB2ymK6itr3neyJBsBwwjwI1juFwzEtokPQM8ngWzIQC4J4JPTSTb7eFU1K3G-qEOsVrxD8pqCe6a8-_UuyWwC9_abKumCn3uq5YIK8slMYxuq4e4FDET97NH3TW_8job5tCzqu0EQq8yo-THOj4PTevFKwu8R9NKfrrKv9UK-x1Ic4trOXjLuA5xCexF5yXiNrDnVx8DJEuA0ZAFdWqaptkahS-MqVM9TrpP3YBxxW4ROSSTRDkf23S-I7dYIMPYo-F8RWtOz4YlwJBcrXxY93PRbVA7-QoyTBlW1TaRCCTb4l0d3DnqTlKo1iVgnBcA1dv3D96yoRdYRpnSi-J5r0wHHjQsgimh-DUhkWel_xzWgQMlv3pgAwCJUt3q_PvcpN_R56ZMVyUlXsVWMl-ULK7rxY0EDOambV0GN3xDcsT3CODquyIjyZEzfVL8l_As0_kpsNrc67Pzu_oeOdCtAQvAsCieo6VAYLkW2y_hlECtIi_8Z-1O5NuFvuZcUrOK6vPA0VXD_ktLxvSmzMK-1lUeeQL33-YWGNL02YhAB0u_RLKtC1G-1qQXUru-29DBvRzwseKW4WZhdhf8XDLAbNCzMmOihJynQQ7zccw3layfOBWXkIs__gSN1OP8L97zUypSWkxAhnIUrwjXbq2a80uAcxFTB_O48Ssn5qQlnnpssDXxSk54mfJULfx15NvGEhEhX1DneIIThMIjitwFXMgpFHIq1Jpd9iNeXxMohnMp6jZm_CuL6INCR8j7Hw8TfPgcD9-Tyqmr6MX3zmcf3b4OXzQqZbmAHxDW3ViLqM9ZwyC2_20wwVu0NNGNYwFcq3t3ilGnibZNg7x6niL0gBq9OTJcd1lHjA6uqbywx6c8xPeVxAu2s2PmXG9ItDhr0g3HdNXgD6R4_X_OmWLfw-789CBJ9a8sFANJlVkkYDEff0ZE5gp5-sxXnMIW1-6oDvOU-3RaTIWR20upI-GEoZVl3cuJ_XVTxs1yZ79T1CP0H1eFga3p2egrW_AYuhuruE5gwzzCFMDxH__5-h2XHQ4LKA7bzC8DDx4vWBGsPTgaBhVg3L_yWSIVFMkUY9FuwsMdobHf1r_8mZKYPK3dPVjyj8HNvdWh8g5_RUILMzR4ry-R8dhbRvx_FLcU4TxseZeqYDtgKh_Y0Vka7i-sfo_6UH3O818OPoGvapnRx27wliuJePixTvBBNQ5wabFZZ6sFU0mEHN2oHQ2B9auXZEyWm0KLLP230aVPnBnCKFhcKB6HUi8hVAHfdCwlYXtns5AKuEk_y5duOE0g-O9LtcXeeVdXqbUpd5kJ3HRhoUj1Ck_tV-4n_AzzzeaHL0vkCl5JFhAIxJJuMo9DDHt0idKf9kuUbGFSd2RDfRttRSSPPJEJ19042C04_rfNme5gzHcJ5_t1MsackxRB3mpf9nUWDXyJDt_niTv1dACyxmL1cUVwL0HTZcZxNfBtR9WOfu1ebkP5RMLmTVtdid-KO6GQ0v9OyGmnQfQ0BLzvpCzWYtX-tF93yn6fhEEPXav7SZDGfviAtydcbL7zR6urSSBGRyZwOAx8cldC3Ux6WRk6M_rRpNq8Bb1eTnG-WgWMSRe9u9KbLrAeJTN-yG7QpTClCXmosHgy1MxH9ohox0EE0DeW1bJU8wz3oIRfaDev06Tc7qLCJ8YFLQXRpabZC9xRqfdrajC-8nReoqy3-PZnkaylJzgxtyLBcRW-H777oqKly4GRcAwRlb9M5Rnq-n2rHiYoXPMAM1JVSxmLPMU0v93GfCOf3G2NyKAc8Wq7fTkXK-5QnA-23yGrFn5AIioEUnRh4Qg0u81YYaLiB6OaVaA-hIcophv_MiNZynkVJB20mNiscXeNiBFopSM-uPqk82sZZpmCp1scBGybT24rTvOHmUpZ0u9nS3zDf4Vsnq5hWXvGAl40rOIHGOJ-hSL-gIq4neyN1SrxvQmNmP_hi6VtLiMbfqLNaeYsCdtIOrjMtenk0PIfgi-AYZFsRZllMSaLx5G8XEnRD8j9voQd_46XGVQup3LflVTParPUzHWcja78ywTYIWFN1sM124AqJ7MLcjOHoCMJBMGHdZr9GjqePI0mNDDtFE_Q0SCC8y6-1Vwna2EW9qrxpALSu3rtWkWWVii12WTvn1uNqIzMRpULv7pDYWUVRkrouaMmQ3mmM0NVUXVM2QL6Jyt7tf9MO9t3M8cbvFfhqT6wykCD2s7ILxqm78TNVFkNwmvLyFRpEBHBWQheLuHbVQ2KAbkv63f4XTfPzBBpVpLKysgngXQqdsgTplH97wBVv1N_eUjZVr-ME3UZ88Jqceel9ana0Sd6INNbWtiA63U7SZNBqGTKdCTTvL0uvLyHoHBmsC3lMGOZAWyhVgHXJPlGUHYrKZJJ2yvBHVvwjViiDyciXxMxEVj44cyBs9Foazb3Cw8hEesGXvBsL3F1-joHnlGaYppS8Dwjpv-VGdIu_t0e5itFB3LnyudRX7jLkxxY58OYkAL3wsdRGqer0lRIyIteI3jbRzkKU7X1PJbl7qHSIdCrMK1CpkXh9cwpm2NpEp4y6mKNWXBNLAoetFbP6xYtLzgEiSI6kdMAQ3TSSv7yUlIJRmXdeJiIS9aFLDQttYKwo8ejbyJpNEj5Qfx7U0WTk6XZGQBCjPUFjqITUZomr9WLZffrEnof7kCVvg3WaeOG4tqQvD5Vk9TUGFlK1m87siXNEv8RXmdIM-nhz1IwoXobuuhH6HXwDzzMKJ_jsO-WVXz0gi7HfttaKgrkoH6oY46LNXeTXXyse1Rb055G7IqZRte7wt9fc4Wc3ovtPDkj5gtcY16-Erwzh0GI9titfu-AeBA8uVvb4e7FnGFLYlmlLkKcikBe9qYHsOwzOEIfF9XG3G3mK-T3dJRsXR0RsIeIO8ZFFo87jrYknIoG7uJ761ixtSoXzuVz-dCSHxWMry6QEzL8dnGtHrtpuLjZK42se7stFusmYgKGvFxAx-IkKqD-UevIHtUk8_R3NLAFYNLc3ZPjr4txxqo_fotZpDAfln_q2OnyOZl2ocKllqY8MvubkrZv2LT94cdeAP_bk2eBcos7D2VzzJUPKXh6zl73k3v0h-824g1Bx_OfC4OcTZpNybZW1uhlp6AMp1Bgs3hguU0tDosSY26GOixs5dcwwBl_in_kXyprKOHw4xDLdNzKyE8iXQ5GBdBpeAOtnBDTJlHwzDWQOykpAfMUuXr_QH4GzKCEM7p5kSHSmLLLv6uoASEvJresAfT7TtXz4XK32dyEufnnf1VpbdolWw0OOYwRk-s0FbTZBFmq0-h7DiXvf0ifKyN4GdNi2u6m9N0ZrlNqqK55fn2xUkLoiZKAzY3yXWirpUlqfgX6o6xH0BHlj6T7Lmv6ZWNfoOosdxFiHq-s7EAfDeTCB6G_WvNtmuGzkjODfr-LDgaTkU3FGamYrdzY_EVqBtLElJ3M3UFBNaUAINuR165QLoOaJ5tKmTcEACRCXrmT0TEv3ff0Ceq8Z14z0QfzE5DrFC__DSVI1Q0VH1GlS1L5bXKHu03gJVgTQ1y4Ea_g&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=2213676487666267600&adk=1033480531&idt=244&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CC52 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSRG52Vu1neFKYuyKEH1QALrbkwxx2LvuoT7AtuWyayOOTSKapNWU5z_NnqfuW6S-uitTLltwiOxlOhIieBvRtsJz48gvyHg3DNtzU-nDJy4T8_fT15SzP8zf7PQZ0U8n7hAf_tTMz71nEybPBCLcevDGgGW62rURsP12Ief_xt-WvrNc&cry=1&dbm_d=AKAmf-DULY0xK6dM7sI3scnC0ctf-JXTgIoJixjRAQFsoDBELtqwb9xaO3Waffe79_eqWAvtVQ6botHL-Tp71OFBjoJKzsjJdRmLNfSR_UuLGjWJXOPMoRoxlNeBxK_objTa-kW3SlKXIRyL0CDNy4g-8mQSnd5rjB2rB2ymK6itr3neyJBsBwwjwI1juFwzEtokPQM8ngWzIQC4J4JPTSTb7eFU1K3G-qEOsVrxD8pqCe6a8-_UuyWwC9_abKumCn3uq5YIK8slMYxuq4e4FDET97NH3TW_8job5tCzqu0EQq8yo-THOj4PTevFKwu8R9NKfrrKv9UK-x1Ic4trOXjLuA5xCexF5yXiNrDnVx8DJEuA0ZAFdWqaptkahS-MqVM9TrpP3YBxxW4ROSSTRDkf23S-I7dYIMPYo-F8RWtOz4YlwJBcrXxY93PRbVA7-QoyTBlW1TaRCCTb4l0d3DnqTlKo1iVgnBcA1dv3D96yoRdYRpnSi-J5r0wHHjQsgimh-DUhkWel_xzWgQMlv3pgAwCJUt3q_PvcpN_R56ZMVyUlXsVWMl-ULK7rxY0EDOambV0GN3xDcsT3CODquyIjyZEzfVL8l_As0_kpsNrc67Pzu_oeOdCtAQvAsCieo6VAYLkW2y_hlECtIi_8Z-1O5NuFvuZcUrOK6vPA0VXD_ktLxvSmzMK-1lUeeQL33-YWGNL02YhAB0u_RLKtC1G-1qQXUru-29DBvRzwseKW4WZhdhf8XDLAbNCzMmOihJynQQ7zccw3layfOBWXkIs__gSN1OP8L97zUypSWkxAhnIUrwjXbq2a80uAcxFTB_O48Ssn5qQlnnpssDXxSk54mfJULfx15NvGEhEhX1DneIIThMIjitwFXMgpFHIq1Jpd9iNeXxMohnMp6jZm_CuL6INCR8j7Hw8TfPgcD9-Tyqmr6MX3zmcf3b4OXzQqZbmAHxDW3ViLqM9ZwyC2_20wwVu0NNGNYwFcq3t3ilGnibZNg7x6niL0gBq9OTJcd1lHjA6uqbywx6c8xPeVxAu2s2PmXG9ItDhr0g3HdNXgD6R4_X_OmWLfw-789CBJ9a8sFANJlVkkYDEff0ZE5gp5-sxXnMIW1-6oDvOU-3RaTIWR20upI-GEoZVl3cuJ_XVTxs1yZ79T1CP0H1eFga3p2egrW_AYuhuruE5gwzzCFMDxH__5-h2XHQ4LKA7bzC8DDx4vWBGsPTgaBhVg3L_yWSIVFMkUY9FuwsMdobHf1r_8mZKYPK3dPVjyj8HNvdWh8g5_RUILMzR4ry-R8dhbRvx_FLcU4TxseZeqYDtgKh_Y0Vka7i-sfo_6UH3O818OPoGvapnRx27wliuJePixTvBBNQ5wabFZZ6sFU0mEHN2oHQ2B9auXZEyWm0KLLP230aVPnBnCKFhcKB6HUi8hVAHfdCwlYXtns5AKuEk_y5duOE0g-O9LtcXeeVdXqbUpd5kJ3HRhoUj1Ck_tV-4n_AzzzeaHL0vkCl5JFhAIxJJuMo9DDHt0idKf9kuUbGFSd2RDfRttRSSPPJEJ19042C04_rfNme5gzHcJ5_t1MsackxRB3mpf9nUWDXyJDt_niTv1dACyxmL1cUVwL0HTZcZxNfBtR9WOfu1ebkP5RMLmTVtdid-KO6GQ0v9OyGmnQfQ0BLzvpCzWYtX-tF93yn6fhEEPXav7SZDGfviAtydcbL7zR6urSSBGRyZwOAx8cldC3Ux6WRk6M_rRpNq8Bb1eTnG-WgWMSRe9u9KbLrAeJTN-yG7QpTClCXmosHgy1MxH9ohox0EE0DeW1bJU8wz3oIRfaDev06Tc7qLCJ8YFLQXRpabZC9xRqfdrajC-8nReoqy3-PZnkaylJzgxtyLBcRW-H777oqKly4GRcAwRlb9M5Rnq-n2rHiYoXPMAM1JVSxmLPMU0v93GfCOf3G2NyKAc8Wq7fTkXK-5QnA-23yGrFn5AIioEUnRh4Qg0u81YYaLiB6OaVaA-hIcophv_MiNZynkVJB20mNiscXeNiBFopSM-uPqk82sZZpmCp1scBGybT24rTvOHmUpZ0u9nS3zDf4Vsnq5hWXvGAl40rOIHGOJ-hSL-gIq4neyN1SrxvQmNmP_hi6VtLiMbfqLNaeYsCdtIOrjMtenk0PIfgi-AYZFsRZllMSaLx5G8XEnRD8j9voQd_46XGVQup3LflVTParPUzHWcja78ywTYIWFN1sM124AqJ7MLcjOHoCMJBMGHdZr9GjqePI0mNDDtFE_Q0SCC8y6-1Vwna2EW9qrxpALSu3rtWkWWVii12WTvn1uNqIzMRpULv7pDYWUVRkrouaMmQ3mmM0NVUXVM2QL6Jyt7tf9MO9t3M8cbvFfhqT6wykCD2s7ILxqm78TNVFkNwmvLyFRpEBHBWQheLuHbVQ2KAbkv63f4XTfPzBBpVpLKysgngXQqdsgTplH97wBVv1N_eUjZVr-ME3UZ88Jqceel9ana0Sd6INNbWtiA63U7SZNBqGTKdCTTvL0uvLyHoHBmsC3lMGOZAWyhVgHXJPlGUHYrKZJJ2yvBHVvwjViiDyciXxMxEVj44cyBs9Foazb3Cw8hEesGXvBsL3F1-joHnlGaYppS8Dwjpv-VGdIu_t0e5itFB3LnyudRX7jLkxxY58OYkAL3wsdRGqer0lRIyIteI3jbRzkKU7X1PJbl7qHSIdCrMK1CpkXh9cwpm2NpEp4y6mKNWXBNLAoetFbP6xYtLzgEiSI6kdMAQ3TSSv7yUlIJRmXdeJiIS9aFLDQttYKwo8ejbyJpNEj5Qfx7U0WTk6XZGQBCjPUFjqITUZomr9WLZffrEnof7kCVvg3WaeOG4tqQvD5Vk9TUGFlK1m87siXNEv8RXmdIM-nhz1IwoXobuuhH6HXwDzzMKJ_jsO-WVXz0gi7HfttaKgrkoH6oY46LNXeTXXyse1Rb055G7IqZRte7wt9fc4Wc3ovtPDkj5gtcY16-Erwzh0GI9titfu-AeBA8uVvb4e7FnGFLYlmlLkKcikBe9qYHsOwzOEIfF9XG3G3mK-T3dJRsXR0RsIeIO8ZFFo87jrYknIoG7uJ761ixtSoXzuVz-dCSHxWMry6QEzL8dnGtHrtpuLjZK42se7stFusmYgKGvFxAx-IkKqD-UevIHtUk8_R3NLAFYNLc3ZPjr4txxqo_fotZpDAfln_q2OnyOZl2ocKllqY8MvubkrZv2LT94cdeAP_bk2eBcos7D2VzzJUPKXh6zl73k3v0h-824g1Bx_OfC4OcTZpNybZW1uhlp6AMp1Bgs3hguU0tDosSY26GOixs5dcwwBl_in_kXyprKOHw4xDLdNzKyE8iXQ5GBdBpeAOtnBDTJlHwzDWQOykpAfMUuXr_QH4GzKCEM7p5kSHSmLLLv6uoASEvJresAfT7TtXz4XK32dyEufnnf1VpbdolWw0OOYwRk-s0FbTZBFmq0-h7DiXvf0ifKyN4GdNi2u6m9N0ZrlNqqK55fn2xUkLoiZKAzY3yXWirpUlqfgX6o6xH0BHlj6T7Lmv6ZWNfoOosdxFiHq-s7EAfDeTCB6G_WvNtmuGzkjODfr-LDgaTkU3FGamYrdzY_EVqBtLElJ3M3UFBNaUAINuR165QLoOaJ5tKmTcEACRCXrmT0TEv3ff0Ceq8Z14z0QfzE5DrFC__DSVI1Q0VH1GlS1L5bXKHu03gJVgTQ1y4Ea_g&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=2213676487666267600&adk=1033480531&idt=244&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6050 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 6050 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBtvwhxGtyUaSkDtRoSpjyHY1dlg8jytNHIEDJsRxALZ2ei9l48VbYNqvxnBBlvbtt-ryBPbJ7-m_MsPIFQ226VXiTnLfWD8dB7lG5jPBoiWuh1HU&cry=1&dbm_d=AKAmf-APPbnTEo_tWIHk8RrlrzTUeSvwWo2D8zuJSpgTCj0njC_yUt6k3BptwPtRdc8Tsxr7ruaXfwwSXsnJ65wJJJlOTrIx7c9lRZLKFEH6eiQ2kBBAZ5rdUMgPV_wEgX8gul0H-yasaK6bjd2kWSAbnfuBp9QyNFhQeAuafaENNtjInTiMMRKlpjPz8VzoRxt4Nb1GOuYf29px2ruFy2ZZ_DNL6l0UTlGhhkU5DgeNFb9-mW6UqrHzLJib3z4daoFA-2bA_CVubptY9OG-xiMmsYygb6wf3rVJdSe37dLt6hnMpIozT5z4cES_E2D9AVVpDl1pBBdwy0RK3hj368xKxkYJCShp7PpAjHVSlvIyQsBjv06cZviIQV0A8Tpul0hIZ720rEcTkCTbp-GSwBqziau6XMyGweu6tzpejQMfWAJ8di8mLVxqEZfjd3VQykEu5FcANrwK3nX688VQYXasd2jgpRjJnpkpSDhU6A8umHj8hwpIHoPitILI2NjP9Wo3EwnEwBCjgxC160rRvD36kGtCvocvEnkM4XvybWHuwgU-kElmYT8E4mT3_j-d3XhAtha7nH4FtDOFq1U2ZwSvfPzU7qOJdehHPbFon2wSBY7B3lcqXlbic7kIFu0Q8bE0Tuv8p5lf3j-JbQGQ9XklblgjmHGXkZAMFRaSXhzVWdU0pHhb5xAuIpGf8KjwMKzT0kYP_tSUmr3fNFhVgFKiNR0vnwlQx9BoVg4gT-nQnMp3B7vu2k3YgeR9ootmBT5nnfuOfUTvUlWrDVmJWRpIhPhfTWXQQquhfqhZ4erZUhTCiysUjJhWkszTHqrdwOyZsMqAPQi8xn8zhHdwGE-uNwCokBp_VFogZzluRgaVuqE11aZMm1nPAKDMNaKBrKk9PTuzigbQjfYtX8jqZ-IXzI1XTK5TsXb-93dJfduGzqEQQ-0N43ZEoAj3PnMPISPncQ_7EmP6JUJnJhsF6HKvasvLZc8Ub8SPHk0o5ac6yrTjWVb4cxaQ7HfahZUifOchzSE4TKh95-4xc0-ySU4KF4nTV2cLdOskcg8srtKaRpDfMRIupZdjldI9pJotg6CpCQNU3HeHtnk69iUJ4OswzMNYWcMa-vpgUPj99pKG6glxjrTp6UBeWJdQsdB4uX6FY9iKTWdDhpARYSPelfDqIJXtdoN4zRqCMAEZG6ekDwgeWteUMIQRqL3Yu9wgvziF5-0pdqsQ-cPTyvYx5nHmPP-SUWxZXF0BTgcir0Kvb3RpWlf39A0ZXgkyTTAy1bOoYacxqlUOtPK9H4GSWzfRQunBrlHF-SnU8TUjISNxSOv5jpBfsO5dj_iREYES9RMtzAlWjx0qGkE5EsrmEvCsI0w4HrtWHu8BlL9QTaG8PPoujebY6Gm9aega57wpgCKVP-iK72yvNwZAUNKSBjyhsYpOuOL3TfQ3f05Xp4u5s4jmJSqfElInj-vWBKKdlhVssfNl4d9DKXvpLmghjts-dKfrt1Mbtxt87i46offKm3UckfpERWp7sYYLqiVsFMkBJJ2Xr0-8bJWFIrOco3M5qpmxn2q0s-AdKR6mO2umgD3mum8PyiDXrKo1uCY5tcRTPSw18Zt_hgTVBpNRbmGrFghtaVmaZJMtvDYxy6Kx4AmI2QRpW_kSr-dfuYspfvcD5F26_Y3a7te6k07trwlokONaGdLMc5EwBGbgNTKuVpC9glzUysChC7LvtXe14YpdBGEeX9pbUoCF6sm6pjZlVVwC2_18zOgksblAjrpkKnfziPaMedcwKT0eeQU6pzvr2vceBb3xfotGNgKjtJdV7h0Ita6mT1kB6ySzICte_vQdfBCGmf4Cc6kCUm_BbZptm9iqFXH8DGcKBjjEt20wZYOaRAx627w90N9EQsFN8cSm_TaFhtMe-_wk1tdrrimG39vrkGD9RKembHD8Gn2BqtzmaOaiZVfjYHP-BJLUWuOic1gMPiKoMHHGD56fepuIYi8_FbCiSZUmuAzDFthyS4gQHe7xL6-jQtPIHFuAIMyAayOcrlwOUqNLULC5EWhrb_UdsO2EKsGSQbtma9ut2gW_nR41Z2sRopLqS-kuN0DOaIibM8Ge01vzAwp02FimbioprTPyns0dW9PTXSQj6lX58lwATH7wpnUziZaWCMl2A4z00wgw2qV8UH6AWveSo82Bj87JDjf8wfJPEh_Iv56c45Xaom6Jm5OFZKQdYDUyLHRC-CIdYVVC7WA_p-v-zguTwMTxNpBapPyaE0tDTkhJgEzu2fzodoPAfE-vuBpjdOkd7g8vF-LMacpKudX5vknTVFqpMmtL3T8GkIAbi21wLMIh3H-XAPZ2PkMSaOX1ZOt-vYmZ0dCuEv_gs5BFV4zuVgYaFisbhW89FjuWQp-icki580PgXzqdWt1xYJcxX181qeQD5Sg7XU7L9Nc0QXkuPSSx7i9fSaSiAOZFgi5W70Ok_wE8SyQ-WhurQdoSWgg_xyHFtvXv3A5nn6aT_LnLig2-WFOWdKqNuCs6MfGOT2CtbmZwGpX74_G0q4d4JqtVeK_usRZ5BcKtb9-s2oqbWlXQYDeO-3BsqJxdOMcrERjn5f0iKwTeRfV-IJX3xyOj6nlBZ0F6Rx1xzEG1El2VIWFPk6odV5O7F1Ylp8y6gWxeMCJ3Otu03S3Dj_zJVxe86ShSJsI8YyFwPNJYb2cMpstPfZ2sJXl2ADkfwnXjs_vRM4tKUpz7WzbWOGbDsix_vRIEATefSwceK1ZrcjxiDxfSIx8iVEKci9e6X0U8CadBlRncTRkpJRzt4_KinO4f84vQFzSe4hJQJ6fU_g9tJ-zZRVoh60yUMwM2Cifm7TIXng2ldzkO9ZW1mjvnc7uXfz_qdPqGxvvGoA_qva4t2mW9BFaYY1ojSBh6R95fhl_eSvKp1DBUhRX9K9T5nsxaU7qaC4GfLejOqJrRcHLEZvuMBrHZNEn3J6sqaUg4WxkODsrQjYyn3hxpRhw2eDPVW4SIsy5mqVAL5E7trNtBbBxh24Nj_fXTneTXP6M-j4Wy6U9BeU-X3bn39RRXdw8P6mdhHBYrdzJnV5CKbN-BhXV-xAL0g3kC7f-XGOCrUn2mNUGJxntXHLfWxVyb8W8E6X-L49mAAQvde1zIgDdMhxZ2gBwAjLIlyo-_cQiSKEqXrpbw3jFixNyeuAaxx4FJstgQDvFWG00Vjbmc1PtKjIsoAAyNlDlEv_0r-p-x_r4vcpBQzAqvKXhMpBoutdeuBrsnpWoy6rDwNrI_DSSopCrgDvFo-LSNQN7N0R5qL21YwVJLmqOav8M2QhgtduLZ9bFCdqTeGUwjUkSvULBItvkDFU3m5pWBoN9I8dEHGtnZi0IaovUZ_NEvwwR0fcAe6qdpOeUqs7QEE3He_YpytLzOBDLriHOJ8H1d_TFY3IviG6cw5KA5TZxS6WSZyFNEFxxXuM9yhedWCkMtqILJvPpHDHQsgMp67DamhScOt3AjEwa226bCzK1V-Vr5aqRkZEOo1eFSPrRc0cnV3-ogwCm9jnJa1EnooS72TOWj99RVcv0AadzAsJCDWxd6mqJD22HiZFOR1b84At3P_iObiWNebB31qdQ4Napb4LefmLfb3C4IQBRm9zuw6qqtM0QQ4AI6Q4cGl3bqrsuohrQKWQzR5mkkSCqlf35z_arS1fYuflLJ3X46bQGVU2eBrhAZrJrkVimawts9rfyIpygcTvSoVoiZyRXRIcRUkc4plciOBzEDBSvkeShXuJ5JX964CZUrpdW88pu0hdPy-GnRd7mkggzf1W9B9_NcHmgXbh8xkAEgRzNBDQQo4GDWKYk7yTJGxAAUZxIMyZhp_knfY3juBjwbphfA-M-v6-gQ3f4uVg&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=15021870031130157000&adk=4020099329&idt=212&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 6050 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBtvwhxGtyUaSkDtRoSpjyHY1dlg8jytNHIEDJsRxALZ2ei9l48VbYNqvxnBBlvbtt-ryBPbJ7-m_MsPIFQ226VXiTnLfWD8dB7lG5jPBoiWuh1HU&cry=1&dbm_d=AKAmf-APPbnTEo_tWIHk8RrlrzTUeSvwWo2D8zuJSpgTCj0njC_yUt6k3BptwPtRdc8Tsxr7ruaXfwwSXsnJ65wJJJlOTrIx7c9lRZLKFEH6eiQ2kBBAZ5rdUMgPV_wEgX8gul0H-yasaK6bjd2kWSAbnfuBp9QyNFhQeAuafaENNtjInTiMMRKlpjPz8VzoRxt4Nb1GOuYf29px2ruFy2ZZ_DNL6l0UTlGhhkU5DgeNFb9-mW6UqrHzLJib3z4daoFA-2bA_CVubptY9OG-xiMmsYygb6wf3rVJdSe37dLt6hnMpIozT5z4cES_E2D9AVVpDl1pBBdwy0RK3hj368xKxkYJCShp7PpAjHVSlvIyQsBjv06cZviIQV0A8Tpul0hIZ720rEcTkCTbp-GSwBqziau6XMyGweu6tzpejQMfWAJ8di8mLVxqEZfjd3VQykEu5FcANrwK3nX688VQYXasd2jgpRjJnpkpSDhU6A8umHj8hwpIHoPitILI2NjP9Wo3EwnEwBCjgxC160rRvD36kGtCvocvEnkM4XvybWHuwgU-kElmYT8E4mT3_j-d3XhAtha7nH4FtDOFq1U2ZwSvfPzU7qOJdehHPbFon2wSBY7B3lcqXlbic7kIFu0Q8bE0Tuv8p5lf3j-JbQGQ9XklblgjmHGXkZAMFRaSXhzVWdU0pHhb5xAuIpGf8KjwMKzT0kYP_tSUmr3fNFhVgFKiNR0vnwlQx9BoVg4gT-nQnMp3B7vu2k3YgeR9ootmBT5nnfuOfUTvUlWrDVmJWRpIhPhfTWXQQquhfqhZ4erZUhTCiysUjJhWkszTHqrdwOyZsMqAPQi8xn8zhHdwGE-uNwCokBp_VFogZzluRgaVuqE11aZMm1nPAKDMNaKBrKk9PTuzigbQjfYtX8jqZ-IXzI1XTK5TsXb-93dJfduGzqEQQ-0N43ZEoAj3PnMPISPncQ_7EmP6JUJnJhsF6HKvasvLZc8Ub8SPHk0o5ac6yrTjWVb4cxaQ7HfahZUifOchzSE4TKh95-4xc0-ySU4KF4nTV2cLdOskcg8srtKaRpDfMRIupZdjldI9pJotg6CpCQNU3HeHtnk69iUJ4OswzMNYWcMa-vpgUPj99pKG6glxjrTp6UBeWJdQsdB4uX6FY9iKTWdDhpARYSPelfDqIJXtdoN4zRqCMAEZG6ekDwgeWteUMIQRqL3Yu9wgvziF5-0pdqsQ-cPTyvYx5nHmPP-SUWxZXF0BTgcir0Kvb3RpWlf39A0ZXgkyTTAy1bOoYacxqlUOtPK9H4GSWzfRQunBrlHF-SnU8TUjISNxSOv5jpBfsO5dj_iREYES9RMtzAlWjx0qGkE5EsrmEvCsI0w4HrtWHu8BlL9QTaG8PPoujebY6Gm9aega57wpgCKVP-iK72yvNwZAUNKSBjyhsYpOuOL3TfQ3f05Xp4u5s4jmJSqfElInj-vWBKKdlhVssfNl4d9DKXvpLmghjts-dKfrt1Mbtxt87i46offKm3UckfpERWp7sYYLqiVsFMkBJJ2Xr0-8bJWFIrOco3M5qpmxn2q0s-AdKR6mO2umgD3mum8PyiDXrKo1uCY5tcRTPSw18Zt_hgTVBpNRbmGrFghtaVmaZJMtvDYxy6Kx4AmI2QRpW_kSr-dfuYspfvcD5F26_Y3a7te6k07trwlokONaGdLMc5EwBGbgNTKuVpC9glzUysChC7LvtXe14YpdBGEeX9pbUoCF6sm6pjZlVVwC2_18zOgksblAjrpkKnfziPaMedcwKT0eeQU6pzvr2vceBb3xfotGNgKjtJdV7h0Ita6mT1kB6ySzICte_vQdfBCGmf4Cc6kCUm_BbZptm9iqFXH8DGcKBjjEt20wZYOaRAx627w90N9EQsFN8cSm_TaFhtMe-_wk1tdrrimG39vrkGD9RKembHD8Gn2BqtzmaOaiZVfjYHP-BJLUWuOic1gMPiKoMHHGD56fepuIYi8_FbCiSZUmuAzDFthyS4gQHe7xL6-jQtPIHFuAIMyAayOcrlwOUqNLULC5EWhrb_UdsO2EKsGSQbtma9ut2gW_nR41Z2sRopLqS-kuN0DOaIibM8Ge01vzAwp02FimbioprTPyns0dW9PTXSQj6lX58lwATH7wpnUziZaWCMl2A4z00wgw2qV8UH6AWveSo82Bj87JDjf8wfJPEh_Iv56c45Xaom6Jm5OFZKQdYDUyLHRC-CIdYVVC7WA_p-v-zguTwMTxNpBapPyaE0tDTkhJgEzu2fzodoPAfE-vuBpjdOkd7g8vF-LMacpKudX5vknTVFqpMmtL3T8GkIAbi21wLMIh3H-XAPZ2PkMSaOX1ZOt-vYmZ0dCuEv_gs5BFV4zuVgYaFisbhW89FjuWQp-icki580PgXzqdWt1xYJcxX181qeQD5Sg7XU7L9Nc0QXkuPSSx7i9fSaSiAOZFgi5W70Ok_wE8SyQ-WhurQdoSWgg_xyHFtvXv3A5nn6aT_LnLig2-WFOWdKqNuCs6MfGOT2CtbmZwGpX74_G0q4d4JqtVeK_usRZ5BcKtb9-s2oqbWlXQYDeO-3BsqJxdOMcrERjn5f0iKwTeRfV-IJX3xyOj6nlBZ0F6Rx1xzEG1El2VIWFPk6odV5O7F1Ylp8y6gWxeMCJ3Otu03S3Dj_zJVxe86ShSJsI8YyFwPNJYb2cMpstPfZ2sJXl2ADkfwnXjs_vRM4tKUpz7WzbWOGbDsix_vRIEATefSwceK1ZrcjxiDxfSIx8iVEKci9e6X0U8CadBlRncTRkpJRzt4_KinO4f84vQFzSe4hJQJ6fU_g9tJ-zZRVoh60yUMwM2Cifm7TIXng2ldzkO9ZW1mjvnc7uXfz_qdPqGxvvGoA_qva4t2mW9BFaYY1ojSBh6R95fhl_eSvKp1DBUhRX9K9T5nsxaU7qaC4GfLejOqJrRcHLEZvuMBrHZNEn3J6sqaUg4WxkODsrQjYyn3hxpRhw2eDPVW4SIsy5mqVAL5E7trNtBbBxh24Nj_fXTneTXP6M-j4Wy6U9BeU-X3bn39RRXdw8P6mdhHBYrdzJnV5CKbN-BhXV-xAL0g3kC7f-XGOCrUn2mNUGJxntXHLfWxVyb8W8E6X-L49mAAQvde1zIgDdMhxZ2gBwAjLIlyo-_cQiSKEqXrpbw3jFixNyeuAaxx4FJstgQDvFWG00Vjbmc1PtKjIsoAAyNlDlEv_0r-p-x_r4vcpBQzAqvKXhMpBoutdeuBrsnpWoy6rDwNrI_DSSopCrgDvFo-LSNQN7N0R5qL21YwVJLmqOav8M2QhgtduLZ9bFCdqTeGUwjUkSvULBItvkDFU3m5pWBoN9I8dEHGtnZi0IaovUZ_NEvwwR0fcAe6qdpOeUqs7QEE3He_YpytLzOBDLriHOJ8H1d_TFY3IviG6cw5KA5TZxS6WSZyFNEFxxXuM9yhedWCkMtqILJvPpHDHQsgMp67DamhScOt3AjEwa226bCzK1V-Vr5aqRkZEOo1eFSPrRc0cnV3-ogwCm9jnJa1EnooS72TOWj99RVcv0AadzAsJCDWxd6mqJD22HiZFOR1b84At3P_iObiWNebB31qdQ4Napb4LefmLfb3C4IQBRm9zuw6qqtM0QQ4AI6Q4cGl3bqrsuohrQKWQzR5mkkSCqlf35z_arS1fYuflLJ3X46bQGVU2eBrhAZrJrkVimawts9rfyIpygcTvSoVoiZyRXRIcRUkc4plciOBzEDBSvkeShXuJ5JX964CZUrpdW88pu0hdPy-GnRd7mkggzf1W9B9_NcHmgXbh8xkAEgRzNBDQQo4GDWKYk7yTJGxAAUZxIMyZhp_knfY3juBjwbphfA-M-v6-gQ3f4uVg&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=15021870031130157000&adk=4020099329&idt=212&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1D02 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 1D02 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9hlPl5-F2nkwuUNT2B7SkIb5D09hmO48PVChJd6c13DeXogXgxzWLVuO0n0czHXTktuBuKayTY7crTXcX49ptUaofRYYt8UQ3lyiYh81qkc4dliA&cry=1&dbm_d=AKAmf-Cne2VgJe1_3LvHwusNP2hKAbs4d8xefnynszNHFfRpW98dnCZHeZJU_tCk3wYlMC6Eh74jTfAIPs6J4qxx9V4UJbdSoV7YQsfCC4eHTF0mzyYQ_eQkRYlo2XGzbJdrrGbd0l__HbQecb1OmDDvnchaNWCw8ZR4-6dSoC0_0mqWvbQnNXwa64N1oI4bEGi3I9LVZ2dZOO3kOKx_sk4CW137jurMo7grCmNY8veNaimpNQgDcJh26H0QxNpIUYqOUVyNyxBbXlztnO3gskcNPyvI8XnjIWSjuPWq9awhahtNWTrsewepmBOPuM3WA2FscfV34MtUTyRmUKExpogb5NYmBekWRgGglhuy6-1eYuekVl9t3QC4Jt_Vddzdnsx_934gBRBTFP2qwGQr9X3M6iapmoVc9n82T1fZsaGATWpp-GIPg-V4oJsycU40yb1RVUCNzXkUCkVnVHhMTB8VW2RaRk96UfddYatj04fatfd2SJgOyHpMoWRCo4g-6PzRuHwPNfU2npYjnqXxpUbJ49ulqPjrpVDUwZ8yNE8G4AWt1-xwx4B2E4iTt_73ersC8OegjsU7sD3fzwt8V8eFXJnGEn9-D1ZODGm0vheDn3JwmkOLbtLTzhp2q9kpM3rmaGRL0hru3DzZK1zQt3GgT0yxMcJ-Nb5ozOOVxJ0BE3nXmn2oW1L9t92S95XZoSSaws6355tcYe4mDgpr1DH9QitJwJooP_CtEOqWFDp00CXA7tUGwU8GVgHWb3UBFkCnimkIBCgKdhgOukLLA3zjezQlvK0q2X-olpOqeie9BvV6PW6zmjiTkxc5HOTQfIJrBKLg2O6JwX-EXq7VXkPaZtuiXMF54iGr8ZYbO-hPONWFsoqYULzgwnr5B5zYWhKeNDrVyUIkP0WkpgwkEj0_c-i7IRwdGBZv9KZoDBDzCmNqtYNEOVTpLScHNwk4mHRxzK7Ft6vf1uHDpcSJ64B8_d64xZ5PJinaZUnDg2xgdwNuGdnoDKOZNfhxboLTXcwfe0KvlnUveH8sK3w1MRtS7M19ktPIN715j2xyYk1lsJo4sA7VTUwNKxgqya1vw9tLewP2zCPOJi6yvsCYZoDX4boTrPoruXFKNvaRxPvlSSLlvOJTDdMwpWw8lFVJskYqkNexiPWgQFmiHLHt7TXg_HOzCWdrneoLBKbBKTGqmLfW-EyMY7lW2ELER29X0XOmaR3ufgL3zeTuT4n6jnJ2fAaeDMJFlvJyse84CKB5QuDC3cv2knfCDVwNdawC3pS2MZRTO4HrYsvr7xavfEgUgGDmYD2IUMznQo10Wvwt0xsp0NAuef75VDDY8cMtOk5g6Mc-FNTUWit2bJeLDtO1nZV_5xXPEp2Fy4YiEUr9QmkQ5K0cTMhIGzHe1gow-m52wdps476yXNOCGb3rL_UcvkezGGwn21_fMnlupIr9DExJZKv2ehe1y9KibO0OSg7vy21yaA3xK-cWDZeok_XDXZoSrW07i9UxWniJXsA4jfCaoq6OKT7_UspTNGwGdiH1g_SnxDMQBtjHeqgYpZgOzYcP-g_C6BFw3Idisj5bonK4nYlWXEUF35Wx-WNmriBMpH4zmtsg8POZwF9wN2yMrr1s1oG5PfUEEJYkqynyCM336gIaG7rof9omP_4n-4xQt_GUgmYRQgRhCoULKb5gWI8COiMYf6RoFHJ3-KtHU4K4k7DGR7z3E0k6A55oDSBHZDJRzdxRL5YwVPtQ6iHf4Qw37u1FBpDAD1rvunFAfPifbJs_b0ffmq2tisDoN_eiHK80US0_c0c9cNuGDwW8vqHcPt7M3pOK8CfxWWDmfaPaFEFYqcNPzEoz9QjEccHy7eV2uk_JRXoOmDCeepsRWzbnwUoZYJBBPwHUb_fStugIzEtNHvU6lp9rkKeFn-z2aQxUqpVt8D90SXGByT1DgH9qwiL0rZTax8a0pE1rOiPFB7j_9RajqxQFrld2XuzlDjbwvaQrKq8VBjnMW2kX0V87Yh-zHBPMVqZ9NqeSAxJREhg2UfFTel9cZNO3x0i7JBX4_gctuvhvktgRTwXWuC4G8s-siW7KTPiu9rr8U4rk2dnBIA5E-2b_wuod74ewbBhdTHrqweQ3vYgIenjco2FWKKAFYewcqikPjmJi0RkS_6F9r6ZF19hKtPbg-XfbmwdZnOotSi6PuJ0QcXm_vAA_DDMdxCNH1Id71cG0_Gt0g7bcK1GOMBfkJJh46YSI6IaYO2WhEnSjzyyp9kGWwTkcdo-MV1z_KACYy5beLQqTfb52jAstL9vgr6Usltl9VxQF5cbDeOjSPIw9iUWrp-PLfBVHpFKEzeBjX1dM8gDxbRy-Wtt8i7ATZd7RTM6NjrUm7lbh5ab_d3Bgv4mDHWTPjZW8F-uzMPOQsm5LUQVR_AHQSDMB5jYqGcw1nTlVc19CCu3NrewiMIkldm7cIsVE8mHNnfO6Hcw8JPLt9o-xiEDr2yK_bzqRpClTNAFPh95_7RwZsZzi2byhrgTUPBCqdsf3Yxrk9NfOXrFzFCN72XU8La3qWWWSCT8G-W-kUzEGehk1blwHup-ZrMt0iix6FmD7N5516j2gX_4nt9lkndEfgVnaqNR7wQmzrbIeQUHf26c6gBClx9q8NSKOhX7UynnP-nvPrGvnjRiBX_df7FlZzz0FOcJj9z5UZaTmEnPKUgXmeJ98Iyc1QNbKxLGyWdOlfoLuWbbrDo2pv4Vz7IMZInxqCrSMMVcfBOskRxh9V_yhRd9RkcjX1TB6Q1CBb5wyjYL1y1Kj1GEA8ZLM6kncvr8W55mOr6Dp2osUxgdNY-cTRkMqr1O8_1qqrSjBB98Ck-RH0ZljbpKNKVv7B3-yRkG6k5GiM9aKlE_c3USVXUJocsGAF0dQ5vJ_ZYGwZLr5HpmzZ_nLP-I8ZQMlFVcO7u1BcWtcAxMv_KBrZ4FyoneMA1IV6iuDth1rO6HQcFJvBA6coALyyQUal5Cpp4yRlbEztx2dHv2W1i2Vs4m_7OYOBd_A-whXuZRlLsX1oP3oqkwiFDfQbyf3yv9pAQ77vuHT67JNQNkpxXJWOEsoHNmDGxm0dyy3p8oi682be_A5WoWDLnqYjoNBjFWh1JWMFrQ6HcxH_T1OZ9FjCZiOfKc33K_knnQa0qFuke3vSGO34FhgIA0q1JF8ASfFDo1SDHHW0VaV6zDL0l1T_lDO3VuY3ZKWj-TJlEctXKcoZwHbD53OLTINrKJh7swr90WAYA36z574R-8UyD2RQpPVwKMA9bofweFYB31v9zdCnFBt_nzJduWlwOuT-TXf4_OYRpWmbz5Cp56L26BT0F1oWXo03KDJuzRQc42qKh4uX1QGNOYhWsXoIj0yNj6Pm3j7O37GxlzSsz35qJPBPeViSgqu1kfhjxW3OZm34_4-8G_J9YzR84vAacecHdeYgNaX5Larbnwy3RalbyqItqOrX9mAJNKsihIs4O8ErKe3Ng47FzD5MDFwVD32Ph25hHxbNjlHAZnD179HpP0hTqIdGqLlUX04QvofG3Ao8GKLtL_XWK_y9oFfOLeMfqBLpk4WbMcmzHlsSPx-MuWPdwwUkGxLLp9DLhGJYbwI865dWZB7G1gURqorfUlLjEoYOFhMH058FRwiM98dYX1eh3P1f7JZYYYbGGtOV8TCvlPvIpmotYb6QLJ4gixdDnF4soYxg692b60CTlCTOB_3FK6VSTTpaYEsaBK_piUkELVUorVtLZeRanetpj8vbZ5ZQZvKXVbbkoWhopc6Q7xYyZrnJLDz8HBWAyMIbCjQPVrmhzcE0xxJ4LgrfMGTiwTRhV-CcZpZzPloh89YbEUc6GNHpB-8SqlDFMHf-47f_RPeSu9WK-ielJ61gIHF8ZJsu3T5gxQ&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=1328212885567866600&adk=548554675&idt=222&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 1D02 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9hlPl5-F2nkwuUNT2B7SkIb5D09hmO48PVChJd6c13DeXogXgxzWLVuO0n0czHXTktuBuKayTY7crTXcX49ptUaofRYYt8UQ3lyiYh81qkc4dliA&cry=1&dbm_d=AKAmf-Cne2VgJe1_3LvHwusNP2hKAbs4d8xefnynszNHFfRpW98dnCZHeZJU_tCk3wYlMC6Eh74jTfAIPs6J4qxx9V4UJbdSoV7YQsfCC4eHTF0mzyYQ_eQkRYlo2XGzbJdrrGbd0l__HbQecb1OmDDvnchaNWCw8ZR4-6dSoC0_0mqWvbQnNXwa64N1oI4bEGi3I9LVZ2dZOO3kOKx_sk4CW137jurMo7grCmNY8veNaimpNQgDcJh26H0QxNpIUYqOUVyNyxBbXlztnO3gskcNPyvI8XnjIWSjuPWq9awhahtNWTrsewepmBOPuM3WA2FscfV34MtUTyRmUKExpogb5NYmBekWRgGglhuy6-1eYuekVl9t3QC4Jt_Vddzdnsx_934gBRBTFP2qwGQr9X3M6iapmoVc9n82T1fZsaGATWpp-GIPg-V4oJsycU40yb1RVUCNzXkUCkVnVHhMTB8VW2RaRk96UfddYatj04fatfd2SJgOyHpMoWRCo4g-6PzRuHwPNfU2npYjnqXxpUbJ49ulqPjrpVDUwZ8yNE8G4AWt1-xwx4B2E4iTt_73ersC8OegjsU7sD3fzwt8V8eFXJnGEn9-D1ZODGm0vheDn3JwmkOLbtLTzhp2q9kpM3rmaGRL0hru3DzZK1zQt3GgT0yxMcJ-Nb5ozOOVxJ0BE3nXmn2oW1L9t92S95XZoSSaws6355tcYe4mDgpr1DH9QitJwJooP_CtEOqWFDp00CXA7tUGwU8GVgHWb3UBFkCnimkIBCgKdhgOukLLA3zjezQlvK0q2X-olpOqeie9BvV6PW6zmjiTkxc5HOTQfIJrBKLg2O6JwX-EXq7VXkPaZtuiXMF54iGr8ZYbO-hPONWFsoqYULzgwnr5B5zYWhKeNDrVyUIkP0WkpgwkEj0_c-i7IRwdGBZv9KZoDBDzCmNqtYNEOVTpLScHNwk4mHRxzK7Ft6vf1uHDpcSJ64B8_d64xZ5PJinaZUnDg2xgdwNuGdnoDKOZNfhxboLTXcwfe0KvlnUveH8sK3w1MRtS7M19ktPIN715j2xyYk1lsJo4sA7VTUwNKxgqya1vw9tLewP2zCPOJi6yvsCYZoDX4boTrPoruXFKNvaRxPvlSSLlvOJTDdMwpWw8lFVJskYqkNexiPWgQFmiHLHt7TXg_HOzCWdrneoLBKbBKTGqmLfW-EyMY7lW2ELER29X0XOmaR3ufgL3zeTuT4n6jnJ2fAaeDMJFlvJyse84CKB5QuDC3cv2knfCDVwNdawC3pS2MZRTO4HrYsvr7xavfEgUgGDmYD2IUMznQo10Wvwt0xsp0NAuef75VDDY8cMtOk5g6Mc-FNTUWit2bJeLDtO1nZV_5xXPEp2Fy4YiEUr9QmkQ5K0cTMhIGzHe1gow-m52wdps476yXNOCGb3rL_UcvkezGGwn21_fMnlupIr9DExJZKv2ehe1y9KibO0OSg7vy21yaA3xK-cWDZeok_XDXZoSrW07i9UxWniJXsA4jfCaoq6OKT7_UspTNGwGdiH1g_SnxDMQBtjHeqgYpZgOzYcP-g_C6BFw3Idisj5bonK4nYlWXEUF35Wx-WNmriBMpH4zmtsg8POZwF9wN2yMrr1s1oG5PfUEEJYkqynyCM336gIaG7rof9omP_4n-4xQt_GUgmYRQgRhCoULKb5gWI8COiMYf6RoFHJ3-KtHU4K4k7DGR7z3E0k6A55oDSBHZDJRzdxRL5YwVPtQ6iHf4Qw37u1FBpDAD1rvunFAfPifbJs_b0ffmq2tisDoN_eiHK80US0_c0c9cNuGDwW8vqHcPt7M3pOK8CfxWWDmfaPaFEFYqcNPzEoz9QjEccHy7eV2uk_JRXoOmDCeepsRWzbnwUoZYJBBPwHUb_fStugIzEtNHvU6lp9rkKeFn-z2aQxUqpVt8D90SXGByT1DgH9qwiL0rZTax8a0pE1rOiPFB7j_9RajqxQFrld2XuzlDjbwvaQrKq8VBjnMW2kX0V87Yh-zHBPMVqZ9NqeSAxJREhg2UfFTel9cZNO3x0i7JBX4_gctuvhvktgRTwXWuC4G8s-siW7KTPiu9rr8U4rk2dnBIA5E-2b_wuod74ewbBhdTHrqweQ3vYgIenjco2FWKKAFYewcqikPjmJi0RkS_6F9r6ZF19hKtPbg-XfbmwdZnOotSi6PuJ0QcXm_vAA_DDMdxCNH1Id71cG0_Gt0g7bcK1GOMBfkJJh46YSI6IaYO2WhEnSjzyyp9kGWwTkcdo-MV1z_KACYy5beLQqTfb52jAstL9vgr6Usltl9VxQF5cbDeOjSPIw9iUWrp-PLfBVHpFKEzeBjX1dM8gDxbRy-Wtt8i7ATZd7RTM6NjrUm7lbh5ab_d3Bgv4mDHWTPjZW8F-uzMPOQsm5LUQVR_AHQSDMB5jYqGcw1nTlVc19CCu3NrewiMIkldm7cIsVE8mHNnfO6Hcw8JPLt9o-xiEDr2yK_bzqRpClTNAFPh95_7RwZsZzi2byhrgTUPBCqdsf3Yxrk9NfOXrFzFCN72XU8La3qWWWSCT8G-W-kUzEGehk1blwHup-ZrMt0iix6FmD7N5516j2gX_4nt9lkndEfgVnaqNR7wQmzrbIeQUHf26c6gBClx9q8NSKOhX7UynnP-nvPrGvnjRiBX_df7FlZzz0FOcJj9z5UZaTmEnPKUgXmeJ98Iyc1QNbKxLGyWdOlfoLuWbbrDo2pv4Vz7IMZInxqCrSMMVcfBOskRxh9V_yhRd9RkcjX1TB6Q1CBb5wyjYL1y1Kj1GEA8ZLM6kncvr8W55mOr6Dp2osUxgdNY-cTRkMqr1O8_1qqrSjBB98Ck-RH0ZljbpKNKVv7B3-yRkG6k5GiM9aKlE_c3USVXUJocsGAF0dQ5vJ_ZYGwZLr5HpmzZ_nLP-I8ZQMlFVcO7u1BcWtcAxMv_KBrZ4FyoneMA1IV6iuDth1rO6HQcFJvBA6coALyyQUal5Cpp4yRlbEztx2dHv2W1i2Vs4m_7OYOBd_A-whXuZRlLsX1oP3oqkwiFDfQbyf3yv9pAQ77vuHT67JNQNkpxXJWOEsoHNmDGxm0dyy3p8oi682be_A5WoWDLnqYjoNBjFWh1JWMFrQ6HcxH_T1OZ9FjCZiOfKc33K_knnQa0qFuke3vSGO34FhgIA0q1JF8ASfFDo1SDHHW0VaV6zDL0l1T_lDO3VuY3ZKWj-TJlEctXKcoZwHbD53OLTINrKJh7swr90WAYA36z574R-8UyD2RQpPVwKMA9bofweFYB31v9zdCnFBt_nzJduWlwOuT-TXf4_OYRpWmbz5Cp56L26BT0F1oWXo03KDJuzRQc42qKh4uX1QGNOYhWsXoIj0yNj6Pm3j7O37GxlzSsz35qJPBPeViSgqu1kfhjxW3OZm34_4-8G_J9YzR84vAacecHdeYgNaX5Larbnwy3RalbyqItqOrX9mAJNKsihIs4O8ErKe3Ng47FzD5MDFwVD32Ph25hHxbNjlHAZnD179HpP0hTqIdGqLlUX04QvofG3Ao8GKLtL_XWK_y9oFfOLeMfqBLpk4WbMcmzHlsSPx-MuWPdwwUkGxLLp9DLhGJYbwI865dWZB7G1gURqorfUlLjEoYOFhMH058FRwiM98dYX1eh3P1f7JZYYYbGGtOV8TCvlPvIpmotYb6QLJ4gixdDnF4soYxg692b60CTlCTOB_3FK6VSTTpaYEsaBK_piUkELVUorVtLZeRanetpj8vbZ5ZQZvKXVbbkoWhopc6Q7xYyZrnJLDz8HBWAyMIbCjQPVrmhzcE0xxJ4LgrfMGTiwTRhV-CcZpZzPloh89YbEUc6GNHpB-8SqlDFMHf-47f_RPeSu9WK-ielJ61gIHF8ZJsu3T5gxQ&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=1328212885567866600&adk=548554675&idt=222&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
track
st.pubmatic.com/ Frame 2CFE 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156479&s=758930&a=3607641&ts=1682689537&wa=0&e=96&ier=901&vadsId=-1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 58E0 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 58E0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCRMcN64ivYyiJQMAyRHPbuDYlnMNjAS1hpL-vLOfyEkFb2zpLBSstMBzoYJPHHRaEMomsJOgO9HiFwcgUPzdYua_3Kw5wPNIwy1XPFNkJjRYzjrw&cry=1&dbm_d=AKAmf-DD9ervDhTpDV0ZkyKZlAVaVJH6qsFHX6BGWxBNg3NUsiSPMywz2cQ-CXcbsiRE-nzTOIAhV0myt8aBwwp95Jmzw1IY5ZbXqpez7tBHguGgUrISDeVmfVfCiQnUXBGN-OYXFW6H1haMgB0LX60Cq_kvVPy39ilLxv_C_Sx70zIXEac7MlMgWRh6l0_p2cub6dODT2Ca34sxurP9ilRhNP11eWVJtvsNYi4cdRnmOFhOsGrhYcKWGcjaaZCadR0qtRb-gE4yzCNLoReie3-b4vtsnkYdAP7icR_LtvU10NIpQwezyYIrjZtnFNG5FdxTJ5bc1ipkNwvdtruXhcHMUDFhxb6cwT3-yoa51GsERmSK5m2nJ7XtEcHPaxK4HWRPx326kHK2ECCXdsp1CG0HyNFAT_LA1K2l61NnQraOb301hc6mKIhvfh4xa8iUFAmZ0NO0VoyIdL8VLNw4fOI0QKfqPBl5FSGjLmMssGSPCUl7GJtAhJ4xyBg8C_jgB8x_sV9Fu0fkMYibHG4dWqnRz0bqeRfdk1wgTt-qxZnoP1Ozd4iCO2xpbwMLKLkTc4Lu-ByjBywJEh-5M9TMTPJ5C21QiXOBL9izb7PvX1-_r1IiynmSG1w7sAm6eNEZadIdSfu3O9stYfaSckBbcn5xY15JLtck0YsSOtA3bes_sFZrxa1jVtE0VIbxxTrQ-xoalx98eFu8bGpgVQce3hvcU0TlGsclPJJfhwRvv_MpunyiIHMvV30BxLEFCtbFA16xnimgy26dVCEOWbqiU5rTEgdcqif_8uHTDhbz2tjfUEpBZehYbtOx6BRO4-E4l5sQUorzLnt16idz-I8IA_4wuCS4PDw-Yg-MXnpOq_uQhTBaaoMDo_MoYSIvbV_ilcv7xky1QCOCsFYo-tS1vzSbCAxjO7wGf4QoXYE-sSf1nU3er-Fq54gMOTCaSnxbg9AwimuEp52zLDFHxYteduSNPUSlARMhkimH4CRZtrpry5cqj8CzEcWKIds-trLAzw3VCPTSHIB8zxQHL73H5BZu3Yc1j612b2Ul4lV9Laadr9ypTrDOX3SQn5fIX4TugjHgUJpdM4XpGhQVuRHKMgIWMHHgtBmfxHjs5zSvR0xs8D0OKSDNDauGf_ikaVL5z9oFqCN3f8ggoVtuMmLruy3P2VEYXCyBdYnIOI7z5PhArLrOentqguP4hKUQdJUEdmJ2ErFmSSGP5mnVwlw_nU7IyAgEXquLC90-miOzjLGa5HGm6lDjzgGxrmXhBisJOMlHFWweHCM6CYvesj07R006VyzZuS5YB7QtSGl8cNyEMY_cidqV7dS6yl1zPDX7Hz96Xbde3UZUEVLgQ6pzJp_U-IcSsNsjNxP4Ojug4bMyhoSyiJup6LWquj0tNDi-97KfoRvM2xYnxfONklhplncdgAKGpuXqjX2a9c27-cr2Ipj97jupvkxXC4I5zHCBiUcq_3nytXmvAO0G709NzLq7u2WKOz31xaProKMM37W3El6a_8BEDmJLGCMkQ4JLUO2n_iPNPsE48oSo1ynBAzfFXH64Jy0QE0Y2P0W7fjqBCEeIIZg2BQ9dhp-a10MSOwvjYSLEBPftw1cLx5z4KoF4R6_Tzz0VLRnhv_ZNrXA6hh-XIwBST7Mpmbtgs0WdXvreon1CEHjPpLmsCRtOU9v-YfdCUJnuz3tBvskapty-rLlM8V1Ct4ooZCggcBdOGz03lEOqMN6sONIfVUHApVSosQxyShLmr4Zn_TBBAi6Pv4piSqNV6iEf5zRGUhSuvLdDsy9Svfj_i7UBmVidU09dsafa4fKBhDvYNpFG_B0rONYf3CQbrRhT80RFq5Dqa4mk8YbxnjayEFawhsGHE8VJt2ZUS4-nfc8U8Ax8eyH7-wIkKIWcETZ13xv5HV2nZlqSDd_tdQbdQkJjUOM31efb2wmUN2X5sy6duzjFdI3Z51IPQF6dyncdu_s4tmkyUMAyWfX_p1Lf-2q_YxLWdabiVqlE2JHv4fY4Rd1IybwJPYaW-z6UQezhtfejgXNgU3MTMmNtm5iIYxCa1MDu0mWAE26wH6ORuR1K2t2rVlNtbXAbKr_3mARHPFD1xFWNPZK59r9HhOUpVEcwasXJpjn947ttmaZ62eI3h8syVrTj46WR4T_cskxNx0BKRWCz1wr-5p5rua-TQ6KQ8udnEwpd9-SFkUFS2Yyn0sOs2r7CSSXqKY_b3WMHad_o1j3D_xIidly6IiUrYzhZDH8kuuTHcQ2A0DxEhY7FB5Sm_ozG4RnQdIwL8KfNj0N2s-4Txdu4g3b0BlVU_5EJZcn_OLUl5e3sZbgicHY5sXuiZ4oexF2RuXTZMHv3ocvTMWiHzjCGxytMCvQagx1Dh-2NfzWYCKxefllx8SlLYVS64rZQMHWrP3yFmMHYihJJhcHQEssMissWwLv0w7E6CBHT0N7x92A_NP3sZcHWPzyXxIEcgcmobxbcSHwB6oLp-GwEnJtuovDZgja9En2njwtNOLbGgTzkv8ya5L84aDj9JLYr-vxhUGn_2ghCrFTBrpxSjlN1g5ert-ZDSwW76Bsm9pYv70IpsTBHau9fkgTYVyFYxAfLxtVoUssmqvMeF43b1AIPM84cKoXqTFPZTKOErbaPwDlFpwrvzfPrwOxU5Ddvujg4-6O_vq58YqhrqtOvJDtYEFDMd5ETSlTzFZUBDOSJL7Da4DjlPPlL72yZJqsC0_oL5IyIJqo3-I4E8bOsbBf6Ay3GXcPqYOddzCTMX3u6MyNl48NXbutwkHK52axnjKWf05qKp7FthQmIEzSeegkbBTIBKHkq00McrTA7COooXGZEz0UJ6ya5Gh0gZPUhGIueOvLSJmm3VHsHrv7uuVe3MQcP8Dw_0Ph82eoOKyVMrykgtfkmd7rYmWhBhL4eYz6WA3XeGbpuxFN6mdSqFUBLBQKfJqUZJSlojgLdJBsVDkuIH3FooGywAAHJWiqLKxopYf1rS1jL0qD3N1kkro1DphKC66nQh_sE1wcGiAmDF6xw06vcWVSuaVFdIs1ycRT-r6h-ZAhAcvKDk78TGQb0R2YTZdi7lv-XKxhl6EkGsbgGaTP09_eg9HgF2fE4NtlNMT-JWugys4gyhHBVX0jSC7YelGRuXOtHgyvUQ9REXn5V7BYjlHPPBtA4fW-jl0c8mTlAVVUD9rqalCGtudDg80n3vYVKPYfmtCaUz4WdsOFBzoB86g2mdsosXIRo9Dpmin7GjueJAiBn74NP29uBxllurpyycdvvfQGELRMA4ynyVtR3movNvzZ8QATrfii3dLbn252zGI_9XJEPVe2hYhTecVyOpAUdrBFOgfAEjYcep-NiVAdE3Gd-HGFYZ7W1vDbCvBXAcJYcBCguNMyAGZI4QmjPyZVaG8hCenmCu6_iP8cLLiHB7lh8EGdEhHCzAPUQb6UPuAyr8HmwOw8ixvSd0w0QJz3H0Rwj6GYwnUhYKmMd_6p3wINex8ST7r1gbSsZwO61nyPtnZXAEV6cGs28HQ60GzY5-9ap8d-wXMV3PiKqOziggLqJMh4W47QtAm_QLxQnms4ILB5He_n6pXsLraRGWpbep1_c7SWx9odnelKCj4ytoaUn9xTGYtNAnvuUqZ9eGtG0FfyLRDnjBbh5joRsAKWAszFkFWTPnHN3VXUkEvVpPZIsrhMlK6JajICgk_n93QPybwXjVNLZYCm3PsmaEv4aDm5aIN4mJRoicFbMzu0p2OTLGdKGScQKQut_Y0Ka8MGY8dCOpBesl8WmxKFXpdW8F0Un3qL_AExHGSrcS2y9Ir2ruDvf-d3L7I61sr0aOxYerhegjxUDzi3n5Fwtpb3JV9dhjgZ-XgkdLhjBUA&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=18147356951416574000&adk=531095043&idt=261&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 58E0 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCRMcN64ivYyiJQMAyRHPbuDYlnMNjAS1hpL-vLOfyEkFb2zpLBSstMBzoYJPHHRaEMomsJOgO9HiFwcgUPzdYua_3Kw5wPNIwy1XPFNkJjRYzjrw&cry=1&dbm_d=AKAmf-DD9ervDhTpDV0ZkyKZlAVaVJH6qsFHX6BGWxBNg3NUsiSPMywz2cQ-CXcbsiRE-nzTOIAhV0myt8aBwwp95Jmzw1IY5ZbXqpez7tBHguGgUrISDeVmfVfCiQnUXBGN-OYXFW6H1haMgB0LX60Cq_kvVPy39ilLxv_C_Sx70zIXEac7MlMgWRh6l0_p2cub6dODT2Ca34sxurP9ilRhNP11eWVJtvsNYi4cdRnmOFhOsGrhYcKWGcjaaZCadR0qtRb-gE4yzCNLoReie3-b4vtsnkYdAP7icR_LtvU10NIpQwezyYIrjZtnFNG5FdxTJ5bc1ipkNwvdtruXhcHMUDFhxb6cwT3-yoa51GsERmSK5m2nJ7XtEcHPaxK4HWRPx326kHK2ECCXdsp1CG0HyNFAT_LA1K2l61NnQraOb301hc6mKIhvfh4xa8iUFAmZ0NO0VoyIdL8VLNw4fOI0QKfqPBl5FSGjLmMssGSPCUl7GJtAhJ4xyBg8C_jgB8x_sV9Fu0fkMYibHG4dWqnRz0bqeRfdk1wgTt-qxZnoP1Ozd4iCO2xpbwMLKLkTc4Lu-ByjBywJEh-5M9TMTPJ5C21QiXOBL9izb7PvX1-_r1IiynmSG1w7sAm6eNEZadIdSfu3O9stYfaSckBbcn5xY15JLtck0YsSOtA3bes_sFZrxa1jVtE0VIbxxTrQ-xoalx98eFu8bGpgVQce3hvcU0TlGsclPJJfhwRvv_MpunyiIHMvV30BxLEFCtbFA16xnimgy26dVCEOWbqiU5rTEgdcqif_8uHTDhbz2tjfUEpBZehYbtOx6BRO4-E4l5sQUorzLnt16idz-I8IA_4wuCS4PDw-Yg-MXnpOq_uQhTBaaoMDo_MoYSIvbV_ilcv7xky1QCOCsFYo-tS1vzSbCAxjO7wGf4QoXYE-sSf1nU3er-Fq54gMOTCaSnxbg9AwimuEp52zLDFHxYteduSNPUSlARMhkimH4CRZtrpry5cqj8CzEcWKIds-trLAzw3VCPTSHIB8zxQHL73H5BZu3Yc1j612b2Ul4lV9Laadr9ypTrDOX3SQn5fIX4TugjHgUJpdM4XpGhQVuRHKMgIWMHHgtBmfxHjs5zSvR0xs8D0OKSDNDauGf_ikaVL5z9oFqCN3f8ggoVtuMmLruy3P2VEYXCyBdYnIOI7z5PhArLrOentqguP4hKUQdJUEdmJ2ErFmSSGP5mnVwlw_nU7IyAgEXquLC90-miOzjLGa5HGm6lDjzgGxrmXhBisJOMlHFWweHCM6CYvesj07R006VyzZuS5YB7QtSGl8cNyEMY_cidqV7dS6yl1zPDX7Hz96Xbde3UZUEVLgQ6pzJp_U-IcSsNsjNxP4Ojug4bMyhoSyiJup6LWquj0tNDi-97KfoRvM2xYnxfONklhplncdgAKGpuXqjX2a9c27-cr2Ipj97jupvkxXC4I5zHCBiUcq_3nytXmvAO0G709NzLq7u2WKOz31xaProKMM37W3El6a_8BEDmJLGCMkQ4JLUO2n_iPNPsE48oSo1ynBAzfFXH64Jy0QE0Y2P0W7fjqBCEeIIZg2BQ9dhp-a10MSOwvjYSLEBPftw1cLx5z4KoF4R6_Tzz0VLRnhv_ZNrXA6hh-XIwBST7Mpmbtgs0WdXvreon1CEHjPpLmsCRtOU9v-YfdCUJnuz3tBvskapty-rLlM8V1Ct4ooZCggcBdOGz03lEOqMN6sONIfVUHApVSosQxyShLmr4Zn_TBBAi6Pv4piSqNV6iEf5zRGUhSuvLdDsy9Svfj_i7UBmVidU09dsafa4fKBhDvYNpFG_B0rONYf3CQbrRhT80RFq5Dqa4mk8YbxnjayEFawhsGHE8VJt2ZUS4-nfc8U8Ax8eyH7-wIkKIWcETZ13xv5HV2nZlqSDd_tdQbdQkJjUOM31efb2wmUN2X5sy6duzjFdI3Z51IPQF6dyncdu_s4tmkyUMAyWfX_p1Lf-2q_YxLWdabiVqlE2JHv4fY4Rd1IybwJPYaW-z6UQezhtfejgXNgU3MTMmNtm5iIYxCa1MDu0mWAE26wH6ORuR1K2t2rVlNtbXAbKr_3mARHPFD1xFWNPZK59r9HhOUpVEcwasXJpjn947ttmaZ62eI3h8syVrTj46WR4T_cskxNx0BKRWCz1wr-5p5rua-TQ6KQ8udnEwpd9-SFkUFS2Yyn0sOs2r7CSSXqKY_b3WMHad_o1j3D_xIidly6IiUrYzhZDH8kuuTHcQ2A0DxEhY7FB5Sm_ozG4RnQdIwL8KfNj0N2s-4Txdu4g3b0BlVU_5EJZcn_OLUl5e3sZbgicHY5sXuiZ4oexF2RuXTZMHv3ocvTMWiHzjCGxytMCvQagx1Dh-2NfzWYCKxefllx8SlLYVS64rZQMHWrP3yFmMHYihJJhcHQEssMissWwLv0w7E6CBHT0N7x92A_NP3sZcHWPzyXxIEcgcmobxbcSHwB6oLp-GwEnJtuovDZgja9En2njwtNOLbGgTzkv8ya5L84aDj9JLYr-vxhUGn_2ghCrFTBrpxSjlN1g5ert-ZDSwW76Bsm9pYv70IpsTBHau9fkgTYVyFYxAfLxtVoUssmqvMeF43b1AIPM84cKoXqTFPZTKOErbaPwDlFpwrvzfPrwOxU5Ddvujg4-6O_vq58YqhrqtOvJDtYEFDMd5ETSlTzFZUBDOSJL7Da4DjlPPlL72yZJqsC0_oL5IyIJqo3-I4E8bOsbBf6Ay3GXcPqYOddzCTMX3u6MyNl48NXbutwkHK52axnjKWf05qKp7FthQmIEzSeegkbBTIBKHkq00McrTA7COooXGZEz0UJ6ya5Gh0gZPUhGIueOvLSJmm3VHsHrv7uuVe3MQcP8Dw_0Ph82eoOKyVMrykgtfkmd7rYmWhBhL4eYz6WA3XeGbpuxFN6mdSqFUBLBQKfJqUZJSlojgLdJBsVDkuIH3FooGywAAHJWiqLKxopYf1rS1jL0qD3N1kkro1DphKC66nQh_sE1wcGiAmDF6xw06vcWVSuaVFdIs1ycRT-r6h-ZAhAcvKDk78TGQb0R2YTZdi7lv-XKxhl6EkGsbgGaTP09_eg9HgF2fE4NtlNMT-JWugys4gyhHBVX0jSC7YelGRuXOtHgyvUQ9REXn5V7BYjlHPPBtA4fW-jl0c8mTlAVVUD9rqalCGtudDg80n3vYVKPYfmtCaUz4WdsOFBzoB86g2mdsosXIRo9Dpmin7GjueJAiBn74NP29uBxllurpyycdvvfQGELRMA4ynyVtR3movNvzZ8QATrfii3dLbn252zGI_9XJEPVe2hYhTecVyOpAUdrBFOgfAEjYcep-NiVAdE3Gd-HGFYZ7W1vDbCvBXAcJYcBCguNMyAGZI4QmjPyZVaG8hCenmCu6_iP8cLLiHB7lh8EGdEhHCzAPUQb6UPuAyr8HmwOw8ixvSd0w0QJz3H0Rwj6GYwnUhYKmMd_6p3wINex8ST7r1gbSsZwO61nyPtnZXAEV6cGs28HQ60GzY5-9ap8d-wXMV3PiKqOziggLqJMh4W47QtAm_QLxQnms4ILB5He_n6pXsLraRGWpbep1_c7SWx9odnelKCj4ytoaUn9xTGYtNAnvuUqZ9eGtG0FfyLRDnjBbh5joRsAKWAszFkFWTPnHN3VXUkEvVpPZIsrhMlK6JajICgk_n93QPybwXjVNLZYCm3PsmaEv4aDm5aIN4mJRoicFbMzu0p2OTLGdKGScQKQut_Y0Ka8MGY8dCOpBesl8WmxKFXpdW8F0Un3qL_AExHGSrcS2y9Ir2ruDvf-d3L7I61sr0aOxYerhegjxUDzi3n5Fwtpb3JV9dhjgZ-XgkdLhjBUA&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhealth.grid.id%2F&ds=l&xdt=1&iif=1&cor=18147356951416574000&adk=531095043&idt=261&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4003
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Fri, 28 Apr 2023 13:45:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 21EF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47677
accept-ranges
bytes
content-length
2358
expires
Sat, 29 Apr 2023 03:00:17 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=health.grid.id
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.grid.id
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame FAE6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 Apr 2023 13:45:40 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
impl_v95.js
www.googletagservices.com/dcm/ Frame 69F4 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
506074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 17:11:06 GMT
integrator.js
adservice.google.de/adsid/ Frame 0A3B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ads.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0A3B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ads.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0A3B 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3879938248148347&correlator=4042448705436841&eid=31074171%2C31074188&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=31800665%2CGrid.id%2Cosmjixie&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C320x100&ifi=1&adks=3579204481&sfv=1-0-40&prev_scp=Pos%3Dosmpassback&sc=1&cookie=ID%3D1a4810d8d15c6188-22dfdb3db2dd00dd%3AT%3D1682689537%3AS%3DALNI_MYURltY_TFZeYiXcT-MAj1U0KKY0Q&cdm=ads.grid.id&gpic=UID%3D00000bf1aa6867a1%3AT%3D1682689537%3ART%3D1682689537%3AS%3DALNI_MYunnmXmUPC4HTjOJYBd5KQ2dQAIg&abxe=1&dt=1682689540327&lmt=1663307405&dlt=1682689538905&idt=1336&adxs=8&adys=8&biw=-12245933&bih=-12245933&isw=320&ish=600&scr_x=-12245933&scr_y=-12245933&ucis=n9z8loqk51z0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fads.grid.id%2FOSM%2Fosm-desktop-grid.html&ref=https%3A%2F%2Fhealth.grid.id%2F&top=https%3A%2F%2Fhealth.grid.id%2F&frm=24&vis=1&psz=304x584&msz=304x0&fws=256&ohw=0&ea=0&ga_vid=1569870539.1682689534&ga_sid=1682689540&ga_hid=756383154&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
456a2c4bf0326f0bc407ade3ff759d2cce698028122cbef274da51e06062f078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9794
x-xss-protection
0
google-lineitem-id
6144825015
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138423982324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ads.grid.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A50C 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ebHtml5Banner.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ Frame CC52 		306 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079147273&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCfDOTAc5LZN68GqKR7_UPq4iiyAf6q6KVcOmpnrm5EfiFhZ4LEAEgytbjH2CV4pCCoAfIAQmpAsvnIKurbbI-qAMBqgSIAk_Q63EETf1Wf2rtEzRaDlAogLi-IMF4Ooda86WFUOTgtcedo6GK0sGYTz5OjadjQv_dSJWYz29qFgZNXS-AsmtyRUrybh4hocoiy25ZI_9r5hLy1K05NoDfjb0z9GUM2agWgLyWEa5GEekWshoustY27GGX1X7X5HKLle2SuTaK27u-EcsU0QP96xMgCyJwk0E0A7FgOeD4DwcKx6rTEqT3UzWlcb6Prii6O5DAqZSGiacW_cX9MH1PhWvetls6wR-bH30VrwWw0l4Uvg-Gr_0ZNs9_gEHxPHJMD29OLHQPCf26Z2NVN010D6zdS6s3reK9dNhYVG6kMT_wHU8k3pe_THvp-7VV_8AEnK-RvagE4AQDkAYBoAZNgAeL16yLA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE6ftlRPYEwrYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE%26sig%3DAOD64_2mbEy9ZNln7YpeR5GUxwzzvp1Ytw%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-BIZKDpbp7LS9BgdgD_mQLqfYOYfbm07Ig8GIqAGNkDZVtLUgEsiP31dmnuLzpB3rh5Lnz_PGl2Sl1-D40ay3OAL5P4zfQmGn8kVyidYgOFLRDeSqHZBwstC46GVGQoQycmSfT0cLwuukC6kSDKVQfC7rvfxwo7H8EsID5vJzU3NTdNcSw%26cry%3D1%26dbm_d%3DAKAmf-DxbzoFRELfH9dQdagUr9qafznHbooUq7YzOlMwX5OxEubKiTXETiHgaX-rTYkSr-lKeyz8_F9qIWBDcQFVwsXDoFelVc_I_rBobjE88RI1y766ndnsVSYGgeDlRWHEOjC2Xd5nbVAXwmR8dqK1ph00pHvP__YSAfgtc80vqgeg19u3O9BhCRTstQjh-OLa7wbIzq7TZC35KAHDbl40R8-5jH_obm2HkUYeESabFnXq0lkcIpdIPk14rQPL599kurAwobWG5WboZH_THvK78YN0AkDBGTGIv3-c7Hrg1y10mLWrqSyFtRZHSNC3L7rTZsbDBXtDZ-e3yq8riwddPr4h9gfc4CdjT9XnXMx-LtSauz5LqgoU6iRawK2AnUNiAQ25ZRAnso9veKTgGv2JVk6XVp8fV6W2ik7u4gPLLrnJmZ-eFpzvyaEKw_Hv2jdx8NjXbcvYeJrSasXNtzEiVuYe2CUvRe66_s7SpkGVufh0ioKM_J2A7lk0BIgP4-xkts38wm-VAFMKcstfDDYLzW7syQWVH2DgbfKZhdI9iriZtwkhk6Qx3jDv0O4sCay5dPlkGTROMDFi1z9SjnlEOtPVvLfnuUNsLLZh0mnQh0jTakoXe-U6PcUNbQHu9slyT-2aRJNI6gEMipwlbvrPlLNCje2n2DLb3l5seot-l-vBqkXyp_rSj8mLMCTazl3p6sDwf5O4%26adurl%3D&e=0&ord=1682689537433758&ifrm=-1&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7dd6d65899ac0ff6050221cd39ab804bc4862a6b70428fb93f2916b66c995a93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
x-amz-request-id
B0T3P8Y50V27ETW9
x-amz-cf-pop
EWR52-C1
x-amz-server-side-encryption
AES256
content-length
84211
x-amz-id-2
eJ1M6Ve/AWWIyLaUd/YSzvkboIWVj3ZHYZdE/y6ll7df72D4y3BvR8EANUXbg0B4j1TZbrOEXyU=
last-modified
Fri, 03 Mar 2023 16:06:17 GMT
server
AmazonS3
etag
"e8b8db8f8568f3b4208636a7ad0fda05"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2410971
accept-ranges
bytes
x-amz-cf-id
xH_XHTowjwLwqtpokNdCefWWB1HiMWVj40-NVx5ChdVKQAbAg_2V2w==
truncated
/ Frame CC52 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1874f5a1f165d0a588d8a3edecf3eb281e4530e4db0503e783780b734cf02dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 2292 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2269
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8FBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGebx-JzqH5bdRdfYLtdsHH6tDaf8twjSYdq7h0x_2t8Kz6dDyHkdbTPadMtvjNW_EEfNYE_As55u4kTS2glRnsjg_ah21r8lN6at_6ScCi1yoLcJs3KYfQ_AEMhZItYh7V0c0_G4ygNmaWKdcQiqmWa_yeFFZBtsDNMfyyoW-LM64lnVJnn2TTO24qGDpW1zG39tN61oc2JSkvrhYM54DhI8A7lGmEOquW_rL9A9dCeBYgYu08UOA-dS3pGN_nI7_2oH5NHDgqY1N4VNagxxblP6DO81PZkPtuj1m5NBIhPaVu2JPbm96ghCoFGy04uvzD3C3c1jO6CkFS2HY55aLB4-1ibDc_gPSN7dWO0kL8aypAzNFVhhwnv5ppVkotNDQf9Tc9PwaGmwsleIuszYEP3B3QXDf_xFnbFqRzllp_V6qTv6a49MjtCOlqFemRhTB0TzG_S2hDGYhlKrQykbnAc9DqvKonnRMW7XulfFYfWuY5zFbcC89o9iCri4eT6aUHKbXakPGSmM-R2uWx_ABOzzKUghT1aEXj28wAW7aLv1G_8e2BXBxS-ooZrOKY8ZII71z01f2m53g6akFq29GvOc9vUTLRRRgGvLfRsuzDPcPzKHLi0hO_JqQFWyk05Mdyx4jTaf4iuDrRJs7GD66yr-k2Tm-1ClyXD5uNZm5HDUZBvsrjoWYRaUDNzMnBQQRpZg6BKP63DE-stshRQlyVEJt1H3T06bbpFV-_vSf-80h5VC_dXR7EWicckmCcueUbC-jqNu0qlO9pMTPeJPsSFdWgpysaSX8f0OUY0Nr3Q1cxSb1WgSfucU9WVuXLUdgMFmBbvoswqr0eRTXF4qY1bIGOvX647Hl_OOQVEbgHD0VXQ_4RISqUN36SAYLZAGdROVmSDkn0ZwvA1ZfDwOiFfs4QtbxXCYElW7VfbBGsiGsvCjdDizVcF347VtVNC4w9XxpfVHv3w_uZ4ClAkO2fYrsboF-UpoaYCWQ-b0rlRYYGftSnfy6vC_i1eJ6wNUT9NvSKpzUm9uz5Il1mXHJpw1p8M5Fdi88fgpdTrxFw9RIoKPyIOZ5H_ABj8g0bwjnvdCBCXFUZVHM0QuqTrhdEJjmL9uwQgoTpPtkI1vUJWK_w19L510V_JtJ3DItN0rSI_24Yy0XqgXQot9clhvEc25YI3pV9jloDFG0yxW_EgqLCEuYG2gq_fN07WXJSSKRfD-xV7Y-qfSKYSZJx7t56hvQZZQKL3OCblUuFmjnA0iupZo-NKAnDeEzmJI7Lwqjo4ONgAyioRJCKUowT72nvbdLqnYDJw&sai=AMfl-YRhP-N6HSAoZr4xn0g6dG-eXtO5_b4qmHcDGvZCFEjD6KU0KwCh_C07CxR4O-hGl47wHCxk3xxp6PevBNX7lQuAIqNG82kykXZb3ODJxmc7ufICWR_-Y5DN2bmdOYvBNJWxORCL3JBmkU3Bu4oDfkZwDwyUd6YkAxhVMGkfl9taEv-YCywrCQzg_qu0KM9H4vXcHB4ddzy1pONLtOVJfLb_Nrng3OUErdo6M4Dqp-VAT7TSxc7l12qZHNEjV76MeqDkgJy2Dru28g&sig=Cg0ArKJSzH4GG5IC17tyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=463&cbvp=1&cstd=456&cisv=r20230426.49017&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame FD84 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A864 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssb6vPOM0NLhrwgHV_oIGkjarsl2EpvNS2ra-xqVm6w4RrgbzmIZD9c-hcVmJAr73Ef7lVJfqCo92ulMzyr5ybuvrnkY7w0NG8X5ao6CChRicGWzH3lYWFRNPGYLDSd8ZSnOhjdVYej9V3pomWjmoZFwFB91aoZCs2TML3aRstmnxvKyDAV4yHn_TjALLK_N2L_s1LVJC2Jnpj_GkNX4SmSfgsYFDDiNdbFLD4Mc_COTPt7icdcYvdIyHqUfTHVMkmMVis3ijA6N0_VJWOe-bOCunrfJHj75mU1LdvtTDsMju6nFhkRpbzsTop2pyn7f_iWFDP_QWZFl1wPw0jcNyM_5xL80KEw0uYoAVWtAiIuZ4gYumY4aKFCh6BqbbRIBUgKKxgfHUENEs449eULZMujk28Pshv2_4buzIzkMLEC8yXZ5aLFjRE5G_ESAJmJLXvSWKJGjnz0KsZrUxjt5YVdvuYP2JWTrHLOntBr9SLGVYnMFwY0C-sUfcTt5m1tSIdaGu0u9OjpsW4WKwQX3qoNBc_jtPnhhSPZokw-LL60CByxTVNEqQ2V6NZBvXv-QDPLeKJtswjLo96Jgv5PQ7KwkRTK2iGVxPa7rX0OsBjX_YvqA3jv4hqc_j6s3OCUvDOZpYoBwBGFf4Ts2mljlM2IhpcpVJpeQvc-V86v0yTwu2Nv0nBCZ-JzzW0W7Fs_7jyf2D5IUX2no-qSb5asbMeuxbx-TQUZCoUk_DpzVAb0JrujCF_gaWEN0-ulCHEvYp0_Ig3V-PazKfUjq_gIVoKruCPUtMxPjIK8YjaOcNbLxhdu6DTolVw182dsuGJwDPVQaXi9WLn8G2sVZPuu_N5iUXNhAIKYJfElS0h5RXEnbV__QBocE3RMR1jtZCaAOxGQbga6oXO4L50uNErgaGQKQf-ymtnkGvhFSudBpg3Thyr8quvyRUBdDcsZGvQGQL7b3IIK0Ynfw4QGqFvRNbI-gSPPtHP_CfmUREq4rzYpW5yNW_iVxShVpUuC97VB2Rs4fyfUB8niRYz0WK9ceXla2qb_DqoiQm3c5vXi6JwSQC80QlXMP1B98IaE6uzX4JIF9Pfh6N_spY9Qz_R4a7l02e086JoLETtcgLsL-Q8MnHD5LAOmhTI6JIaijiHisDQERoIabS1F0xgddgq3E8un9FxjwIBXOiUnU4eDWtinFs6YM8Q9SeJkXc4BRIjf4HvEp2J2U2mQ26WjvbXs69PzWklfbB_r4iU7QpvSthVhoksCfNTtf4o6ddMjIgpMC5P5OAqXAoV9&sai=AMfl-YSaezqgIaNe4pnDxpuruqCL8XKURv5JC2zGqV7YkXXInCryI9hjnwWzw8Ij3gmEK-bWpN6T4FcwW6QvMrnpM0VwKohrs1hoRhpqk-zACdrfl3ms_wTOYILk_L0KVlzR5i-4U1bbk9fXoYGeTz2XvsK46mQadd5TSw9B8iZPHT0VmRfMWoT9_4lJWsSYmLxHpjid95waD9VZMSx45RKBcTwxLcv5oI99OGfkc3UwJPaxdENFK9vizDVoZuGa_O4TTMwy18ABIMGk6w&sig=Cg0ArKJSzGLQbdn96ObXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=439&cbvp=1&cstd=418&cisv=r20230426.60191&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
index.html
s0.2mdn.net/sadbundle/14392016886954669725/ Frame F099 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52fcf9ab6d40dae8ccdb14001de9f88166f017e719830277e869cbb73baf400f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2272
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6E0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR0FTlJ9GNkY0IYORbdM0q86OKNDEpuCNz2yWkJXSKcuC0xEHMk4Zx6y-oIeNKeryhguMVEHEbctdxlTieI4xE5h4iofLNh4KkKdODEZzdKLV21ZA70ns5kKXrdIuRjKAm-HSSG9kvA4oASC1_luEbUHc-kS1NiXS53C4Bu7RnXMH-DEwvNbeL9TgWpOYSkNykwhIMZLdxuRCU4silHA6JcgwtWyYz5xI0VGOJGI_z27q-DHzf2RFouIWhx_bZ1Ig7iNcWSXAz6N-HwwTUzVNmf3ZoU1JKJ5DMbSD6wEILmU8BQxzVN4TpcTeI699-mTC_1hIGjiF3AsP39khmNfGQRqsDukWbyE9F6YHOPbFTq2jUt9B8HLMYli1JdXhtm-x0uASWgV9Atn69EzV8haWuen87VtLsc8desRTkLAvqK1h5Lv7wM7m0j9e0x78sUjW12NRYfu2utCTP_OW6rJQhIZabJAs_RVt3r2vVjb9Jzup8i8OnnSpCglBS8TXTZSFkT3dYYq0HNDqnqp_UJfjImEziHrYuPLlzJDhuoANpQs-Xf_2WnRX1x3XQoAy7ZGGpv0aoPvejRKGOEPoP5mvcRiqRG-iDpij10608Qr48eYScnBi5lP3Lls1IP-DZYks55gRm3ao17BBGJ6Kt_lu9WijNcW3s3DNQ5visXjKLN3vv2k4LlXcseHyVyfbB5JBdG-ngSdscH3R7CNoBRPM74SgmWuxrFY4UHN4uKz_E-MlS7NiymXJAB3hMiHHz0tgEPRbu7r_RWqeaiNkeuG35VYTdiVn9y6mLy84yFH1aJrFvqeT4v6qlCqKyBD0drVnR2YYZeFF27vsHM49Lac7iQoWj245QQi6I1qc_T5UMSRnnOGMFKlYkfgP56CYpL58REnthb1kNB7co602AfiapWMr0rcho2EfFczLfzAh9uJksh-2AIzOOq7KEwkMFgcYyCyX55A0ETdKFnVNKfOP30q8RoUAEO80I8FB6Glx9JRJEayOiEo1vxBhbcwjP_h9oFpGvGvX33nK3uSfp9CkkJ4iWOWfVzhHdbeVCyhM0xNUXAs_DvL_aUmiJ1rqU6tzFt7hQrA_Ohtw9Be4CAv2YIcXMyTqgnGEk-feHqrOqRccxAjSAl11BoFqC96VhP1w4zHm8Ejfsac-E1_gtELz2jbnzWyS4QKxQPVGElzpxUsiZFORsSei2qJ41gHGgSH0fzjChZeOe7HnRYZ5e8SoHHrSQEQmlobJSROloK7dcsKEfaEu8pfe_tforfg49xqQww1yz60C00Clb13jK76xTbeK8Sw3PnkM&sai=AMfl-YRYPBjPt7OC2wHu2G1yd2NZZPQ5so9hMBmvLm7uXve9xeupphOI-JfByQnkYwOwhRktVXzhmPOTpbe8bkUNVYhBfkWHdtTpi9JQu9djXHfklMPQgRNj66uiPoV4k4um5o5TBOPQ45ugv7uF0_IS3X5P_dx438PlcMDZd-iy6BEW_2y_fau2gSk3FtlmMl4aM-34zAWks7K7gKrffqLAwT1xbPSV88j6xAwszl4L_jQa77lifWezMbWRpLm-xAz5uo-j4ym0jbj9Pw&sig=Cg0ArKJSzIiD0tRcIlbDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=430&cbvp=1&cstd=425&cisv=r20230426.98685&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
index.html
s0.2mdn.net/sadbundle/14392016886954669725/ Frame BB1D 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52fcf9ab6d40dae8ccdb14001de9f88166f017e719830277e869cbb73baf400f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2272
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3D01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFxFKRzLEv6D0R7wIxlyilBmBfRmjuQJcWSiMasDI5THVXut4786agrAwonRbNx73rwedEvbV_bUpq4hcDta6bNFL3jiXzRkgKkYIg-vkgkj0im9fjmX5g2osULqW_fVfHksWrEbqrtwiPNf4oZFSt4_ieu1G43cf0KCNj0nNDI5biWh_jmdtyq0FwDnnL0kSuoMJ-L355qFsDHVZkwQgNH1cjIWALQE6MOuJTAJ1D0aHIfJAPMY_Hk9ZwdTQX4HhGCqAhmGFvHcn2ljH_3aizTAztTtTKoWegtEj-jZJTwHZyOFJGujsCZIYy10eVvxC1cl3fkZkngVHbJPKiGbsMM6CI-qDO9t-Tc2UvYRgvYx8jJzIchwyb_BdGxmpaEbmhqJOPsrEgoBDdp2p8jZxrYNTwDto-em8IvGngD8WhhYTBa4kKeeP_50NwAo7GqrTcGsCduLugr08wb-frsRHJD1DsHsW2750c_qr3uqchEp4mMFXHfcY4b1-t44QHHQiT78M0kwYQrtcls9NJKbMKKS6j97uLXtV3WPVfWL-g9LMW72uD0VgUwGA4CWzM7Aip-lZ-jIupJ6bmKbZVKMbs6bslxY6D6uiyUO2TF9oHldXRU_Gz3ZRb9ARuRvci-3qJE5CaQYhWAAAvhHc0pSz-7BYB8tfmiRYCT3PC7DOYMld0bZPXaEB4S0Qr3zZgGvtZO3fhcWelme2baZQG6MHoSeEseVLhIxVeVRWn-sJwzlBt581_mzyTnUSCfS4rHrNP7uQ1KGLwFGqL-NDn6RBqe1ogIVJdq-twGdIxs5JRqIjHAkUsLfDp95WJaXasjnhpjd5GvfQ45qpl-nuJkwpFzjkbglCE0IM5SDkQZtI13iosatERgXAxVZ9R-r2Pq4AC7XqQmfuzeZEM7JNvjtjd-eRjuRvlRiLqgmWcTfvGNXU0enpzPlOog8Z9I3l-Q-JlXrfR0Rr3VnjiJVVR2Pa4_md4BdQymlTW29L4rC2jLuTXmGktQhP_IcQuBBaOlW3aKpQpmvtbfl_o8g9yzIll9yvwFkJ-MQ-zmXabas0IiZGjaGwPSvb9hFphopHF7r1mS1mpzD-yJePPVc2hipsQXzuK7C1DMyUVIqS85dkbE_A75RUaWqtVMIaav8GWk6JZqENRHZHKoNEEUdHHljTbIx14r47jom90a7wzSqA4395SMdqL1_RXT4HduC4enswsq_raYf_4h1WcO70mGx49v5TdlChdVnkYoxOJqBkI7GMPFEpAoT6KPsRJojmiF3fHuIXKlr7b7hXgcFwzDLzyk5MnSKH99XE&sai=AMfl-YQt0PtXyk4-oAKnxTmLKnra7zhvOlI6eZ7UtGA-heTrJqqj_XIvmAQFhqI39GTv7EpY2uA_zjDMw5g6zsp3gyjTDg67_ER1385K_F33APlIWotL6UoaQO88fO_lPZsD6pJq6moQu5B2uD_ssOoGN8czYWoPu4aXKu4hgelqN59DxrsyuCIvuqqYE4zdXNvAw8oSHu2-CJ8aMY5zPhjzHFjTHsOTSlKl3uQRK0oNEJlAPVE3lCTd1sY-4-JNOYb9OoC-Uw8MWpwTbg&sig=Cg0ArKJSzDJOwovItxqcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=421&cbvp=1&cstd=411&cisv=r20230426.87337&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
/
stats.mainroll.com/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689540266&pp=pubmatic&ev=xpf&id=vcbl_grid_outstream_desktop_always_float&et=LineItem&cid=0&pid=vcbl_grid_always_float&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&hn=health.grid.id&sn=13
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
0lNnIv2qurmGaJ2UPUxpee7mJWRp42rTooTh1mQxtrovgsgFL2Hnug==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689540267&pp=pubmatic&ev=xit&id=y59ExBJ7Hjg3&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_desktop_always_float&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=0&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=undefined&hn=health.grid.id&sn=14
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
y7y2p-_9btZRjNz1RWcoJnDm3reYnQvwScmCTM9xRggkA1RAZJ77DA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689540268&pp=pubmatic&ev=xpf&id=y59ExBJ7Hjg3&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607641%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D0%26gdpr_consent%3D%26js%3D1%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_desktop_always_float&vastid=%5Bunknown%5D&hn=health.grid.id&sn=15
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
YGnd3U0dN4CpjnGTVPG6gtZ0sf122d_sB1_IVQpO1FgOiqRAy1cfwA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22jTR5KmA4Hx7w%22%2C%22%3C%2d%22%5D&ts=%5B1682689540279%2C1682689540285%5D&pp=%5B%22pubmatic%22%2C%22%3C%2d%22%5D&ev=%5B%22xit%22%2C%22xls%22%5D&id=%5B%22vcbl_grid_outstream_mobile_always_float%22%2C%22%3C%2d%22%5D&et=%5B%22LineItem%22%2C%22%3C%2d%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%5D&pid=%5B%22vcbl_grid_always_float%22%2C%22%3C%2d%22%5D&pet=%5B%22~~02~~Unit%22%2C%22%3C%2d%22%5D&at=%5B%22generic%22%2C%22%3C%2d%22%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%5D&ar=%5B%22https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D%5Bplayerheight%5D%26vw%3D%5Bplayerwidth%5D%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3D%5Burl%5D%22%2C%22https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan%22%5D&hn=%5B%22health.grid.id%22%2C%22%3C%2d%22%5D&sn=%5B16%2C17%5D&sdk=%5Bnull%2C%22GOOGLE_IMA%22%5D
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
mZV-EdkXTD09rJkX_C7CyB5L4h3pV_W6imLRzyu2xuqdT5Ygn9Bpkg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
160x600.html
s0.2mdn.net/sadbundle/5793540040533475328/ Frame 807F 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38cd707764af5e7610feaee1542d30cfd86a74d0eee75df12aaf6b1d0ded65e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Wed, 15 Feb 2023 15:29:42 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEr1ZQI-DNCONhJUsMb0tN8MswaF2GKmEQdY20VQVHf2kL6mNc1rRYtC3mrPtIqm-MJQOn9gxDZH9jo1vggIBrUD0uHCMjnlkNT3hPwXtTCue4Tyv_BHsjQZF7W17Nu12fnVdxHbR4Ge-cuh5AVijlqMfuTNVU884MnQALpbcyy2mzatZ5e_zIDS2guH9f0g0v5kH-QXMO0MEJLD_UsG2WKN6bebo62C5SQBE-sVmQQxKmQfaCXs0XsAY5qNXMHewsj1hgTguwUeczaHteHTaZPK0gGUlZL3T3bzMcI_t_oArBGrWYABQUJNV90dDkCsOg-tI1ZDA2kElo7j3I3AOOmo1A8Nhrj550DkrLD30VsMwMnq0319E8usX5Jy7UCN7erGbP8fRwG2A4DDP-C4RJykBCmQ7UyYbWrwX9n4q-UNXFxuTo4A1BpKN7jY98nlPYFsuXUXGX-dhCPlp-Njh9Wc3bH4Xx9RvE71Rzpa8UrZT8wZ5DXEqvLEVzJZ70WgvLvSrp87H9i-R1iMH6WJ71g2NHCQXjkTQycbxhmEzBX1-9Ui-gjwKkgyTmZ5-aISOC8pG1t4p0JQajLisPqG1UH5vcYL6AgNLf76lscWC3CBy4Q3CXiktTdZCxL0BdyPTEO-2eWwAsM9qvTa8jqUA4Gm5OlHrfVaMVNCwQ_g2A6qeWWUZ2BxqQrD2vsE4atcPHFDDfdfV6Xt4yN-2vJd3xWTjXw3lArXN78rM2I7wrsPqd_YbKNxqqpap7Yw2_ZduarR3bpSI0_15AqgkxbeFcMNLRO3DzpWLV3lnVw6Eem6zr5QXk_E3VohZVtVK70S9bUbTi9AybFvRk8YWu3eSeWtHuPhAvyY7NG6zeIJlSE42Q9RppWWUF6K6qJYJ-EHCU04Q6ZDjChIaLcVWGIuEa1dV3jZIWhwu1sxF4c8XCtoDv5Hc907_O7-JMv39srnPXuMDhRelORRl08j8-JaBPO9ghzWjmlJwGNfu4msSq_spDx6GC0gZxQAi1b-c-5hwm-XkYx5ipK03Yk9xw3bfIiy7LdQHOCRJXaNiX34XO_MgQ_UpYNHomDQraKupcA07vCAONHCs9NCW43xRsA21ktKdk-UZwSuXVYmoxfzE2FFzoQtD1cYDEJkrnhcngSoIRe3e7cJ7v8aiY-HsqNO9G4oUHL9V7tGPTllFt9E_Lyb6NmBQR7l9pWIeIg8gqQa-ID_xxh94mDdH-LRzGj8ibLl9Q9rg1Q0h7rVKA9OJ8YzFVySrStVyRZmjCKqhy7POpr7JRm0Be&sai=AMfl-YS2tv8eMm62GsZj-HNRKynUtgrZrPl0KfXvom3K_8YcLewapPSlsgBJONRNE9NP18uUz5_wlgZyggRaDBM-VD855iNlrZigL84rPRUk0rfBNaiDlAI6tsg4cbMXBi_jJDVezdvBAaPOCIZ4I0y9q_m-espnRL9_V3rWpSkE5znc7JXDL_PJDUeui21rQ3NToXaKa-eXxLc0jl2AcqJCKYrR81E5RfkqLQz8VyYSOTlLRCAmE7wMH3u3oabpJ3WP7MlokLfXskNZQQ&sig=Cg0ArKJSzN4wzkU8k_DvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=432&cbvp=1&cstd=425&cisv=r20230426.40196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8FBF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame 8FBF 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0824c87c3bcbc6399ee910c02abb4eb88ba103f4395b1826d7830817a051a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 823D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A864 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame A864 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ef5fcc8b290d6df2168b3d2d07d27350735f27ce1706422e6b6cd50fa35f107

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D01 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame 3D01 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c56b20dc5743791bdcf704fce8e445e3565a3e0795436290b4c361af1faca48b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6E0D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame 6E0D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41db42a288c3babc3a6508928fbc02e1fb16ada9422273149b27995889c9073f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BA1E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6050 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame 6050 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
966e35af09560f03c1ecc53c980006942d479d970ce19b5535e1b68c8114cb64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
300x250.html
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 3A4B 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Wed, 15 Feb 2023 15:30:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1D02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslKpMq0CrOFNezn0iFAhHXsSwiC1n6R6jnpeJrh57qmejsIdtlEMejjKqXmW50zgY8rmbJT5P85KI365T8Kv-dqU6VEhvzrG5mQCiC42GMY3Yy_HCr5XUxVCUABh4XSCtuvKEIBZFNaD9wOcPTT0A94bsehfzy1mbT7GlcVrqlO3wLuSbonooO7-IpfguTmzoY4Ms36LTwcE-uWaiqI5RBvib-75x-k7tNkhf2Bxh6Cn0UNzZ5Ag3t1epHsKwGirclrPmeXq5gQGA4ZAnb-jPPD3YfqC2EuwWDYf3dtYMWiHYqp7zQT5t8XS7OpQfTbl5VzYMo9KkpmKO8TkAvQISYaxkBLnL-I6k534bfZhBVhHyi57dhwxmdkFfvxlc43NkC16AX3QUoksVwG2JbtVC3UKPTYDb0nUnspbxlbPRjokbh9NUSZIHctEq7PyeLumshEViPbqOWZ9Xls6CjGLeYOMxEvllJnD4RH8X0NvCWV15LJPoq72RPBfdcITTviaxVWlLswDwCapQlBwKMNv6QJanxgcXjDGxlxT-IW8GermmqKi2sv1PK27ie8znJVjk8wwWY_oCFwwZujX9MxuTgF6EL_SG2L9O8hoEllEmVKcODlda5QECZTAOIXe8VWX_nJjCrguMn6nYtrppfHc8HkQ_1mdNUgb6VzJdHmp6xOttExziwZ89gt0u3fT1RMREsy12b1FzV1PurkHhFfZOIIjhX1LRtBKptiJZy9-zNGdKj4alTPISgrU_U7or7_uV1dvYTh7mV178Tw9A1Mo09XqSZzF4iBu-DRI4z4Wh97J4tXFkzLjqGrMdpgS9ymlPe6PfK_RkZYSix3gXH-FptHuVRCLvOvOHI_QLvib1MgwZ0o7zx74MXVMNXSoMAGFt5l5f6n5NSjCUNcMfEH-6vqvrzWzBHOidYMcAeBZhsmAX-uf0kHCUnkVGnVmzHRm2B0vq91uqr6m6eXeEkZxScvUJWeOroP2Frk0b_TwjZYUA2Knvpafx4I5x6EtfqLZDmT3AqFkU4aZljDtcEHFpOsq8es6zvMirdshYeNjU7qQNBEF1S7yjKrLHIE8ZrTpA51ISXcq7DpsNPLWrDd2II_7Z-raBlBNjEzIRVYEyqmZrWbIXjTQayf6CDmEfSjZ0LZiIJmpCtN-iPC4iJ3reLNw-hcqCgmCXFYph8PaMfN9FJEO5Glj0VrCZkGP_K_j9KZirJtEhQXRSEBWyhLl0Y5cnWddIaI55sF9ywb5xsV2_BvublAGFsVlO2wOYe_MvMYIktuQh4r_u91WU&sai=AMfl-YR_TKe5TB7KHzWWf1vfpZhTLCMCqMAnAn41lngNkYFiZAdvnoQk13fR-fJzzRUw90VWqytv2Ze9WY9-dIsYxRJLWn3zpK9J9Guc6SGak-ENdT5bGbf0BJeQ5vHDQr0HiiZbNITvVESOkgBsl2mobYM4lx-Iy7yMHTekEW7A92yyhCPNb5MTrtEtSpb8Nq0BypJpxUJ7pDBixxnF7WoxgHSwFjZCFjz6g4VsHdHFs8L58f2iIpOgB1D79-pwaSC47TDoJXQTL8eI-Q&sig=Cg0ArKJSzMqZnNZKkEhYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=645&cbvp=1&cstd=641&cisv=r20230426.36748&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame D82F 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:40 GMT
expires
Sat, 27 Apr 2024 13:45:40 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 58E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmP0S7xdxInFUYKocTrqsWJMv4TmEGTPf22rfkMQoyZoF-uqvNgE1kSVcb41ZGLeK5f0Nviye71_Rx5CzCD1xyEXOxjkRrea-kNgNTFCW0mP2D2XkJk1KvTIaavTZpO9_Ot9gKNB1ZrSMo2W7VfrZ0SEIM8PgVOm_YXndRwDYJGS0GteL6WhhShRGkAVDor-wQfjT0nLcP0x2rdr080pR0tmyJoa5fDM9rtUv9HEzb_PjtFeJsUswZfKGMHG1OE1mhSGT2CL_ylNZFyor_ANgBV18cHbFJAFXarh0tmQK0WUzbq0wqSJHH7TmNFc_k6HN3oCdDFGcAmi3v4rYH_EpXHnZquKuU4CxVOkrOXgXO4S5UBWg-eQcDyvCVA5Lz280x4XK7EhAAuBUSv_yGbn-vPlf_RLJkMLjtWtPhmFc1ZNUM2868Wyoiny09962TWf-W7FZBUEiWVH8uCv71xW1tPG4GMwtMjGePdEvAvPtaXUqbfoIjDHkCXB6SgxYfuPuiP9a1JZcMDPEnkG2_euQrY-rkC9P_EcN8qr4AxShNDZidunB3bJBUBf5wy36pAvNNSgXUDPHvbUbu8_OeCThOdSQi-dgwWQxjsWJ7wv7LGzBzVnRWgJB3ixUHUkwFLaryNknOycdyom1xygfBF4ZJHNnFs747-YKfs9526uvAxP9TTQyfViOWH5rumobr8FFOA7N069XdJCB6_mbdBbzYRiCRnULCE-3qgLL4Qa5PkoxG3GMhp7va0_UIIy0agKGjlVvhh06ySq-bf9d_5R42JB2V_rMNgygI5M0EpZmIMj1Kg3q9KjcJkSpGrtnp7U6mHeKEKyC30E9Lfu-17r7WBE-KKoDVo7Lrp_1XobGJs9JYMljJ0-qZkZ2oElWo72C6fDrV-mmpkjUx9OUhC5hmR-veQ7MW3Yz_hn6omChNdpvPhSFpnJTvB_u1lJce4vr4ISZ6DoVeeaey3yGBGPhudLAbrFLjJuV4FE2MYXs2jQIZOVl8FQZf8pO2g894jc_S7SdakcDPBTUgXzuzp9QiTzXlovzSlJa-eNGDLSlBwIAexQQTtwlHj8jdWmWT8BW96VRZOJ2r00v4qrAEOBAE-5gLo8axKsEA7wVletlOR-2gJecFgJZfR9wdtVhLGo9cFFLY8eG1MNiIPJKbMeXTH3O37Pwnkg7zTVg5H4dmaixiEY42OyQPLrKfznTOgvGVj4ZrdiI1zxkfrBVbOxNKV5h6S2cfFJN-VLiCq3UhUFeCQmFkttGjT69pkRT_Tkx5mGvmmS-D&sai=AMfl-YSNXyX2wgm2Ohh4MgD3X9_8AcAOa6zRkYZWiXh_1301Zmrk7IofjkJnHV-u0O-JnxSeD3bAmrHb3AZOMJN1XY-UgzEyYCY_XvzA4XcZYoAzpQjG2IN_vjmA9NUUWZwCKFBPJx1Pu8zEBPqq3iTEH3q3DGzmWuUtnhr0-RohnywL-PwTl5Bw3IybrTCZN00Gzs5PQQfnQzvUSZRemjXpz4lgukT4oRCijG-OF7CxEbdybJ_YdX2y1783kJmbFI1YhaOBs0XPETIX2A&sig=Cg0ArKJSzLgqf4WToLFJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=581&cbvp=1&cstd=572&cisv=r20230426.24397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Apr 2023 13:45:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:40 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9087829175746998613&gdpr=&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1964985283929887858
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 28 Apr 2023 13:45:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pd
u.openx.net/w/1.0/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
indexexchange
sync.adotmob.com/cookie/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450353&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRAT...
0
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2CFE 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae63ac1e1efeb0aff984795cbb48aef235c77158cf3e6a120f99e1d9e83b03bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
778
expires
Fri, 28 Apr 2023 13:45:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1D02 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame 1D02 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6040019a0efaa88de24b8c8c6fe247c26418220aac4d51779a004fde113b334

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_247.js
s0.2mdn.net/879366/ Frame FD84 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FD84 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:45:40 GMT
1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 2292 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2325
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 20:01:36 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 2292 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
1676550659977.js
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 2292 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Apr 2024 13:45:41 GMT
1676550659977.css
s0.2mdn.net/sadbundle/14392016886954669725/ Frame F099 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7ffa6fea5799287955bbccb8247344d1b93a2e2becfc2c7ccd92b44b9279bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2295
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 15:42:38 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F099 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
1676550659977.js
s0.2mdn.net/sadbundle/14392016886954669725/ Frame F099 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 17:30:35 GMT
1676550659977.css
s0.2mdn.net/sadbundle/14392016886954669725/ Frame BB1D 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7ffa6fea5799287955bbccb8247344d1b93a2e2becfc2c7ccd92b44b9279bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2295
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 15:42:38 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame BB1D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
1676550659977.js
s0.2mdn.net/sadbundle/14392016886954669725/ Frame BB1D 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 17:30:35 GMT
usync.js
eus.rubiconproject.com/ Frame FAE6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bbd0411a1b54dd09c393f94faa87501541c559767ea17d891e40bdcfdecc30dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Apr 2023 08:33:21 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67619
Connection
keep-alive
Content-Length
10019
Expires
Sat, 29 Apr 2023 08:32:40 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 807F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 807F 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:45:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7AA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucxGNtl6-wv0IAkLyOsa9MovDVasxw1iREzOfhEjI5rgNVHk-_si_SedMSGwcW0AQOzCix2vXss3HJ8oUfKM9iKx1aQY7c7CtTL-wM0KLrkHa6yNyQDc72WPZqmL_JgTpTWWYxZ0o-4-dXcsF9DutJadEmduqFeKhnRLCF5nDngR6y42ETagEq_ivm66n0UH7LksPDngDMA2a54iHoVxV-aOsiQIpZBUkvu23700DoK8yHRYaHMi6RD2VKpa-swto4C6RuXAG8qKHMpTGZvNB2-xDBaSPW3Gw5RGm-vJu0sqXYNBUkA8vKntms2Zpdalg&sai=AMfl-YSp7YSrDs4p8BR5eJaqjAubgNoU3Rn3Dus5g4gk4jLXRfRDiHVQbA4zxHvP--C7cR4SsYhXAk-Kywof2u6_qm7tjeagGvCu8YWfmXlp2KnUb296n7XmwogxO6nNQQ&sig=Cg0ArKJSzIJNTz8bwXnHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grid.id.1376263.js
jsc.mgid.com/g/r/ Frame 7AA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/r/grid.id.1376263.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89d6e94fc104f94c1c5ed0655ab04b5e21b566209a4c34015f568240d9583c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-amz-version-id
XtOJbZ0ta.9_btTA271E7Rbjo2TxZq.g
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
F419PSTFK09NGJYT
cf-polished
origSize=2676
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VCuIpnJuBDssqXs4Os6bgw4BLJGYcLDcg6hXzydvG3Iw8UxfCY6GPCg315UWLr0X+xbpx/4aQAo=
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 07:43:04 GMT
server
cloudflare
etag
W/"c0b6ab3321a4e4f5c02b14979685aff9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7befbf402e7d2ba6-FRA
expires
Fri, 28 Apr 2023 16:45:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7AA7 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:41 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3A4B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A4B 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:45:41 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame D82F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 08:32:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D82F 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:45:41 GMT
csi
csi.gstatic.com/ Frame 2CFE 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lh0lwkol&c=6489463083261&slotId=3244731541630.5&fb=ima_html5-lima&sdkv=h.3.569.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=10&aab=1&itv=1&met.4=err.lh0lwmr1&aec=901
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4010:c0b::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 58E0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
truncated
/ Frame 58E0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbd1d77621bf718d97f2c105042ac0bd5a5459db349ee8b7695d0b636c761caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
B29714943.365439382;dc_ver=95.280;sz=300x600;u_sd=1;dc_adk=3944675604;ord=5sou88;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCaHWIAc5LZNy8GqKR7_UPq4iiyAe6p5mjcIK0_-a...
ad.doubleclick.net/ddm/adj/N8734.285985MEDIAIQ/ Frame 69F4 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N8734.285985MEDIAIQ/B29714943.365439382;dc_ver=95.280;sz=300x600;u_sd=1;dc_adk=3944675604;ord=5sou88;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCaHWIAc5LZNy8GqKR7_UPq4iiyAe6p5mjcIK0_-a3Eauq9f0IEAEgytbjH2CV4pCCoAegAYeriJkDyAEJqQLL5yCrq22yPqgDAaoEhwJP0EvKgHJyiZMFrUSgmnuOv0clu0WHvDg0aEC2glcAMDiaG84cjJfexOoLmj6JmS93VOS5XI6LNUo9YM6AFuPvaxf_el-lLPtKJNXh5uXNarXNoTqst1un3l3mqJsj4P3iHn0s8oWb0mocz_I6-8XnTo6vRmp5eZdWW6mPlerhog7jgN5szOZUxn7LTs20_te6f30PcN3owpeMauUoTn_Y4MjjhNIU0wERHcN-BdKixW9s0D6aeyM5KJOHF2IGfifZdSDwd0W-EbrNv8N-CjuqM3Gp-17gBhswUftXqBYbEf0b6oSeXa940EE9lQsf_FfzlaImid1Ld2GJNGNniz8yi057K8GCpsAEnryH65QE4AQDkAYBoAZNgAfh1PdmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATmceRE9ATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE%26sig%3DAOD64_1PKC2mAM8BL9-ad-mwPJO1zKuoWw%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-BxAaZwYAwSl0BBMY73xhVR6fzSk9WSR8f38yKYEJ6OvG2Xe6T5Ul9oN1f5_n3cLx5S6zV4WXXO4Uhl2BBD7zLL7YSP93goRJLt9QQRayaoQdX6qg94XAxyTQ4yFq-puhbhx_rBrYyJBRC5NF3iEMJsiWuk6Nfvnw4lQJ5TUVznPjuCQe0%26cry%3D1%26dbm_d%3DAKAmf-CeTa15yz_flTtyfVM9XUxkd6Y-fwEvukmvmmQO5-KKQxAKchSK4Olj7007aW6jkmdxGfes53AoHTgulq6lng3XHYa-l_Z5kYBIuptrtr76QABWARX0QIyagJ9Ml9SAgbG_AgWNGz4nX_ZhVLv2dLA0dnJO5UTYd5dS2AT8pVMhehScIOLZYn_dR6UYlJmob5Lyc9ufbpaUy8AdYspGAJyrIjGGkD-_GMYTX8G6Co0N8ZDiATKWWFP_rjsZwxkIf3SgCiraZAP9ig46mgI4RWLliQ6n5cVCXfI9nkTSVMwTY0y_gdgGUqvnewqlUiM0YPN9NUpkGvU3XHzP5tQEkzedo-OXCFUXqwrP4G-BFXSxVBChp9qfRT41dyVRn2GPfLPr66lqZp9TmCCz7lFTEJaU1hP9aiL-A9DcIw9mETpJsdiFxwNMf3ZCcrr8Bk8-xYcl06FavlbHjHX90mD1mITo7lVruKBsjbZy6YRjbkLJHbRJGnVbXZnA0Y6mRzmqaj5klznMUygCK57UfN7UQaIE6JCDI7p4NbeyoqdVHCsutxtchl13PUN93_VpV_wCeGiJwZ4KOnDZwQMjwxsmmRS-uyygZZ9rqpaBFGwT35xNoTbDLC9qyxvMpJ_oSeXN4EdmrAeMpNZ2H4qzLxnP4BOcCZs7M62aqGG6Dis0UyGOS1_l84EBgSQ5-3fcAR5dA2RbqeEV%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fhealth.grid.id%2F$0;xdt=1;crlt=1)ffRKHyqL;stc=1;chaa=1;sttr=1010;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
babbad8a7d1053f124392af6a215dffc5af9e8c36c5dc60ec15b1a516a2d2772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_101_0_0/ Frame CC52 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_101_0_0/URLUtil.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-amz-request-id
2E5C81YXQEPNYJ30
x-amz-cf-pop
EWR52-C1
x-amz-server-side-encryption
AES256
content-length
1942
x-amz-id-2
v3INn1wqsv4n3nKiyifep0jLv1Pke52/+m4V8vjb5QBIBN1Ajp0vxNJ7rKIuqy9X1TTDOZJseY8=
last-modified
Tue, 28 Feb 2023 09:25:01 GMT
server
AmazonS3
etag
"5ac70b83663a79f3a383c3a53f62eafd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2146117
accept-ranges
bytes
x-amz-cf-id
5deDxrFexkn_k5xhef2Ammpaga9XBDUY9DqYNulsZ8wc2U5e2PR7SA==
index.html
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/ Frame 6EA4 		107 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6f0342383bc9e1e70756e8dd4dd70a3c5c2afd7ece9eca1f9550589d94e24552

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
20953
content-type
text/html
date
Fri, 28 Apr 2023 13:45:41 GMT
etag
"0d21f6fc8388ca5eee12acaef22bdf3f"
expires
Mon, 31 Dec 2035 00:00:00 GMT
last-modified
Wed, 05 Apr 2023 07:28:49 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-cf-id
E2RgmEbxiuBMfmWR1YT-249OstH84fTeTNwg5CDfUkUXNnDqrHsTOw==
x-amz-cf-pop
EWR52-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
Wz7s2QvVoKQEv5dedHuD5X2vYSBaPJ78
IntersectionObserverVisibilityProvider.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_101_0_0/ Frame CC52 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_101_0_0/IntersectionObserverVisibilityProvider.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
x-amz-request-id
2E57GSBZCDQDST7Q
x-amz-cf-pop
EWR52-C1
x-amz-server-side-encryption
AES256
content-length
2950
x-amz-id-2
cgWEquz94gYvYLRissARCriQVAaALR6atL9eXMbMSFAtG6QGXkS2tUTncnFU1BtB5gWEVOKFRZw=
last-modified
Tue, 28 Feb 2023 09:25:01 GMT
server
AmazonS3
etag
"e3dd27b7ab9e71c38170980ebbfc1df7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2401713
accept-ranges
bytes
x-amz-cf-id
hGFYqYqGsd_Z-H0VCueWNCwEWPHApZ8LMoKK4DWmhvDP33xUO-SbBw==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9B67 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 09C7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D6EE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
discoverylogs
log.popin.cc/log/popin_media/ Frame BB45 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6ImlkLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImdyaWRfZGZwXzEiLCJ1cmwiOiJodHRwczovL2hlYWx0aC5ncmlkLmlkL3JlYWQvMzUyOTAwMDgyL2RhcGF0LXRlbGVwb24tdW50dWstY2VrLXN0YXR1cy12YWtzaW5hc2ktY292aWQtMTkta2VtZW5rZXMtbWludGEtbWFzeWFyYWthdC13YXNwYWRhLXBlbmlwdWFuLW1vaG9uLWRpYWJhaWthbiIsInVpZCI6IjEyM2EwNjBkZTVkMjVlYTQ5ODcxNjgyNjg5NTM3MDgyIiwidGRfdGl0bGUiOiIiLCJhYnRlc3QiOiJwYyIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wLjU2MTUiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYifQ==&t=1682689541438
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
log.gif
r.popin.cc/ Frame BB45 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-th&uid=123a060de5d25ea49871682689537082&url=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&t=1682689541443
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
last-modified
Thu, 16 Sep 2021 06:17:57 GMT
server
nginx
etag
"6142e195-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adkit.js
secure-ds.serving-sys.com/BurstingScript/adKit/ Frame 6EA4 		1015 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingScript/adKit/adkit.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c882cfe8a299ca410b302d9bf7a46332fce12fe63fd373dd7212d4e5f3989438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 23:15:05 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"c2923fd4e54d085bbf9af41dca451c35"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
41tJqhDFqkaEqU0dSSW1n19nB8TZB6ekmw0bCw6l6J9LNjwqqsVZbg==
content-length
542
expires
Fri, 28 Apr 2023 13:45:41 GMT
video
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/video?x=1&pageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&domain=health.grid.id&accountid=fa9afd31c9c8769a7ae23ef3661ac43f&autoplay=wifi&videoid=260762&segment=hw&ownerid=fa9afd31c9c8769a7ae23ef3661ac43f&duration=215&vposition=0&startmode=undefined&playhead=0&viewability=0&origtech=shaka&realtech=shaka&volume=0&debug=dbg4.11&elapsedms=5023&action=ready
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxvideo.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:41 GMT
Server
elb
X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Origin
https://health.grid.id
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame 823D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame BA1E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B751 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C359 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1D23 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 16AA 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23e5c08cac53d2d04e815d7f211797319b32be9ff189275dc5329feb791b7ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18917
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 19:23:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:55:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A864 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssb6vPOM0NLhrwgHV_oIGkjarsl2EpvNS2ra-xqVm6w4RrgbzmIZD9c-hcVmJAr73Ef7lVJfqCo92ulMzyr5ybuvrnkY7w0NG8X5ao6CChRicGWzH3lYWFRNPGYLDSd8ZSnOhjdVYej9V3pomWjmoZFwFB91aoZCs2TML3aRstmnxvKyDAV4yHn_TjALLK_N2L_s1LVJC2Jnpj_GkNX4SmSfgsYFDDiNdbFLD4Mc_COTPt7icdcYvdIyHqUfTHVMkmMVis3ijA6N0_VJWOe-bOCunrfJHj75mU1LdvtTDsMju6nFhkRpbzsTop2pyn7f_iWFDP_QWZFl1wPw0jcNyM_5xL80KEw0uYoAVWtAiIuZ4gYumY4aKFCh6BqbbRIBUgKKxgfHUENEs449eULZMujk28Pshv2_4buzIzkMLEC8yXZ5aLFjRE5G_ESAJmJLXvSWKJGjnz0KsZrUxjt5YVdvuYP2JWTrHLOntBr9SLGVYnMFwY0C-sUfcTt5m1tSIdaGu0u9OjpsW4WKwQX3qoNBc_jtPnhhSPZokw-LL60CByxTVNEqQ2V6NZBvXv-QDPLeKJtswjLo96Jgv5PQ7KwkRTK2iGVxPa7rX0OsBjX_YvqA3jv4hqc_j6s3OCUvDOZpYoBwBGFf4Ts2mljlM2IhpcpVJpeQvc-V86v0yTwu2Nv0nBCZ-JzzW0W7Fs_7jyf2D5IUX2no-qSb5asbMeuxbx-TQUZCoUk_DpzVAb0JrujCF_gaWEN0-ulCHEvYp0_Ig3V-PazKfUjq_gIVoKruCPUtMxPjIK8YjaOcNbLxhdu6DTolVw182dsuGJwDPVQaXi9WLn8G2sVZPuu_N5iUXNhAIKYJfElS0h5RXEnbV__QBocE3RMR1jtZCaAOxGQbga6oXO4L50uNErgaGQKQf-ymtnkGvhFSudBpg3Thyr8quvyRUBdDcsZGvQGQL7b3IIK0Ynfw4QGqFvRNbI-gSPPtHP_CfmUREq4rzYpW5yNW_iVxShVpUuC97VB2Rs4fyfUB8niRYz0WK9ceXla2qb_DqoiQm3c5vXi6JwSQC80QlXMP1B98IaE6uzX4JIF9Pfh6N_spY9Qz_R4a7l02e086JoLETtcgLsL-Q8MnHD5LAOmhTI6JIaijiHisDQERoIabS1F0xgddgq3E8un9FxjwIBXOiUnU4eDWtinFs6YM8Q9SeJkXc4BRIjf4HvEp2J2U2mQ26WjvbXs69PzWklfbB_r4iU7QpvSthVhoksCfNTtf4o6ddMjIgpMC5P5OAqXAoV9&sai=AMfl-YSaezqgIaNe4pnDxpuruqCL8XKURv5JC2zGqV7YkXXInCryI9hjnwWzw8Ij3gmEK-bWpN6T4FcwW6QvMrnpM0VwKohrs1hoRhpqk-zACdrfl3ms_wTOYILk_L0KVlzR5i-4U1bbk9fXoYGeTz2XvsK46mQadd5TSw9B8iZPHT0VmRfMWoT9_4lJWsSYmLxHpjid95waD9VZMSx45RKBcTwxLcv5oI99OGfkc3UwJPaxdENFK9vizDVoZuGa_O4TTMwy18ABIMGk6w&sig=Cg0ArKJSzGLQbdn96ObXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1567&vt=11&dtpt=1128&dett=3&cstd=418&cisv=r20230426.60191&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:41 GMT
logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 2292 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
487622
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:18:39 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CFC8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logo.svg
s0.2mdn.net/sadbundle/14392016886954669725/ Frame BB1D 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1365
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 18:18:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEr1ZQI-DNCONhJUsMb0tN8MswaF2GKmEQdY20VQVHf2kL6mNc1rRYtC3mrPtIqm-MJQOn9gxDZH9jo1vggIBrUD0uHCMjnlkNT3hPwXtTCue4Tyv_BHsjQZF7W17Nu12fnVdxHbR4Ge-cuh5AVijlqMfuTNVU884MnQALpbcyy2mzatZ5e_zIDS2guH9f0g0v5kH-QXMO0MEJLD_UsG2WKN6bebo62C5SQBE-sVmQQxKmQfaCXs0XsAY5qNXMHewsj1hgTguwUeczaHteHTaZPK0gGUlZL3T3bzMcI_t_oArBGrWYABQUJNV90dDkCsOg-tI1ZDA2kElo7j3I3AOOmo1A8Nhrj550DkrLD30VsMwMnq0319E8usX5Jy7UCN7erGbP8fRwG2A4DDP-C4RJykBCmQ7UyYbWrwX9n4q-UNXFxuTo4A1BpKN7jY98nlPYFsuXUXGX-dhCPlp-Njh9Wc3bH4Xx9RvE71Rzpa8UrZT8wZ5DXEqvLEVzJZ70WgvLvSrp87H9i-R1iMH6WJ71g2NHCQXjkTQycbxhmEzBX1-9Ui-gjwKkgyTmZ5-aISOC8pG1t4p0JQajLisPqG1UH5vcYL6AgNLf76lscWC3CBy4Q3CXiktTdZCxL0BdyPTEO-2eWwAsM9qvTa8jqUA4Gm5OlHrfVaMVNCwQ_g2A6qeWWUZ2BxqQrD2vsE4atcPHFDDfdfV6Xt4yN-2vJd3xWTjXw3lArXN78rM2I7wrsPqd_YbKNxqqpap7Yw2_ZduarR3bpSI0_15AqgkxbeFcMNLRO3DzpWLV3lnVw6Eem6zr5QXk_E3VohZVtVK70S9bUbTi9AybFvRk8YWu3eSeWtHuPhAvyY7NG6zeIJlSE42Q9RppWWUF6K6qJYJ-EHCU04Q6ZDjChIaLcVWGIuEa1dV3jZIWhwu1sxF4c8XCtoDv5Hc907_O7-JMv39srnPXuMDhRelORRl08j8-JaBPO9ghzWjmlJwGNfu4msSq_spDx6GC0gZxQAi1b-c-5hwm-XkYx5ipK03Yk9xw3bfIiy7LdQHOCRJXaNiX34XO_MgQ_UpYNHomDQraKupcA07vCAONHCs9NCW43xRsA21ktKdk-UZwSuXVYmoxfzE2FFzoQtD1cYDEJkrnhcngSoIRe3e7cJ7v8aiY-HsqNO9G4oUHL9V7tGPTllFt9E_Lyb6NmBQR7l9pWIeIg8gqQa-ID_xxh94mDdH-LRzGj8ibLl9Q9rg1Q0h7rVKA9OJ8YzFVySrStVyRZmjCKqhy7POpr7JRm0Be&sai=AMfl-YS2tv8eMm62GsZj-HNRKynUtgrZrPl0KfXvom3K_8YcLewapPSlsgBJONRNE9NP18uUz5_wlgZyggRaDBM-VD855iNlrZigL84rPRUk0rfBNaiDlAI6tsg4cbMXBi_jJDVezdvBAaPOCIZ4I0y9q_m-espnRL9_V3rWpSkE5znc7JXDL_PJDUeui21rQ3NToXaKa-eXxLc0jl2AcqJCKYrR81E5RfkqLQz8VyYSOTlLRCAmE7wMH3u3oabpJ3WP7MlokLfXskNZQQ&sig=Cg0ArKJSzN4wzkU8k_DvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1537&vt=11&dtpt=1105&dett=3&cstd=425&cisv=r20230426.40196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:41 GMT
grid.id.1376263.es6.js
jsc.mgid.com/g/r/ Frame 7AA7 		246 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300854279a71f064b5f1b2d2cdbe71214e597b5b164caad2229a2032f47e7fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-amz-version-id
XQSZEK.WZt91zijIbrCHMpZGa77mneIN
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DWPVQJTAT0M3K1TF
cf-polished
origSize=252416
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FVelzBYXzmvyLJ/oubNWj+gRNt3moNYM2Or2yR2SpPODQH3mFRjGq+85jVnsMyFeAFX+PNTjxvc=
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 07:43:04 GMT
server
cloudflare
etag
W/"0748a6cfd40b16f25d1bcd1d6bf0d3bf"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7befbf431a222ba6-FRA
expires
Fri, 28 Apr 2023 16:45:41 GMT
truncated
/ Frame 7AA7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4beea9d091742d06b65c0b86ec988202604b805e65c0e63a3b165b52416337d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
tap.php
pixel.rubiconproject.com/ Frame FAE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENdfvPgHYTm07XCRu0bDBDo&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENdfvPgHYTm07XCRu0bDBDo&google_cver=1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENdfvPgHYTm07XCRu0bDBDo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame FAE6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame FAE6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C7JZKZS7PVZAB5AM5TVZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame FAE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZGNBXqE2Xe8rpmmbgB-mZsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n6orT15E2oLrja7.lkytUHKQLdjupYXaOwvuPQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n6orT15E2oLrja7.lkytUHKQLdjupYXaOwvuPQ--~A
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 28 Apr 2023 13:45:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n6orT15E2oLrja7.lkytUHKQLdjupYXaOwvuPQ--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FAE6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5JrIR0XCSM-ieQFdBPlypQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5JrIR0XCSM-ieQFdBPlypQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5JrIR0XCSM-ieQFdBPlypQ
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2023 13:45:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4BGENFXR6XPJRNSJ5V6A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5JrIR0XCSM-ieQFdBPlypQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame FAE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH0LWJ2U-1Y-87X2
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH0LWJ2U-1Y-87X2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E51B3F971CB44416A36988DCB7BABE66 Ref B: FRAEDGE1808 Ref C: 2023-04-28T13:45:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6ZbBsHeLH78WviPgp5A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH0LWJ2U-1Y-87X2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FAE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgwTFdKMlUtMVktODdYMg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBu6OHr06CJRzen2OCAo9P4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgwTFdKMlUtMVktODdYMg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgwTFdKMlUtMVktODdYMg==&google_push=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgwTFdKMlUtMVktODdYMg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
cm.g.doubleclick.net/ Frame FAE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjYyNTM0NGNjNzMzZDFjOWI3NGVlZjM5NWYwZDZjZGE5MTU1ODcyYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjYyNTM0NGNjNzMzZDFjOWI3NGVlZjM5NWYwZDZjZGE5MTU1ODcyYw
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjYyNTM0NGNjNzMzZDFjOWI3NGVlZjM5NWYwZDZjZGE5MTU1ODcyYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FBF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgbAuUHh0N9O8lDBdgCmxGWl4nwL7_lRfofYjaxwR9-13U4LCNrA-cHZRePaWRRfjqK_m77FLitVwtmRKfuXD5P610-yyD3_SqWseVk9o5yau1rtQ-AEGEq204ujkDeydDAfTup60&sai=AMfl-YTBoFkrF5HSo9HQvQ32iFcKCnIKAkIJJKl-zARMbfon2hDfs4MBtzsPnCqIqUftGs7hCUWvorHIsPNT07DnPWG-oIuKvNrnwAqTQzxDYHWVcoHNF_eLKCxKHP-AjAk&sig=Cg0ArKJSzN5NkXBMTyUKEAE&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&id=lidar2&mcvt=1135&p=338,315,588,1285&mtos=1135,1135,1135,1135,1135&tos=1135,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2828946652&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682689538225&rpt=2302&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1D02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslKpMq0CrOFNezn0iFAhHXsSwiC1n6R6jnpeJrh57qmejsIdtlEMejjKqXmW50zgY8rmbJT5P85KI365T8Kv-dqU6VEhvzrG5mQCiC42GMY3Yy_HCr5XUxVCUABh4XSCtuvKEIBZFNaD9wOcPTT0A94bsehfzy1mbT7GlcVrqlO3wLuSbonooO7-IpfguTmzoY4Ms36LTwcE-uWaiqI5RBvib-75x-k7tNkhf2Bxh6Cn0UNzZ5Ag3t1epHsKwGirclrPmeXq5gQGA4ZAnb-jPPD3YfqC2EuwWDYf3dtYMWiHYqp7zQT5t8XS7OpQfTbl5VzYMo9KkpmKO8TkAvQISYaxkBLnL-I6k534bfZhBVhHyi57dhwxmdkFfvxlc43NkC16AX3QUoksVwG2JbtVC3UKPTYDb0nUnspbxlbPRjokbh9NUSZIHctEq7PyeLumshEViPbqOWZ9Xls6CjGLeYOMxEvllJnD4RH8X0NvCWV15LJPoq72RPBfdcITTviaxVWlLswDwCapQlBwKMNv6QJanxgcXjDGxlxT-IW8GermmqKi2sv1PK27ie8znJVjk8wwWY_oCFwwZujX9MxuTgF6EL_SG2L9O8hoEllEmVKcODlda5QECZTAOIXe8VWX_nJjCrguMn6nYtrppfHc8HkQ_1mdNUgb6VzJdHmp6xOttExziwZ89gt0u3fT1RMREsy12b1FzV1PurkHhFfZOIIjhX1LRtBKptiJZy9-zNGdKj4alTPISgrU_U7or7_uV1dvYTh7mV178Tw9A1Mo09XqSZzF4iBu-DRI4z4Wh97J4tXFkzLjqGrMdpgS9ymlPe6PfK_RkZYSix3gXH-FptHuVRCLvOvOHI_QLvib1MgwZ0o7zx74MXVMNXSoMAGFt5l5f6n5NSjCUNcMfEH-6vqvrzWzBHOidYMcAeBZhsmAX-uf0kHCUnkVGnVmzHRm2B0vq91uqr6m6eXeEkZxScvUJWeOroP2Frk0b_TwjZYUA2Knvpafx4I5x6EtfqLZDmT3AqFkU4aZljDtcEHFpOsq8es6zvMirdshYeNjU7qQNBEF1S7yjKrLHIE8ZrTpA51ISXcq7DpsNPLWrDd2II_7Z-raBlBNjEzIRVYEyqmZrWbIXjTQayf6CDmEfSjZ0LZiIJmpCtN-iPC4iJ3reLNw-hcqCgmCXFYph8PaMfN9FJEO5Glj0VrCZkGP_K_j9KZirJtEhQXRSEBWyhLl0Y5cnWddIaI55sF9ywb5xsV2_BvublAGFsVlO2wOYe_MvMYIktuQh4r_u91WU&sai=AMfl-YR_TKe5TB7KHzWWf1vfpZhTLCMCqMAnAn41lngNkYFiZAdvnoQk13fR-fJzzRUw90VWqytv2Ze9WY9-dIsYxRJLWn3zpK9J9Guc6SGak-ENdT5bGbf0BJeQ5vHDQr0HiiZbNITvVESOkgBsl2mobYM4lx-Iy7yMHTekEW7A92yyhCPNb5MTrtEtSpb8Nq0BypJpxUJ7pDBixxnF7WoxgHSwFjZCFjz6g4VsHdHFs8L58f2iIpOgB1D79-pwaSC47TDoJXQTL8eI-Q&sig=Cg0ArKJSzMqZnNZKkEhYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1626&vt=11&dtpt=981&dett=3&cstd=641&cisv=r20230426.36748&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:41 GMT
adkit.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 6EA4 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/adKit/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
/ ARR/2.5
Resource Hash
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
gzip
last-modified
Thu, 07 Mar 2019 15:26:57 GMT
server
etag
"3f15c433fad4d41:0"
x-powered-by
ARR/2.5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
23751
expires
Mon, 31 Dec 2035 00:00:00 GMT
/
stats.mainroll.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22jTR5KmA4Hx7w%22%2C%22%3C%2d%22%5D&ts=%5B1682689541556%2C1682689541557%5D&pp=%5B%22pubmatic%22%2C%22%3C%2d%22%5D&ev=%5B%22xld%22%2C%22xst%22%5D&id=%5B%22vcbl_grid_outstream_mobile_always_float%22%2C%22%3C%2d%22%5D&et=%5B%22LineItem%22%2C%22%3C%2d%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%5D&pid=%5B%22vcbl_grid_always_float%22%2C%22%3C%2d%22%5D&pet=%5B%22~~02~~Unit%22%2C%22%3C%2d%22%5D&at=%5B%22generic%22%2C%22%3C%2d%22%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%5D&ar=%5B%22https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan%22%2C%22%3C%2d%22%5D&sdk=%5B%22GOOGLE_IMA%22%2C%22%3C%2d%22%5D&hn=%5B%22health.grid.id%22%2C%22%3C%2d%22%5D&sn=%5B18%2C19%5D
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
HGwkfrO9uzKrjJSJWoQTzdIr0z7aANwfhc-IfR65lklnnDI5Kt0iaA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689541559&pp=pubmatic&ev=xit&id=bRjApFq8Z7iH&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_mobile_always_float&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=GOOGLE_IMA&hn=health.grid.id&sn=20
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
MYwpxBuNV5DszOqP__yb9miSBh1Ir1a1BQ9vnbBNI4pWr-zqtyRwSg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689541560&pp=pubmatic&ev=xls&id=bRjApFq8Z7iH&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_mobile_always_float&hn=health.grid.id&sn=21
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Apqd4bDeqgyWNUXR8ofXfxtroT4kqmTsJQ0chSU8rVUTnq_zZb3oiQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689541561&pp=pubmatic&ev=xld&id=bRjApFq8Z7iH&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_mobile_always_float&hn=health.grid.id&sn=22
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
dOqceYWc5VK7YfD66ayzE0I7N_DW8YYWMyP99yKv3WWcQjg2_gjXwQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 58E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmP0S7xdxInFUYKocTrqsWJMv4TmEGTPf22rfkMQoyZoF-uqvNgE1kSVcb41ZGLeK5f0Nviye71_Rx5CzCD1xyEXOxjkRrea-kNgNTFCW0mP2D2XkJk1KvTIaavTZpO9_Ot9gKNB1ZrSMo2W7VfrZ0SEIM8PgVOm_YXndRwDYJGS0GteL6WhhShRGkAVDor-wQfjT0nLcP0x2rdr080pR0tmyJoa5fDM9rtUv9HEzb_PjtFeJsUswZfKGMHG1OE1mhSGT2CL_ylNZFyor_ANgBV18cHbFJAFXarh0tmQK0WUzbq0wqSJHH7TmNFc_k6HN3oCdDFGcAmi3v4rYH_EpXHnZquKuU4CxVOkrOXgXO4S5UBWg-eQcDyvCVA5Lz280x4XK7EhAAuBUSv_yGbn-vPlf_RLJkMLjtWtPhmFc1ZNUM2868Wyoiny09962TWf-W7FZBUEiWVH8uCv71xW1tPG4GMwtMjGePdEvAvPtaXUqbfoIjDHkCXB6SgxYfuPuiP9a1JZcMDPEnkG2_euQrY-rkC9P_EcN8qr4AxShNDZidunB3bJBUBf5wy36pAvNNSgXUDPHvbUbu8_OeCThOdSQi-dgwWQxjsWJ7wv7LGzBzVnRWgJB3ixUHUkwFLaryNknOycdyom1xygfBF4ZJHNnFs747-YKfs9526uvAxP9TTQyfViOWH5rumobr8FFOA7N069XdJCB6_mbdBbzYRiCRnULCE-3qgLL4Qa5PkoxG3GMhp7va0_UIIy0agKGjlVvhh06ySq-bf9d_5R42JB2V_rMNgygI5M0EpZmIMj1Kg3q9KjcJkSpGrtnp7U6mHeKEKyC30E9Lfu-17r7WBE-KKoDVo7Lrp_1XobGJs9JYMljJ0-qZkZ2oElWo72C6fDrV-mmpkjUx9OUhC5hmR-veQ7MW3Yz_hn6omChNdpvPhSFpnJTvB_u1lJce4vr4ISZ6DoVeeaey3yGBGPhudLAbrFLjJuV4FE2MYXs2jQIZOVl8FQZf8pO2g894jc_S7SdakcDPBTUgXzuzp9QiTzXlovzSlJa-eNGDLSlBwIAexQQTtwlHj8jdWmWT8BW96VRZOJ2r00v4qrAEOBAE-5gLo8axKsEA7wVletlOR-2gJecFgJZfR9wdtVhLGo9cFFLY8eG1MNiIPJKbMeXTH3O37Pwnkg7zTVg5H4dmaixiEY42OyQPLrKfznTOgvGVj4ZrdiI1zxkfrBVbOxNKV5h6S2cfFJN-VLiCq3UhUFeCQmFkttGjT69pkRT_Tkx5mGvmmS-D&sai=AMfl-YSNXyX2wgm2Ohh4MgD3X9_8AcAOa6zRkYZWiXh_1301Zmrk7IofjkJnHV-u0O-JnxSeD3bAmrHb3AZOMJN1XY-UgzEyYCY_XvzA4XcZYoAzpQjG2IN_vjmA9NUUWZwCKFBPJx1Pu8zEBPqq3iTEH3q3DGzmWuUtnhr0-RohnywL-PwTl5Bw3IybrTCZN00Gzs5PQQfnQzvUSZRemjXpz4lgukT4oRCijG-OF7CxEbdybJ_YdX2y1783kJmbFI1YhaOBs0XPETIX2A&sig=Cg0ArKJSzLgqf4WToLFJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1569&vt=11&dtpt=988&dett=3&cstd=572&cisv=r20230426.24397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8FBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGebx-JzqH5bdRdfYLtdsHH6tDaf8twjSYdq7h0x_2t8Kz6dDyHkdbTPadMtvjNW_EEfNYE_As55u4kTS2glRnsjg_ah21r8lN6at_6ScCi1yoLcJs3KYfQ_AEMhZItYh7V0c0_G4ygNmaWKdcQiqmWa_yeFFZBtsDNMfyyoW-LM64lnVJnn2TTO24qGDpW1zG39tN61oc2JSkvrhYM54DhI8A7lGmEOquW_rL9A9dCeBYgYu08UOA-dS3pGN_nI7_2oH5NHDgqY1N4VNagxxblP6DO81PZkPtuj1m5NBIhPaVu2JPbm96ghCoFGy04uvzD3C3c1jO6CkFS2HY55aLB4-1ibDc_gPSN7dWO0kL8aypAzNFVhhwnv5ppVkotNDQf9Tc9PwaGmwsleIuszYEP3B3QXDf_xFnbFqRzllp_V6qTv6a49MjtCOlqFemRhTB0TzG_S2hDGYhlKrQykbnAc9DqvKonnRMW7XulfFYfWuY5zFbcC89o9iCri4eT6aUHKbXakPGSmM-R2uWx_ABOzzKUghT1aEXj28wAW7aLv1G_8e2BXBxS-ooZrOKY8ZII71z01f2m53g6akFq29GvOc9vUTLRRRgGvLfRsuzDPcPzKHLi0hO_JqQFWyk05Mdyx4jTaf4iuDrRJs7GD66yr-k2Tm-1ClyXD5uNZm5HDUZBvsrjoWYRaUDNzMnBQQRpZg6BKP63DE-stshRQlyVEJt1H3T06bbpFV-_vSf-80h5VC_dXR7EWicckmCcueUbC-jqNu0qlO9pMTPeJPsSFdWgpysaSX8f0OUY0Nr3Q1cxSb1WgSfucU9WVuXLUdgMFmBbvoswqr0eRTXF4qY1bIGOvX647Hl_OOQVEbgHD0VXQ_4RISqUN36SAYLZAGdROVmSDkn0ZwvA1ZfDwOiFfs4QtbxXCYElW7VfbBGsiGsvCjdDizVcF347VtVNC4w9XxpfVHv3w_uZ4ClAkO2fYrsboF-UpoaYCWQ-b0rlRYYGftSnfy6vC_i1eJ6wNUT9NvSKpzUm9uz5Il1mXHJpw1p8M5Fdi88fgpdTrxFw9RIoKPyIOZ5H_ABj8g0bwjnvdCBCXFUZVHM0QuqTrhdEJjmL9uwQgoTpPtkI1vUJWK_w19L510V_JtJ3DItN0rSI_24Yy0XqgXQot9clhvEc25YI3pV9jloDFG0yxW_EgqLCEuYG2gq_fN07WXJSSKRfD-xV7Y-qfSKYSZJx7t56hvQZZQKL3OCblUuFmjnA0iupZo-NKAnDeEzmJI7Lwqjo4ONgAyioRJCKUowT72nvbdLqnYDJw&sai=AMfl-YRhP-N6HSAoZr4xn0g6dG-eXtO5_b4qmHcDGvZCFEjD6KU0KwCh_C07CxR4O-hGl47wHCxk3xxp6PevBNX7lQuAIqNG82kykXZb3ODJxmc7ufICWR_-Y5DN2bmdOYvBNJWxORCL3JBmkU3Bu4oDfkZwDwyUd6YkAxhVMGkfl9taEv-YCywrCQzg_qu0KM9H4vXcHB4ddzy1pONLtOVJfLb_Nrng3OUErdo6M4Dqp-VAT7TSxc7l12qZHNEjV76MeqDkgJy2Dru28g&sig=Cg0ArKJSzH4GG5IC17tyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1813&vt=11&dtpt=1350&dett=3&cstd=456&cisv=r20230426.49017&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3D01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFxFKRzLEv6D0R7wIxlyilBmBfRmjuQJcWSiMasDI5THVXut4786agrAwonRbNx73rwedEvbV_bUpq4hcDta6bNFL3jiXzRkgKkYIg-vkgkj0im9fjmX5g2osULqW_fVfHksWrEbqrtwiPNf4oZFSt4_ieu1G43cf0KCNj0nNDI5biWh_jmdtyq0FwDnnL0kSuoMJ-L355qFsDHVZkwQgNH1cjIWALQE6MOuJTAJ1D0aHIfJAPMY_Hk9ZwdTQX4HhGCqAhmGFvHcn2ljH_3aizTAztTtTKoWegtEj-jZJTwHZyOFJGujsCZIYy10eVvxC1cl3fkZkngVHbJPKiGbsMM6CI-qDO9t-Tc2UvYRgvYx8jJzIchwyb_BdGxmpaEbmhqJOPsrEgoBDdp2p8jZxrYNTwDto-em8IvGngD8WhhYTBa4kKeeP_50NwAo7GqrTcGsCduLugr08wb-frsRHJD1DsHsW2750c_qr3uqchEp4mMFXHfcY4b1-t44QHHQiT78M0kwYQrtcls9NJKbMKKS6j97uLXtV3WPVfWL-g9LMW72uD0VgUwGA4CWzM7Aip-lZ-jIupJ6bmKbZVKMbs6bslxY6D6uiyUO2TF9oHldXRU_Gz3ZRb9ARuRvci-3qJE5CaQYhWAAAvhHc0pSz-7BYB8tfmiRYCT3PC7DOYMld0bZPXaEB4S0Qr3zZgGvtZO3fhcWelme2baZQG6MHoSeEseVLhIxVeVRWn-sJwzlBt581_mzyTnUSCfS4rHrNP7uQ1KGLwFGqL-NDn6RBqe1ogIVJdq-twGdIxs5JRqIjHAkUsLfDp95WJaXasjnhpjd5GvfQ45qpl-nuJkwpFzjkbglCE0IM5SDkQZtI13iosatERgXAxVZ9R-r2Pq4AC7XqQmfuzeZEM7JNvjtjd-eRjuRvlRiLqgmWcTfvGNXU0enpzPlOog8Z9I3l-Q-JlXrfR0Rr3VnjiJVVR2Pa4_md4BdQymlTW29L4rC2jLuTXmGktQhP_IcQuBBaOlW3aKpQpmvtbfl_o8g9yzIll9yvwFkJ-MQ-zmXabas0IiZGjaGwPSvb9hFphopHF7r1mS1mpzD-yJePPVc2hipsQXzuK7C1DMyUVIqS85dkbE_A75RUaWqtVMIaav8GWk6JZqENRHZHKoNEEUdHHljTbIx14r47jom90a7wzSqA4395SMdqL1_RXT4HduC4enswsq_raYf_4h1WcO70mGx49v5TdlChdVnkYoxOJqBkI7GMPFEpAoT6KPsRJojmiF3fHuIXKlr7b7hXgcFwzDLzyk5MnSKH99XE&sai=AMfl-YQt0PtXyk4-oAKnxTmLKnra7zhvOlI6eZ7UtGA-heTrJqqj_XIvmAQFhqI39GTv7EpY2uA_zjDMw5g6zsp3gyjTDg67_ER1385K_F33APlIWotL6UoaQO88fO_lPZsD6pJq6moQu5B2uD_ssOoGN8czYWoPu4aXKu4hgelqN59DxrsyuCIvuqqYE4zdXNvAw8oSHu2-CJ8aMY5zPhjzHFjTHsOTSlKl3uQRK0oNEJlAPVE3lCTd1sY-4-JNOYb9OoC-Uw8MWpwTbg&sig=Cg0ArKJSzDJOwovItxqcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1721&vt=11&dtpt=1300&dett=3&cstd=411&cisv=r20230426.87337&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:41 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 69F4 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 69F4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8734.285985MEDIAIQ/B29714943.365439382;dc_ver=95.280;sz=300x600;u_sd=1;dc_adk=3944675604;ord=5sou88;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCaHWIAc5LZNy8GqKR7_UPq4iiyAe6p5mjcIK0_-a3Eauq9f0IEAEgytbjH2CV4pCCoAegAYeriJkDyAEJqQLL5yCrq22yPqgDAaoEhwJP0EvKgHJyiZMFrUSgmnuOv0clu0WHvDg0aEC2glcAMDiaG84cjJfexOoLmj6JmS93VOS5XI6LNUo9YM6AFuPvaxf_el-lLPtKJNXh5uXNarXNoTqst1un3l3mqJsj4P3iHn0s8oWb0mocz_I6-8XnTo6vRmp5eZdWW6mPlerhog7jgN5szOZUxn7LTs20_te6f30PcN3owpeMauUoTn_Y4MjjhNIU0wERHcN-BdKixW9s0D6aeyM5KJOHF2IGfifZdSDwd0W-EbrNv8N-CjuqM3Gp-17gBhswUftXqBYbEf0b6oSeXa940EE9lQsf_FfzlaImid1Ld2GJNGNniz8yi057K8GCpsAEnryH65QE4AQDkAYBoAZNgAfh1PdmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATmceRE9ATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE%26sig%3DAOD64_1PKC2mAM8BL9-ad-mwPJO1zKuoWw%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-BxAaZwYAwSl0BBMY73xhVR6fzSk9WSR8f38yKYEJ6OvG2Xe6T5Ul9oN1f5_n3cLx5S6zV4WXXO4Uhl2BBD7zLL7YSP93goRJLt9QQRayaoQdX6qg94XAxyTQ4yFq-puhbhx_rBrYyJBRC5NF3iEMJsiWuk6Nfvnw4lQJ5TUVznPjuCQe0%26cry%3D1%26dbm_d%3DAKAmf-CeTa15yz_flTtyfVM9XUxkd6Y-fwEvukmvmmQO5-KKQxAKchSK4Olj7007aW6jkmdxGfes53AoHTgulq6lng3XHYa-l_Z5kYBIuptrtr76QABWARX0QIyagJ9Ml9SAgbG_AgWNGz4nX_ZhVLv2dLA0dnJO5UTYd5dS2AT8pVMhehScIOLZYn_dR6UYlJmob5Lyc9ufbpaUy8AdYspGAJyrIjGGkD-_GMYTX8G6Co0N8ZDiATKWWFP_rjsZwxkIf3SgCiraZAP9ig46mgI4RWLliQ6n5cVCXfI9nkTSVMwTY0y_gdgGUqvnewqlUiM0YPN9NUpkGvU3XHzP5tQEkzedo-OXCFUXqwrP4G-BFXSxVBChp9qfRT41dyVRn2GPfLPr66lqZp9TmCCz7lFTEJaU1hP9aiL-A9DcIw9mETpJsdiFxwNMf3ZCcrr8Bk8-xYcl06FavlbHjHX90mD1mITo7lVruKBsjbZy6YRjbkLJHbRJGnVbXZnA0Y6mRzmqaj5klznMUygCK57UfN7UQaIE6JCDI7p4NbeyoqdVHCsutxtchl13PUN93_VpV_wCeGiJwZ4KOnDZwQMjwxsmmRS-uyygZZ9rqpaBFGwT35xNoTbDLC9qyxvMpJ_oSeXN4EdmrAeMpNZ2H4qzLxnP4BOcCZs7M62aqGG6Dis0UyGOS1_l84EBgSQ5-3fcAR5dA2RbqeEV%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fhealth.grid.id%2F$0;xdt=1;crlt=1)ffRKHyqL;stc=1;chaa=1;sttr=1010;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
63474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 20:07:47 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 69F4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 14:54:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D01 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvR-xCCxN4Xj_gE_6H6rRqwvNCXPR7HPxTo3gtzQZcFU_eHoVXlK4e8qakX29NllqGdE3eGAbBuFcJpF7b9AMB6cpOwC1Pg1pYUu698Cw36q20EvYpNeMdkQ5C2z0J6qYvyL_S0WIc&sai=AMfl-YQ-vK1P4r1zjU8XafJDI_pcOY77N9pZA-pfH-EbG3IHKYZGiL8aPVn1CnjZuGEvHsBZd2XN9Wp9Ol0lp1rUxjdj9M9QEcNFT0shy9rPtZaiLbZpGTfCaHZPhlBKlOc&sig=Cg0ArKJSzPYaM4ZMN2jPEAE&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&id=lidar2&mcvt=1113&p=50,1340,650,1460&mtos=1113,1113,1113,1113,1113&tos=1113,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2110943486&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682689538297&rpt=2341&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
s0.2mdn.net/sadbundle/14392016886954669725/ Frame F099 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14392016886954669725/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1365
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:58:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 18:18:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E0D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut0f3EVXbfTjFtpZjlwO4MELbu26cMZ2f7_pl8NUpE35y6sNUGnSPupgaOic26og2jw0i3eCHIvmHCXVGgupA36DDD-6PBsnr9FU4aIEFCUo901uxIl-K12ZaplqSECN5sr-VQM3w&sai=AMfl-YSbZ-RGdIeODjwgceEsDEoDmLQ7KF3LF_aZhU4ZAepPyKZZFj-Gb3580dYfBxet30-yJyjfvlHYKjQF9MiQXNCsKBnv_AEpJAj1pW1uMHfMs4-Xsh898W_siFp9b74&sig=Cg0ArKJSzBGKr4vRCZ4gEAE&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&id=lidar2&mcvt=1127&p=50,140,650,260&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=468872212&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682689538292&rpt=2376&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A864 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyR7zqFpq3UgsJ1ozpVH_QdSDUjAD_9MNDGuNoOojkDjOz7M2HH42b4slIUL4Ad06fwjHZYg6lEBPVTlOIBsGS_n8QZ5G0Ss8d6bJzuzDcXd8wlakbchfAAw0BpYyr0zOr5R4HCYo&sai=AMfl-YScb1A1TObr1C4dtBeliyaUpopS2DRav3jCrb0Eve4zkKNU6BfPKJBKpeP5aCjPl1PEXxjGtLk8NRz0lrHHsIgB1N_-fhuvd4B3AxF5O6QB3J_C2wd3KAd2HxUSiQw&sig=Cg0ArKJSzCbWmJbgvpuLEAE&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&id=lidar2&mcvt=1130&p=1110,436,1200,1164&mtos=1130,1130,1130,1130,1130&tos=1130,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1864219677&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682689538301&rpt=2295&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD84 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dc50ae65428d79405409ef55d627783ee8e7f1c5f668d96a3ad715c2e301e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5674
x-xss-protection
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 2292 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:03:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2292 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efed81850e59d22324b788d67c2df5462c4ac3e5d7fed27e88d7cba5cff754d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5645
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F099 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4da12016c86d20fd4a774424b56b3c0f9d1a3cc108ffef7fa5e875e5ecaab811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5650
x-xss-protection
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame F099 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:03:11 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame BB1D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:03:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BB1D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b170d0f170c8bf15eddb42622363b0a1a6a360f1f480432b600085c102e5e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5770
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 807F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6da06e91c350c7fbf1a9ad3063aebb760df1435cba455ac3a24eadb22942e1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5665
x-xss-protection
0
main.19.8.400.js
static.adsafeprotected.com/ Frame 69F4 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.400.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1009944722&campId=19225653338&pubId=1&chanId=285585637605&placementId=486176248&dealId=&adsafe_par&impId=ABAjH0gkkkh-aRCAVXF9uRErkx-h&bidurl=https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 20:30:35 GMT
x-amz-version-id
9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding
gzip
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3258906
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Mar 2023 18:43:44 GMT
server
AmazonS3
etag
W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
nbONnTG9mQG4pquafh7iCYIoHbhCHBwGAra_3FjM9rk-b_QMlPG5Ug==
truncated
/ Frame 69F4 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c941e4f096905f203b29f9dc2b7563020d0057614a55e8b77d296108819d4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame 9B67 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB45 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6G4GEef9cou7SdFg8Eive2prRBc7FNkNyqiODwWbozXturiS7ZDhOAKjZ4WZfhice-Oj8cXuQyi1KP_kMLDJqGtuZ_EWpsOAf8tU5mOjO5-skV1mdyxACmy6tVexpGH72k7IRyowOczHWm2BkJsjnlIVI-_nov3EWPyycWQeqmNYy9tkFzNSX_Hvdsl0hfkc1-6kIAqV2pY3OGsJoByrNwhQMGUb3LU2mZnSOB1sGCUj8aGC3ClFD5HIaFDKzHn6ETNcUlasoPb7jI6f9cZGA_NSNQzY54-cR2UC_yEx7JpA4EUb4WIzfdOwoVHtBYvE&sai=AMfl-YScYESeS394iH7lkHXsBu8MDai-S28DjAfcFxU-qZglTuLwkHXcejMNThDpHRIaiiAyh9HXs-mvbq4ZihyxR1vmVztf9fDr_hY9C6rzPjhrBdDemsWgKdb_x4ibDq4kWg&sig=Cg0ArKJSzBT8E4m9zpiVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:42 GMT
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame 09C7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FD84 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:27 GMT
x-content-type-options
nosniff
age
794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:27 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FD84 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:38:28 GMT
x-content-type-options
nosniff
age
433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:53:28 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FD84 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:42:46 GMT
x-content-type-options
nosniff
age
68576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 18:42:46 GMT
60005582_20230404070406340_Galaxy-S23-Ultra_Watch_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FD84 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230404070406340_Galaxy-S23-Ultra_Watch_ASSET.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
710ebb15f3d7258f83f9e78c844eb86dbb07b13082221088facf88e226bac76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:13:50 GMT
x-content-type-options
nosniff
age
63112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41046
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:04:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 20:13:50 GMT
60005582_20230404070358362_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FD84 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230404070358362_728x090_LOOK-01.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4575cd804079f0ad8613aca964acb76cac9b7988ec2c04da952f0d5d35b224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:46:40 GMT
x-content-type-options
nosniff
age
79142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25534
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:03:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 15:46:40 GMT
60005582_20230404070402152_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FD84 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230404070402152_728x090_LOOK-02.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb60999591ee6ddedf020d92888094d31ac04cc90199ec3c42913993161f7835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:21:57 GMT
x-content-type-options
nosniff
age
59025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28281
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:04:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 21:21:57 GMT
postview.gif
portal.o2online.de/nws/img/ Frame FD84 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29497702_4307561_361897710_145341330_PO1603A20230406&ref=29497702_4307561_361897710_145341330_PO1603A20230406
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:42 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
680651
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
40418697
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7befbf462b6368f7-FRA
Expires
Sat, 27 Apr 2024 13:45:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3A4B 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0bdc7f12f47654c38b92d4f4884b6ee9fde6d105937de91e2257a4ae3a606b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5778
x-xss-protection
0
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame D6EE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3A4B 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:27 GMT
x-content-type-options
nosniff
age
795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:27 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3A4B 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:38:28 GMT
x-content-type-options
nosniff
age
434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:53:28 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3A4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:42:46 GMT
x-content-type-options
nosniff
age
68576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 18:42:46 GMT
60005582_20230404070406340_Galaxy-S23-Ultra_Watch_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3A4B 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230404070406340_Galaxy-S23-Ultra_Watch_ASSET.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
710ebb15f3d7258f83f9e78c844eb86dbb07b13082221088facf88e226bac76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:13:50 GMT
x-content-type-options
nosniff
age
63112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41046
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:04:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 20:13:50 GMT
60005582_20230404070321191_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3A4B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230404070321191_300x250_LOOK-01.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8b88a3b6eb14c181238be3395fca76a967c1918f918eed36e0f03c4e9962b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:34:19 GMT
x-content-type-options
nosniff
age
58283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22831
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:03:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 21:34:19 GMT
60005582_20230404070325082_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3A4B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230404070325082_300x250_LOOK-02.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
834a0cd8c915782180b7726c1531fe05e02e2ae5c6243ed0da865011abe93778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:00:56 GMT
x-content-type-options
nosniff
age
42286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27100
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:03:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 02:00:56 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 3A4B 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29497702_4307561_361898001_145340772_PO1601A20230406&ref=29497702_4307561_361898001_145340772_PO1601A20230406
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:42 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
1353976
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
20915251
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7befbf462af31965-FRA
Expires
Sat, 27 Apr 2024 13:45:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D82F 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2986eb25c1bb5d3076c2efc2970a0443e343e833506ec246b3f3938fb12b338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5895
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD84 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FD84 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQDayDZBEN&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:22 GMT
x-content-type-options
nosniff
age
620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:22 GMT
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame B751 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame C359 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 807F 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:27 GMT
x-content-type-options
nosniff
age
795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:27 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 807F 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:38:28 GMT
x-content-type-options
nosniff
age
434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:53:28 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 807F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:42:46 GMT
x-content-type-options
nosniff
age
68576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 18:42:46 GMT
60005582_20230413245524012_160x600_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 807F 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413245524012_160x600_LOOK-01.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f28d9f6129b9735f17cd2cf2a6bd6951ab9383e5487b54b05fc57ab3a679bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:13:39 GMT
x-content-type-options
nosniff
age
12723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46294
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 10:13:39 GMT
60005582_20230413242957849_160x600_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 807F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413242957849_160x600_LOOK-02.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06373c7982d2ec1613c29e5f4954c2479158e9bcbffc39e0ce0b09c7c9e9939a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 06:50:00 GMT
x-content-type-options
nosniff
age
24942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43603
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:29:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 06:50:00 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 807F 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29115794_4307561_355029085_145341318_HSP0202A20230413&ref=29115794_4307561_355029085_145341318_HSP0202A20230413
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:42 GMT
via
1.1 varnish-live-1-2
CF-Cache-Status
HIT
age
5160019
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 15 Feb 2023 15:39:24 GMT
Server
cloudflare
etag
"2b-5f4bee2778300"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
70731589
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7befbf4649192bd1-FRA
Expires
Sat, 27 Apr 2024 13:45:42 GMT
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame 1D23 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 807F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
pagead2.googlesyndication.com/bg/ Frame CFC8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
148695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14021
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:27:27 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame D82F 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:27 GMT
x-content-type-options
nosniff
age
795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:27 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame D82F 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:38:28 GMT
x-content-type-options
nosniff
age
434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:53:28 GMT
60005582_20230403060819209_APP_iPhone-14-Plus_gelb.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D82F 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403060819209_APP_iPhone-14-Plus_gelb.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf509ac01688349b5a00186efb450b2b914a5c14816422de1bb3ba6b32393c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:25:19 GMT
x-content-type-options
nosniff
age
12023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166095
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 13:08:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 10:25:19 GMT
60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D82F 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:13:01 GMT
x-content-type-options
nosniff
age
66761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30980
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 19:13:01 GMT
postview.gif
portal.o2online.de/nws/img/ Frame D82F 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29497702_4307561_361897710_145341330_PO1303A20230405&ref=29497702_4307561_361897710_145341330_PO1303A20230405
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:42 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
1353976
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
20915251
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7befbf465b221965-FRA
Expires
Sat, 27 Apr 2024 13:45:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69F4 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 13:45:42 GMT
index.html
s0.2mdn.net/sadbundle/13211610045818601472/ Frame E16A 		2 KB
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291cd06397b3e78a6c3cdd0b05344064f95d7bb1fda4fad8703412a29cbad4f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
727
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:42 GMT
expires
Sat, 27 Apr 2024 13:45:42 GMT
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 69F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSFk6UbuHCVkndpJYefZt2EUS9GhgDjXOfyG4re4PgOFF7XMV3W9zlBZx-qiABax6dBIQQbNtdDWtYx1Snkh9ynmFyzZJ7pECsx-8moimFo7U15YhRSEC8BAQgLfYp6fDSg9IHu67mJHOYnlwdndntW2zQXjwsdHBM&sai=AMfl-YQLnBei1hE7S64_t-kJiibsvsjiuA9h0pLsqaESup6Kd8bmm3ABJtyQs8G1XM81r3IDIq_C3cXvDOVTpVGNHSiMrh9B54P9CbJMtA&sig=Cg0ArKJSzF4nY9OpUXfQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=395&cbvp=1&cstd=388&cisv=r20230426.92613&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:42 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 16AA 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2292 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
evt
lm.serving-sys.com/lm/ Frame CC52 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.242.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-95.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
evt
lm.serving-sys.com/lm/ Frame CC52 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.242.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-95.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ Frame CC52 		24 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=1650230220162450750&ai=1090198457&usercookie=u2=88821098-c8bf-4ab2-a372-37259997999f&oo=0&clsrc=2&clbv=_2_234_3_0&gdprpurposes=1023&dg=1077795959&sdg=1078908226&ctick=1023&ord=0.4313393310795868
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.62.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-62-215.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
private
access-control-allow-credentials
true
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame CC52 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1090198457~~0~~1077795959~~1650230220162450750%5EActualSize~300x250x0x1x0000x0x0x300x250~0~01020~1029$$&usercookie=u2=88821098-c8bf-4ab2-a372-37259997999f&rnd=0.5060071487109308&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.62.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-62-215.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BB1D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3A4B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
config.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 6EA4 		11 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/config.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
/ ARR/2.5
Resource Hash
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
last-modified
Thu, 07 Mar 2019 15:26:57 GMT
server
etag
"f4d9c833fad4d41:0"
x-powered-by
ARR/2.5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
45
expires
Mon, 31 Dec 2035 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D82F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 3A4B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=ycAuVGODBi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:22 GMT
x-content-type-options
nosniff
age
620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:22 GMT
8a3365b6-efa2-4b2e-87f3-5a5cca2a4b4d
https://ads.grid.id/ Frame 7AA7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ads.grid.id/8a3365b6-efa2-4b2e-87f3-5a5cca2a4b4d
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/OSM/osm-desktop-grid.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
08f4a34b-02cb-407e-9cf8-9401c1307b2c
https://ads.grid.id/ Frame 7AA7 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ads.grid.id/08f4a34b-02cb-407e-9cf8-9401c1307b2c
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/OSM/osm-desktop-grid.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 7AA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmaOvV_wRnOl2HeMhNcuPa2AsQNTasxMX8orPwiLn8J6r2heogyWBZnSvxHm8KG9Ktx-hgQZ2B3BAT7yRraLeUcaOz60dg3DOf5uz9Fhg27ZgbPay-9i-C_SD-hIC5rPljvoaDN6nph4R5iQ_yCy6JJpQNwAN3I3yZ7nDdOQGAoVjzxq5aIi3lV7DdUWgOWjLKpeS0VLiGta-SKWfEVfE8ZbsRugm8Timo_J5OAkjv2vAimRjD5djQVBh0bVz3xKLmDVY0GG7PtNb-xgSaXj0MlL341RMYu42D-EYdFLISiY_ySWXONLVU9m_fSrS5OFxHBA&sai=AMfl-YSlb5vHJ-G-lNiRklBw0_BYbd6queCVYgdpPHaFzngqNPJA_sna-yjs9tVp_wgwbUtJI4BpGB1LyrDK0r6lAGLJBLjZgWAU0b0hV7ad2S0YFWuNLanXeBe5kP6iAg&sig=Cg0ArKJSzFItHmGcSYPrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A3B 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5941e5da6edbba1dc96d93b85dff34f56211ce2404b0f669ef2cece527903176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11239
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F4FC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
486271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 22:41:11 GMT
expires
Sun, 21 Apr 2024 22:41:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 2292 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:32 GMT
x-content-type-options
nosniff
age
790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:32 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 2292 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:01 GMT
x-content-type-options
nosniff
age
641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:01 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame BB1D 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:32 GMT
x-content-type-options
nosniff
age
790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:32 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame BB1D 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:01 GMT
x-content-type-options
nosniff
age
641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:01 GMT
style.css
s0.2mdn.net/sadbundle/13211610045818601472/css/ Frame E16A 		711 B
362 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c8c6f2fd0a6e255531807e2254e793e8c4f00f2c190c40ef16da7245f71c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492033
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
325
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:05:09 GMT
Enabler_01_241.js
s0.2mdn.net/879366/ Frame E16A 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_241.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 04:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37392
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:33:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 04:53:27 GMT
rScript.min.js
s0.2mdn.net/sadbundle/13211610045818601472/js/ Frame E16A 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/js/rScript.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450bb42a171b7c0390732992ce3ef6d6da422c0409d5fc91ebe3cf87b875ec9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4238
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Apr 2024 10:22:05 GMT
rsBanner.js
s0.2mdn.net/sadbundle/13211610045818601472/js/ Frame E16A 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/js/rsBanner.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b2f326caa647b2721ad01e623d12b367d7656fd87b852a13d60d9b230ffa946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 15:42:39 GMT
t2.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/t2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc0342a245f656bd0d1a3abe1668ef9b557f0e74990bc87952478deb7212a19f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Apr 2024 13:45:43 GMT
bg.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		117 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c03ab77d714ccf8fc6539dc5c1e6656063086ea62a9052df4304d261c8e88c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Apr 2024 13:45:43 GMT
t1.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/t1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6e4e5372b8b03f98e8461f9bd5ad748daea5666b3d9c60e2cee3becc42982e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:57:13 GMT
x-content-type-options
nosniff
age
510510
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2217
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 15:57:13 GMT
logo.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78f21e3dc1aade746a339f6dfc049ab5f9465fb004527513d0fd1468523a94b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 23:06:31 GMT
x-content-type-options
nosniff
age
484752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10664
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 23:06:31 GMT
stoerer_bg.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/stoerer_bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c761f6efb7b0c29ae522ae9551dfb2cf89102816bff0981561ad0fea477d59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:05:09 GMT
x-content-type-options
nosniff
age
492034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3625
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:05:09 GMT
stoerer.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0c34b2e1fd7ea13986f74928619cf3cfb44695216db0df70c7db87e7db6a923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 23:06:31 GMT
x-content-type-options
nosniff
age
484752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4832
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 23:06:31 GMT
cta.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		807 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa0a88c51b8cea7025715b8adba139f47a8c9ca198e390ac108b7b05d7bc1606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:06:27 GMT
x-content-type-options
nosniff
age
545956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
807
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:06:27 GMT
arrow.png
s0.2mdn.net/sadbundle/13211610045818601472/img/ Frame E16A 		479 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13211610045818601472/img/arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41a5bbe4a497fcb545737366bf0bf06ce06029d7d59c72081e723c88992b1dc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 20:57:55 GMT
x-content-type-options
nosniff
age
319668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 10:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Apr 2024 20:57:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4CF4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=127114
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 28 Apr 2023 13:45:42 GMT
expires
Sun, 30 Apr 2023 01:04:16 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 807F 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=YTwkwBUv92&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:22 GMT
x-content-type-options
nosniff
age
620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:22 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame D82F 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=bJmC0o8rBo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:22 GMT
x-content-type-options
nosniff
age
620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:22 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 52B5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0A3B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:42 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7900 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
18914967
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ezKPmxvIsr3AEBb6LOGpx8EgVmymch2izYh7gwjHQAaRZJW9M27J8g==
mon
pixel.adsafeprotected.com/ Frame 69F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=1009944722&campId=19225653338&pubId=1&chanId=285585637605&placementId=486176248&dealId=&adsafe_par&impId=ABAjH0gkkkh-aRCAVXF9uRErkx-h&bidurl=https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&adsafe_url=https%3A%2F%2Fhealth.grid.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fhealth.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e46baef7-9c0c-8267-3476-38b3f5a1bf2a,c:b5tn4e,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-d5w2q,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1116,mot:0,app:0,maw:0,fm:tCJjPL7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C1a*.10933%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1c1%7C1c21%7C1c3%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e31%7C1f1%7C1f21%7C1f31%7C1g%7C1h11%7C1h12%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1m1%7C1m2%7C1m31%7C1n1%7C1n2%7C1n3%7C1o%7C1p1%7C1q%7C1r%7C1s,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1150,oid:f5b83d4a-e5ca-11ed-a473-e65cad2efce6,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.248.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 077F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FBF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6334816612877&version=m202301230201&ct=76&x=1&cor=11531820878333293000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame F099 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:32:32 GMT
x-content-type-options
nosniff
age
791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:47:32 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame F099 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:35:01 GMT
x-content-type-options
nosniff
age
642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 13:50:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A864 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8224572732818&version=m202301230201&ct=76&x=1&cor=13957174342427460000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6078453528036&version=m202301230201&ct=76&x=1&cor=1328212885567866600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 9312 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame DE98 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame D032 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 444B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4CF4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48270492&p=158361&s=845643&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
125c9212ccbe3d3cea506b8636b45bebb83dc30ee662c4f3386b9a026c83843d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 13:45:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 69F4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHZOcXgiCxCK0ZYu7NONDYtfakEJB0UFefJktyBuQSyCLVUuUioE0B7cr7jo928UeTbk7baRtuqTANTiOQqRJF6zIT1hQKVbuTUPv4taJgGX_q3EvyRE2yLdRrti6XS3wRZEfd4jw&sai=AMfl-YSP35y7N3P3e2yC9blDpswuNlnA2CucKwTa6zGji8KfA-qSKZ30pzYQKPkEBzsK5LombZrAFf5F9OsMGeZwWtrtzKTbry2QvuJGgTR4eSB1-9d-_oefHnEu9ICqT14&sig=Cg0ArKJSzM_a7mRGuVgHEAE&cid=CAQSPgBygQiDUlNoDmiLHMlwt9yyLtOiuIXHhckR3kszqYXLuzW2pX7TXL5lCoXZ0EN60ZCqCyBpgvZLQ6jmlOENGAE&id=lidar2&mcvt=1352&p=623,1035,1223,1335&mtos=0,1352,1352,1352,1352&tos=0,1352,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1023819641&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682689538234&rpt=3659&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6050 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4753489576038&version=m202301230201&ct=76&x=1&cor=15021870031130157000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D01 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5071910773583&version=m202301230201&ct=76&x=1&cor=4731035321920342000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 69F4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e46baef7-9c0c-8267-3476-38b3f5a1bf2a&tv=%7Bc:b5tn9x,pingTime:-3,time:1478,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:1148%7D,%7Bpiv:96,vs:i,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1478,o:0,n:1477,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1148,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B357~1%5D,as:%5B357~300.600%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:96,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~75%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tCJjPL7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C1a*.10933%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1c1%7C1c21%7C1c3%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e31%7C1f1%7C1f21%7C1f31%7C1g%7C1h11%7C1h12%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1m1%7C1m2%7C1m31%7C1n1%7C1n2%7C1n3%7C1o%7C1p1%7C1q%7C1r%7C1s,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150%7D&br=c
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 69F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e46baef7-9c0c-8267-3476-38b3f5a1bf2a&tv=%7Bc:b5tn9z,pingTime:-6,time:1480,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1480,o:0,n:1477,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1148,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B357~1%5D,as:%5B357~300.600%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:96,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~75%5D,as:%5B3~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tCJjPL7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C1a*.10933%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1c1%7C1c21%7C1c3%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e31%7C1f1%7C1f21%7C1f31%7C1g%7C1h11%7C1h12%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1m1%7C1m2%7C1m31%7C1n1%7C1n2%7C1n3%7C1o%7C1p1%7C1q%7C1r%7C1s,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150%7D&tpiLookup=ao:health.grid.id*&br=c
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8925503433284&version=m202301230201&ct=76&x=1&cor=18147356951416574000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame FD7B 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18646
content-encoding
gzip
content-length
14445
content-type
text/html
date
Fri, 28 Apr 2023 13:45:43 GMT
expires
Fri, 28 Apr 2023 18:56:29 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 16AA 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18646
accept-ranges
bytes
content-length
14445
expires
Fri, 28 Apr 2023 18:56:29 GMT
03032023-031652466-1940_500_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame 2292 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031652466-1940_500_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
628cf6bc266d3cc7e59d5b57747056cd10668b177cf3c618639615f81e8d546f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:32:07 GMT
x-content-type-options
nosniff
age
11616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138409
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:16:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 10:32:07 GMT
03032023-031528912-1940_500_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame 2292 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528912-1940_500_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d7977e2cd1894f6a5c47f3684f6560e695fcf2b5d43ee4a729450bc0bdea5b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 22:24:28 GMT
x-content-type-options
nosniff
age
55275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138759
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 22:24:28 GMT
03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame BB1D 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52a417038a5a7907e179364f9881d09ed77a4988bb1496a14e92fc44a5045e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:02:27 GMT
x-content-type-options
nosniff
age
2596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179572
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:18:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 13:02:27 GMT
03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame BB1D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a479a1eb88efd21efcc7384ecb8c93d466da0c6021c87e3169e25164e3bf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:29:05 GMT
x-content-type-options
nosniff
age
80198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38534
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 15:29:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F099 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 13:45:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6E0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR0FTlJ9GNkY0IYORbdM0q86OKNDEpuCNz2yWkJXSKcuC0xEHMk4Zx6y-oIeNKeryhguMVEHEbctdxlTieI4xE5h4iofLNh4KkKdODEZzdKLV21ZA70ns5kKXrdIuRjKAm-HSSG9kvA4oASC1_luEbUHc-kS1NiXS53C4Bu7RnXMH-DEwvNbeL9TgWpOYSkNykwhIMZLdxuRCU4silHA6JcgwtWyYz5xI0VGOJGI_z27q-DHzf2RFouIWhx_bZ1Ig7iNcWSXAz6N-HwwTUzVNmf3ZoU1JKJ5DMbSD6wEILmU8BQxzVN4TpcTeI699-mTC_1hIGjiF3AsP39khmNfGQRqsDukWbyE9F6YHOPbFTq2jUt9B8HLMYli1JdXhtm-x0uASWgV9Atn69EzV8haWuen87VtLsc8desRTkLAvqK1h5Lv7wM7m0j9e0x78sUjW12NRYfu2utCTP_OW6rJQhIZabJAs_RVt3r2vVjb9Jzup8i8OnnSpCglBS8TXTZSFkT3dYYq0HNDqnqp_UJfjImEziHrYuPLlzJDhuoANpQs-Xf_2WnRX1x3XQoAy7ZGGpv0aoPvejRKGOEPoP5mvcRiqRG-iDpij10608Qr48eYScnBi5lP3Lls1IP-DZYks55gRm3ao17BBGJ6Kt_lu9WijNcW3s3DNQ5visXjKLN3vv2k4LlXcseHyVyfbB5JBdG-ngSdscH3R7CNoBRPM74SgmWuxrFY4UHN4uKz_E-MlS7NiymXJAB3hMiHHz0tgEPRbu7r_RWqeaiNkeuG35VYTdiVn9y6mLy84yFH1aJrFvqeT4v6qlCqKyBD0drVnR2YYZeFF27vsHM49Lac7iQoWj245QQi6I1qc_T5UMSRnnOGMFKlYkfgP56CYpL58REnthb1kNB7co602AfiapWMr0rcho2EfFczLfzAh9uJksh-2AIzOOq7KEwkMFgcYyCyX55A0ETdKFnVNKfOP30q8RoUAEO80I8FB6Glx9JRJEayOiEo1vxBhbcwjP_h9oFpGvGvX33nK3uSfp9CkkJ4iWOWfVzhHdbeVCyhM0xNUXAs_DvL_aUmiJ1rqU6tzFt7hQrA_Ohtw9Be4CAv2YIcXMyTqgnGEk-feHqrOqRccxAjSAl11BoFqC96VhP1w4zHm8Ejfsac-E1_gtELz2jbnzWyS4QKxQPVGElzpxUsiZFORsSei2qJ41gHGgSH0fzjChZeOe7HnRYZ5e8SoHHrSQEQmlobJSROloK7dcsKEfaEu8pfe_tforfg49xqQww1yz60C00Clb13jK76xTbeK8Sw3PnkM&sai=AMfl-YRYPBjPt7OC2wHu2G1yd2NZZPQ5so9hMBmvLm7uXve9xeupphOI-JfByQnkYwOwhRktVXzhmPOTpbe8bkUNVYhBfkWHdtTpi9JQu9djXHfklMPQgRNj66uiPoV4k4um5o5TBOPQ45ugv7uF0_IS3X5P_dx438PlcMDZd-iy6BEW_2y_fau2gSk3FtlmMl4aM-34zAWks7K7gKrffqLAwT1xbPSV88j6xAwszl4L_jQa77lifWezMbWRpLm-xAz5uo-j4ym0jbj9Pw&sig=Cg0ArKJSzIiD0tRcIlbDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3445&vt=11&dtpt=3015&dett=3&cstd=425&cisv=r20230426.98685&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:43 GMT
ebLoader.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/core/client/ Frame 6EA4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/core/client/ebLoader.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
75f73129bc477032125b5235e71e2e9e66bf87fb2eda4aad151ba9798e13627c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 22:47:12 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"bfb2430a9a418e99bd22d2ed4e3ef42d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
KS7QwGZcON5cLMVLZWxNY2NA4TxK7o2hBeGvsKeypesN6QJ0FMc4rg==
content-length
1203
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC52 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5434370634661&version=m202301230201&ct=77&x=1&cor=2213676487666267600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 69F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e46baef7-9c0c-8267-3476-38b3f5a1bf2a&tv=%7Bc:b5tndb,pingTime:-2,time:1704,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:3636,beZ:3637,mfA:4751,cmA:4753,inA:4753,inZ:4759,prA:4759,prZ:4775,si:4785,poA:4786,poZ:4810,cmZ:4810,mfZ:4810,loA:5115,loZ:5121,ltA:5339,ltZ:5339,mdA:3638,mdZ:3714,idA:4811,idZ:4851%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:1148%7D,%7Bpiv:96,vs:i,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1704,o:0,n:1477,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1148,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B357~1%5D,as:%5B357~300.600%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:96,obst:0,th:0,reas:,bkn:%7Bpiv:%5B227~75%5D,as:%5B227~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tCJjPL7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C1a*.10933%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1c1%7C1c21%7C1c3%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e31%7C1f1%7C1f21%7C1f31%7C1g%7C1h11%7C1h12%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1m1%7C1m2%7C1m31%7C1n1%7C1n2%7C1n3%7C1o%7C1p1%7C1q%7C1r%7C1s,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sinceFw:553,readyFired:true%7D&br=c
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
D_Z8l7FXua56lMjcnRNtasCxfKkn9I_Va0VbSjt1CoE.js
pagead2.googlesyndication.com/bg/ Frame F4FC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D_Z8l7FXua56lMjcnRNtasCxfKkn9I_Va0VbSjt1CoE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ff67c97b157b9ae7a94c8dc9d136d6ac0b17ca927f48fd56b455b4a3b750a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:40:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
147917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14292
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:40:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 001C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 11:55:31 GMT
expires
Sat, 27 Apr 2024 11:55:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5C3B 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25395ce3e854ac28b091b423bf41e3b42e862e4af130167b78171da98366f216
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_-Q745Ms-semoldLW-QugQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-_-Q745Ms-semoldLW-QugQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 28 Apr 2023 13:45:43 GMT
expires
Fri, 28 Apr 2023 13:45:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame F099 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52a417038a5a7907e179364f9881d09ed77a4988bb1496a14e92fc44a5045e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:02:27 GMT
x-content-type-options
nosniff
age
2596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179572
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:18:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 13:02:27 GMT
03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame F099 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a479a1eb88efd21efcc7384ecb8c93d466da0c6021c87e3169e25164e3bf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:29:05 GMT
x-content-type-options
nosniff
age
80198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38534
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 15:29:05 GMT
file.mp4
r2---sn-5hne6ns6.c.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/acao,expire,id,ip,ipb... Frame E16A
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/id,itag,source,ratebypass,m...
  • https://r2---sn-5hne6ns6.c.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/acao,expire,i...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hne6ns6.c.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/7DE966EB46B58CEAD3BA1A6F39F6F20E42284890.0148344A72CC1F7BFCE5E7B3986941019FD348CE/key/cms1/cms_redirect/yes/mh/KK/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hne6ns6/ms/onc/mt/1682689267/mv/m/mvi/2/pl/48/file/file.mp4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
Protocol
HTTP/1.1
Server
2a00:1450:400e:3::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a8c8f5a5eaa5ed1212829b96a844ab27a112d067399b838a98e61a676d24d5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 13:45:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Aug 2019 09:18:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1514936/1514937
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1514937
Expires
Fri, 28 Apr 2023 13:45:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:43 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-5hne6ns6.c.2mdn.net/videoplayback/id/86eae4856855a307/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3725194322/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/7DE966EB46B58CEAD3BA1A6F39F6F20E42284890.0148344A72CC1F7BFCE5E7B3986941019FD348CE/key/cms1/cms_redirect/yes/mh/KK/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hne6ns6/ms/onc/mt/1682689267/mv/m/mvi/2/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
681
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031652466-1940_500_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame 2292 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031652466-1940_500_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
628cf6bc266d3cc7e59d5b57747056cd10668b177cf3c618639615f81e8d546f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:32:07 GMT
x-content-type-options
nosniff
age
11616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138409
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:16:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 10:32:07 GMT
03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame BB1D 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52a417038a5a7907e179364f9881d09ed77a4988bb1496a14e92fc44a5045e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:02:27 GMT
x-content-type-options
nosniff
age
2596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179572
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:18:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 13:02:27 GMT
match
c1.adform.net/serving/cookie/ Frame 13AA 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 28 Apr 2023 13:45:43 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D58C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZEvOCAAAAIAhzQBL&gdpr=1&gdpr_consent=&_test=ZEvOCAAAAIAhzQBL
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZEvOCAAAAIAhzQBL&gdpr=1&gdpr_consent=&_test=ZEvOCAAAAIAhzQBL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Apr 2023 13:45:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 28 Apr 2023 13:45:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZEvOCAAAAIAhzQBL&gdpr=1&gdpr_consent=&_test=ZEvOCAAAAIAhzQBL
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230135-FRA
x-timer
S1682689544.106260,VS0,VE0
cm
ipac.ctnsnet.com/int/ Frame 2213 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 28 Apr 2023 13:45:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
i.match
s.tribalfusion.com/z/ Frame 37E0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7befbf531de93838-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7befbf51fc3d3838-FRA
content-type
text/html
date
Fri, 28 Apr 2023 13:45:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
117
cookiesync
core.iprom.net/ Frame 13D8 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 28 Apr 2023 13:45:44 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-ed2a33dc9699@version_1.550v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame C9D2
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Apr 2023 13:45:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 28 Apr 2023 13:45:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
bridge
cm.adgrx.com/ Frame B093 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 28 Apr 2023 13:45:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
Pug
simage2.pubmatic.com/AdServer/ Frame D7C8
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
42 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 13:45:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 3FBE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1682689543998
  • https://ad.turn.com/r/cs?pid=45&rndcb=4407900508
  • https://sync.1rx.io/usersync/turn/9087829175746998613?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Fri, 28 Apr 2023 13:45:44 GMT
etag
RXc6cf92b594804d74b81d15ff4e85b1f0003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
green.erne.co/pubmatic/ Frame 5304 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 7ACD
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=11vkjsanzv4s
42 B
311 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=11vkjsanzv4s
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Fri, 28 Apr 2023 13:45:44 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=11vkjsanzv4s
lws
224
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
pub
matching.truffle.bid/sync/ Frame 029C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 28 Apr 2023 13:45:43 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 33EA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DF31C5C881104EA6AF30C730DE515B7C&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DF31C5C881104EA6AF30C730DE515B7C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 28 Apr 2023 13:45:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 28 Apr 2023 13:45:43 GMT
expires
Thu, 27 Apr 2023 13:45:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DF31C5C881104EA6AF30C730DE515B7C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 4CF4 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7befbf51db7903ac-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 4CF4
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Server
77.243.51.121 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:56 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:56 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4CF4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=92fd7994ac04986c
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f46a3335-83bc-4427-4d0a-ddb80a34f94c&reqId=1c591f7c-b96f-4e4e-529d-52efd2444552&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAjYVDUPZwp1jUNVCjHuSEc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f46a3335-83bc-4427-4d0a-ddb80a34f94c&reqId=1c591f7c-b96f-4e4e-529d-52e...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAjYVDUPZwp1jUNVCjHuSEc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f46a3335-83bc-4427-4d0a-ddb80a34f94c&reqId=1c591f7c-b96f-4e4e-529d-52efd2444552&zcluid=92fd7994ac04986c&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7befbf5709be03ac-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAjYVDUPZwp1jUNVCjHuSEc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f46a3335-83bc-4427-4d0a-ddb80a34f94c&reqId=1c591f7c-b96f-4e4e-529d-52efd2444552&zcluid=92fd7994ac04986c&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4CF4
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8abdb40c-b837-40dd-9aad-8891c4bd778f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8abdb40c-b837-40dd-9aad-8891c4bd778f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 28 Apr 2023 13:45:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8abdb40c-b837-40dd-9aad-8891c4bd778f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 28 Apr 2023 13:45:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
EBLoader.js
secure-ds.serving-sys.com/BurstingScript/ Frame 6EA4 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
content-encoding
gzip
x-amz-request-id
DXFGJ8FNXW8TA2WS
x-amz-cf-pop
EWR52-C1
content-length
3615
x-amz-id-2
cPi29FJX884FrbRZa6nT0pR/3/3CqmmsrmgDs3vVOZFWXLzF9r9j0wEovGe9ane7WWUoobxyS5c=
pragma
no-cache
last-modified
Tue, 20 Dec 2022 17:29:03 GMT
server
AmazonS3
etag
"b92fa833b298e9df5fa8ee69009adb9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
Btrnee-tfchdcYZTgr_uwHDFV4nNPXEWRZCwXISCHXh7KWOsIiVo8w==
expires
Fri, 28 Apr 2023 13:45:44 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame F923 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 16AA 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&cb=1682689543396&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fhealth.grid.id%252Fread%252F352900082%252Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fhealth.grid.id%252Fread%252F352900082%252Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-4-28%2013:45:44&ranreq=0.8140973007435375&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
95a0fc5aeb03b41aa42d828b67bf36b8fc011e110c307c7d9697b478a1cf246b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://health.grid.id
content-type
application/xml; charset=utf-8
x-vdbg
0:16514/243:0
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame F099 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031803007-240_1200_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52a417038a5a7907e179364f9881d09ed77a4988bb1496a14e92fc44a5045e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:02:27 GMT
x-content-type-options
nosniff
age
2597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179572
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:18:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 13:02:27 GMT
dt
dt.adsafeprotected.com/ Frame 69F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e46baef7-9c0c-8267-3476-38b3f5a1bf2a&tv=%7Bc:b5tnrW,pingTime:1,time:2619,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:1148%7D,%7Bpiv:96,vs:i,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2619,o:0,n:1477,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1148,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B357~1%5D,as:%5B357~300.600%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:96,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1142~75%5D,as:%5B1142~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:447,fm:tCJjPL7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C1a*.10933%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1c1%7C1c21%7C1c3%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e31%7C1f1%7C1f21%7C1f31%7C1g%7C1h11%7C1h12%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1m1%7C1m2%7C1m31%7C1n1%7C1n2%7C1n3%7C1o%7C1p1%7C1q%7C1r%7C1s,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1705%7D&br=c
Requested by
Host: d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
URL: https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:44 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
showad.js
ads.pubmatic.com/AdServer/js/ Frame 10FE 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://health.grid.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18645
content-encoding
gzip
content-length
14445
content-type
text/html
date
Fri, 28 Apr 2023 13:45:44 GMT
expires
Fri, 28 Apr 2023 18:56:29 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
vast
bid.g.doubleclick.net/dbm/ Frame 16AA 		37 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CZFiPvCiG0BaI0xd3QUOy_8vrpUxKZG7R6EgA2Rnum3pWSgVSp7twsy1ES_q1nP-YfNma1MhKJnjTjE2ZIGuvkTV-uVQ&dbm_d=AKAmf-BNl-VukEeUP1RIq1iOGODxN4C-T1Ygm-Tr5Q6JqIc7JjlLYcXYFkw5DX6X_PnhNHYJPjjx5LS3t-_hUdzehKYAOho6uKm2Iebuh_g0tZr6Mvh_omfi4ab_U9Q-rvw_OIqieSztGPeoN0SVbatZFmk1ADiVl13rhTrSvfyA8TmLX2ZeN8-jZGNq0QgzyiVGfm3NCnbybLl1awqqRjCOxBRUo5kbBwXDjI_MRdC2CNNYY-0XU70V--jcoJWl4d_CQFJpHFq9qfDXDGYGCzoux6TxiDcSjlZuE4rTONTQjcm2qlkR6kLxy5n9Dn-Mq7C95REzMgNxl3eLcsKYElFQIwf8ycMychEqY1_xJAgFc_Ke2p0f2AJsKo56T_34iE1p6JrDeqXQ2PE1KuiNKsYRIyHvOTIjna-wTzTgInmXRL7MCPxMQEQ_jrIqZWF7aygyRuNkSghSPHf7xRwXBOgaNTDbIhddK-Z0_sKuMix-hQTQIOKeW9_rVKczCdg0ehV9mslr4MGnAA7nzhBXG9n7AQsJtcMoRQMHwwqmnBMs00Q2pvOxYk2D8ZBZWhcZoA2dqg_onaTXECllECBF1Q2c8Bh4b-L1LQwkzML0EFF65i9K6dqwpNOtE7alqQhZ1cC6LPBq69xkpCgEYgbDb-7IrzT5l7N7avYSd8npnwS0aHCLpEdtm8bkiYNNwHW2wQeT_7HuNEbhg6DORolO47cP4cC8vd-cpONkVHKLJ6rBwH8S0VTLkl1oKcKDDsA2SOYADusPrD0orp8KZpklL0_UPD4fGMDCnPNyVZ5q8UYK2MxayLUJbc1yh_oPhmcQLXJM-_EPN1EaV2Kt-sE05Kz8IWP1Sk9z-04BBfu9I71mkTeby9yQd1rZXvDJSl-x9PROhgQiVpSatyJ3hq-LIjuVyb1wT3vAVwkBlSvFAoSYYsBN8YDQF-Ah25jDdmGcSkXy4pb0QWghnpXuHZucODHhbsYVI2RFqE2m43x1HhVNNE8ewDnIz7wHnNT9tLNfVJUV9coBgy3ac3SzuRCCZRpBh638HELcW2JTar1S_2_eFrFJHDRwj5uvnW-m-D8BMJSb0FW9bwSz5AJ3pEC2CAqnof13j0gwIPpf5sJdmvEIsoxBI1hA-xGcWZ8JWV5kvM23ZoOY9EN2m7J9vazYWfdde0_mYIjZusK6kuJkMCLX2yTj9LM894iQY7qDI2Zq33jxHdz8Qmnrneu7idy8aIVBomhEqIeomQLvqOKvXla7Y8q14JGmD7NdH8IAwR2T9JQ-L714WJirWNRBg9NSNwInDdsQ-aXa1mO-aOwiNKcGdMdEA2fFOQ8SRD0ECQu4vUxy8xBMpZdg_pNsOzyFy_ufwJJfJQ6987PPkv2l6jPjmMDRlvdWVCT1TrNEDEi-0B49obyxFMj3U460mXDpwdDQBVnXs-WsHA73pKP7ONL-vPui08-nAzCthzaGvvcSmatCxIixnUjoXJ9CjNHULzGEo8WvnlU8ZrD81INqj8lDZzV-OSGJ863Xc4ZCQQhijmXl7JkS-KjFfJkHvtui2CH1XqPU84smFwxGZ6vFS2APFsM6xFPuJIbygmwQHl-uVXM6GF7ROGXQjhcqvgIaQMV70p829Rk1dx-w4uQzewc7Q8DNQ0HhNGAZW2-qz7YCa1d2jLx_1x7yqmkptj1gPI0hCFLLC-lNNEVyarW9Sdfg_M80yfJLn39ZkfVCSL5Dc-n0bya36nqLvYeqZuqaBVr-y29Z_M5ApOJtq9Ii7iKR9OKokXsdhrJ7TKfJezHViE-4ycGExjkh3Q4jL07bN0rMQiUJONUXtXiG71iSMmchzWqhRaOor1EPV-FG-TJXmmrDXPnwAmFMGPQxfUq2h33FelkHZ-1U-BGLMzT_xKZn28w_7AGYh6sE6QyT2vmiuCZ_IHc5-29Vx-0sCXv-7LkSYk9VSn2O5mEXG8jj67UpqevBIHKugGMLdh9NUY9VgqtQPV9rVjh11yDtmngFuegpsc2Gmky1GuBW1TWjNNIHLlpOGlAT5UIYYEI6RzXlouc4f0l5s_SYlycu4S8fIrVgz8aKiVpveSoCSi_3NyDMhQXKkMYjuup6pekVkVqAYGQ5KG4DfTZHdLsV8ry2iwGF4kto47Zw7iE7cyhLCbs_-_RoNnZSn2X1ZszONKjazArtuFg3XteRVG0fOagerzfuNuQOuhlfidIqNBZEQQ1uPhPpJc7CC4aqY-4y-NERaRtLVJYhreGIBpi57aEBRYaz65jGytUjMOAyFunrN3AmHXoVKN4fQ4At3W7IvbW6yPIxdN92Pdauf953cbHfMfMt21S0zEczNNuMjya374bnUtPPJ-qLdim4V7PAF4yiY-CariVePurkFVAIVjTXiF9CzmyH2rzOtxiP7M13OA8YGT92hn4SuxkTS3dqZ9jYGt031yjpB4g1enuqVoYngZvaXcDbSwv5F_CXyFFXkOufQFLWNUUPO7aCzNDUxITthqFl0aYZ-_MtXw1CtUTSL97eGsg5MFFrsC9fDgbG-vxzUL9UFXGJ051ZRFXe1FK4GujusI0mFjmFRR5jmTB0SS6lBKNbhHIYeB9u55E5uBv7vy0IaEfT-qIDjdnEyZu6poN5Zszn1aTCebkgGttVI5HPlfsO982D7KXFFpj5AIIVSTjsIxDS3097H-6NWvQ9hVKeM1lylWEtJqBs3szjHEd2NzS4HEsY3O0VvNLq7E8TBkGy47VSD0dKjMbLT5MMw1V6nTxtjdzEyrBJdIjJn1OuvZyM_d2VD7ltSvVE_RlzZUy9r1kv6MBU_7oiKEs-rVw0ZOoCCle4tXCSjiM9AwmxPE6Q5IDpNJDplYksDOmBFyCS8g3tKUgG1aIdxZoEblNcQ7aUtxrazmPQPYKQy-3jzN7v31J9CzcywnHnsQwAIXzgPquGfFh99ZVKzCxqi-qInKePcK2K6iocHchGV6IQM6CTd0t3CIHOrn329dO1bsm7A0MiIcISAxOrjUCOL3cXdxTWoLlT7SKpjWg8dt5ukHpxKr9TPF40ZCyWiJ3bd19DrcsaPO4swsdBKxLUTsfKnBXN0zM4&cid=CAQSKQBygQiDltFnoOZCAD-eMAMyHX3nKA8LIT-vVUJg9cJY8AacUgZt20BBGAE&pr=6:0.571294
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156479&siteId=758930&adId=3607642&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=321&vw=570&placement=5&vtype=0&vpos=1&vplay=2+6&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.grid.id%2Fread%2F352900082%2Fdapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
f0fc52a6a8aa9e62d040a390962506c03551e4ff87665162127ef5a92fa73672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17325
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://health.grid.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9972057466073&version=m202301230201&ct=76&x=1&cor=9861339183145736000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 69F4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv340oYeDjXDug8qtk2DWcCkoAwa0qmlDkPJ9E8lhrdEqWeKfCMJuk9TW_Xxy0S48E4NfTs63rtWYmvKdWtASVOYZOCqq93niE&sig=Cg0ArKJSzJ_X5D27PsAOEAE&id=lidar2&mcvt=1226&p=0,0,600,300&mtos=0,1226,1226,1226,1226&tos=0,1226,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=34&adk=3944675604&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682689538234&rpt=5200&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EB.js
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_163_1_0/ Frame 6EA4 		83 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_163_1_0/EB.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.54 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-54.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03aea036d7101b727344ac9853097ca385fec3cb43dcd3d9763365a69df06e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20230405/1077017438/78422164088298645/index.html?v=_2_163_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
content-encoding
gzip
x-amz-request-id
3PPFE4H5B8Y6E72W
x-amz-cf-pop
EWR52-C1
x-amz-server-side-encryption
AES256
content-length
29400
x-amz-id-2
X9u1UEwLgijH70Q8qEvPOiEMlPlm/I0OZHOZ3Jdjio9fzDBzk2+UzgNaLxviM319V8kN9Sr98S8=
last-modified
Tue, 28 Feb 2023 09:25:01 GMT
server
AmazonS3
etag
"77a82367aed14a0bffaf28a08bf06724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2101639
accept-ranges
bytes
x-amz-cf-id
Sklj6xb5n1XvE-7hjzcxeHObt-e8eVLc3UTLTlhjESHFJP49wK_mAA==
sodar
pagead2.googlesyndication.com/pagead/ Frame 5C3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=3879938248148347&rc=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
track
st.pubmatic.com/ Frame 16AA 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156479&s=758930&a=3607642&wa=243&ts=1682689544&wc=16514&crId=469514287&ucrid=13681952179100369019&impid=ED94DB99-D151-4992-B438-0CE70E69DEBE&advertiser_id=7607&ecpm=0.571294&mkid=25403&pbyId=18157&plmt=5&abzcid=0&gcoid=58&ch=3&er=982&pfi=1&it=1&vadFmt=6&vapi=2&sURL=health.grid.id&vc=2
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
SPug
image4.pubmatic.com/AdServer/ Frame 16AA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?&fp=1&mpc=10&p=156479&gdpr=0&gdpr_consent=&pmc=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fpmc%3D-1%26partnerID%3D156479%26partnerUID%3D...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=156479&partnerUID=%28null%29&pmc=-1
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=156479&partnerUID=%28null%29&pmc=-1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=156479&partnerUID=%28null%29&pmc=-1
date
Fri, 28 Apr 2023 13:45:43 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
129
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16AA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=notify&exchange=pubmatic&creative_id=469514287&creative_type=78&usl_id=285585637605&errorcode=900&asseturi=[ASSETURI]&ord=[CACHEBUSTING]&offset=[CONTENTPLAYHEAD]&d=APEucNWsZns-FJEmPXwYKTI8ua6Rdbd1G31SBLRq0nrextA8OvfAwD7sEpq51FCZMmW2kRilSFc_C8Mz1qXPqVNPecNxBSBnYw
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL0wJA85LZNnAEJargQfTjJaYAwAAAAA4AeAEAg&bg=!rK-lr_vNAAb9Sbh13Uk7ADkAdvg8Wjmj5QwkP5Blsy_GF4zElYh9KQY9GZ_dh86CCtG5i6rsBXjj9WFcJevalyuioe-cOQi8Rg4CAAAKSVIAAAAEaAEHmQMmmtMrL6HbHM4ngp-APPwZekMl2xce18CGS2T4kvBvyFlhSN6hvuKWw7k_HaJuGE_k9ka6gAOIdxFNEOyccOY48qGo21_rAUWfyKOxd_AGbmPHucQw6MCDLBXFCTKOLc0P30y75fLypY29UDceca-E6GCzkjHYnPZI-PbYPvzJ0DG2wPz143KWc_yEJ5bcVYHCJO_AdQtc0il6r_5uBr4Ke7XsEW9mLqevOHeH9A5BW0F5Nwh0cSMfH1iD536BIBHyrO63t3DnNcJvv9fWuI1Ou5tc18YI8ab5nKNBMyx0DMEgE7wkJSRKlid9SZi2_On-4-nxgrbaI6v6oIVH0QPMtmJBZ1aMRfhR85TXi2qCbcFg5iesqveJiaQyX_2Gx-a_AbEOK2-ZEUAiu5G5XALnXsa0TCZ0Dhz_GH9YaBlRTCampCZw6m5nCdnFvRSWNJCKTZ0v0nMDRMRXwnz70_sZsYEG8tjlN-5pVwXXymfmllQ50z653wOlM-JEea6PE_-jI5h7V_cxd4osFXfoEL3JYPhkUG4nJwvR_WmThsdhdf8QjAlFhg6OcucQPtIhLsKzqmEBxUhV6CqLwQzo5pZ215TvaVHP9xv9habJAnU0UjLB2jfiq543OnSjZQkZqDIk-lfzq8_6Og8JXMbnZyhFaTAAe_Qt74-p0Ty1t8C8ZgjJLdHVnCV5e304_tpOXsG5zw1MHUMSgYKfi9Sx2xRtPkTJQjm4I5tRLaiLL8teAv1Nxwmb1ujr_HZJdBxco1sl-ioLWOW7WKG7VQyYBxrTAJ2WWyHrnwXM5JO7PFoh0MtL9RzoVTHl9rVhlGbR1BE3z210rP6xsUVfw2bpPTdyhA6mBtTVbbq1qBXgHIq7pbTsesJRm3iusc745vpapvfU7wfMbQbGI_ojK00w09JdAZCkbaRb0PPkc_qLQirgYJiBFurvQfWnJ9cCw211DqYW7cmtznzqWtiazKqqYVLzbqTRIMbTDGvq1-mO5nwusSOLv9RC2ShQA2_z1Dd2Q2fYoMhqEEOGGIzN5cGajeraYrtM5_y3bbv8BmFdGyltR3lj2QaO8rc
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 001C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
22660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 07:28:05 GMT
prod_studio_01_241_videomodule.js
s0.2mdn.net/879366/ Frame E16A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_241_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_241.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1cdfc1bf7bbfde300a3895c48d89681e4ae43f7b39812314a58667ad51a71fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13211610045818601472/index.html?e=69&leftOffset=0&topOffset=0&c=6ZKIfTwxBu&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4803
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:33:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 02:34:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 69F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSFk6UbuHCVkndpJYefZt2EUS9GhgDjXOfyG4re4PgOFF7XMV3W9zlBZx-qiABax6dBIQQbNtdDWtYx1Snkh9ynmFyzZJ7pECsx-8moimFo7U15YhRSEC8BAQgLfYp6fDSg9IHu67mJHOYnlwdndntW2zQXjwsdHBM&sai=AMfl-YQLnBei1hE7S64_t-kJiibsvsjiuA9h0pLsqaESup6Kd8bmm3ABJtyQs8G1XM81r3IDIq_C3cXvDOVTpVGNHSiMrh9B54P9CbJMtA&sig=Cg0ArKJSzF4nY9OpUXfQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3324&vt=11&dtpt=2929&dett=3&cstd=388&cisv=r20230426.92613&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 28 Apr 2023 13:45:45 GMT
dt
dt.adsafeprotected.com/ Frame 69F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e46baef7-9c0c-8267-3476-38b3f5a1bf2a&tv=%7Bc:b5tnCT,pingTime:-10,time:3298,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682689545167%7C%7C60a61bd129123e79bbe58a791f1d1465%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C1dace52aa67ca77953997867cf7e1b77%7C%7C02b27c57743c7b98362d01e6ce5567c8%7C%7Ccd577d0b5dd6735fee69e0f4f055d55a%7C%7C65092cef8db0a8e2eafed711a2ecb03c%7C%7C7badfb715baeba76816dd7a2ebaeb0a7%7C%7C1663701684%7D
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 823D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTpCZA85LZLbiB_mU7_UP5amagAgAAAAAOAHgBAI&bg=!8vGl8aXNAAb9Sbh13Uk7ADkAdvg8WqXo5VrOLlhBzePMQfNkUJc5Jxu6tmGGsxJHM18ec1pABTBC6pIfyRxEvNnJoq_TXCoyygYCAAALEVIAAAAFaAEHCgAvEga2dZexNg-2xLPo03wVK_EC2kWOwesVTm1NaUUUtL2IACKY2lGIdPWmvM4Bv_KZAyZmHgzGduIypVwuxzhcaESztQlaYxOWcmJhqRcbXP4Q4HLlAR8U3_M3rdA-s22RnDdTDHoL9TCsigr6B8FSkwGH7y-HPoemvyuJ7IYoCKcRT5bGcTNG0U6ltqK_1MQrO2ZapqmpFpr0JjSlNqJGOFScTuot1AFoJC2GpYLpMkODE5a-VD7x_gZUOtAxwawhanwHAUOD4rTBtZvvnJJ35HW6Bv0UWhpgXLPrHirgpx7HwRTTS6pecL0-jBDARUDJQWzL6-HFaNhFFSCm5EFoNpN82uwFMJRFPwhRHZE6hJi-hhrHprvUI6E0WWhtkdKh348Oyhv5-kDAO4rhEZx3_y0-hkGQR838eWxpCLM-j6Zf1Z3E1Ja8dq39XUWLmBauYsW9WPpCUEEMHQoQbSp8kE1TFwW_zfYXk-sRtfAViPaNvkRj7DaexRZek6t4jfj4ucTXLcOhYVWrDaSTFnQ00JBm7JhugjycMjxlBwgi6dWOsO3Dg13jeqfV7xS5YUKqbYZsxsBKu9u62i-1qklFAAjbvgioGWYQxPWpNi2S07fCmAm3Izj9DHZytfeZUr1DQEX5cC6R4VKUN8SC8j9wQZevG_s-YnGHyEL7jGdUd6Vk_cLIGLIWT-DV19cxonVbeonqJb-3FfMO3TwhKOzxgfQ9BBcKmggjeZFUSbuoq-hgs0yoVbNVVcUd20jd9ToqGF1l4_fLRQA4micwr_-s58oHkWAMEaroeD1CUWniN7qOV5jYEPl-wWD7t8GpfMh9TmQjbiQ946txnBDu0dYdp6YjN49e77ClnRa-gPPzeepvFjWNWtkt__gpQbqViA0aWX2FejjQ7P-YDTrHitVD65a2EqyXfnIw-J7Kr3zWY8HDkQMOTEj3bnCX-O5GMGLiUrWmDJmaMP05wKVcQLPj_WtsxQO-D3p6uwHOQy3SxapSIe9DFoU0UNR6tH-ORyvvkd_YV88RQmK4Ic14AoPhb-9pVx9e4EsSqHZU_qawi76Zz9MxbtG2uWZSk7kYZywDm-Oocci-i60FCyvk8C5HPvEO4xkWQAHXHHbWVeDmWGYIJZY1-oyOtg
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6EE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-SDUA85LZLiEEpC39u8PruCFgAQAAAAAOAHgBAI&bg=!HR6lHkrNAAb9Sbh13Uk7ADkAdvg8WuJlEeKaSTYsXD2bbTZR80gM3Uk66rFaqDD_wo_0hFTQ1-GLYhS6OYBRl4F9aleg6DhVYRQCAAAImVIAAAAFaAEHmQMfhimUuRhZPFDxk7_8xKzP0NorXIdJwgAmOZTXobR-Eb6eZORvQ-ZQmvCPenj3v6PsgAd5tiZjHBs4SAT4jtyjx3aBpmlY_HJQjHdwQ_lPIQkHoq6PVqO7Fr8saz3jhaDT1OxWOdsf__jtr53nAbJRSeAcYeMLCwlZkeamhhmI2iRUI4wC2oRw996m3NrvzI-hrMaTYTA7y9YGdiURcFbgbomWhGJIvkwZEl98tP5vMwm7h1vy3wokeeJlFa1tbtcThhpUxhPUAu81B4Tuexid5VB8bEwjr0F4ZIWOnrijnbHbGCvzIVu0kq40wz3tBI8bAtSO-VHvO54yJMIlvR3vfYcpDn5pbJJHbg4tWaZglq1iL5TpgKwgStGlHwG_nue08gAbPsx-ui33aM9EfAUEpZ_YWjSqrYKyy6vw-_SkbRZv0XUwas80qb4lfP1eiO84SnZj51EqHIk1EAS0BbW0F6G4-eyiOwydlGUDtWRiG0zeK8blGzK2njDBbDM6XYoXMG8-iewHNQZcsnyOOEYBwcibdbgB9reS0gn0-jfw_XQeuxe8QgSNXpFQSBpfz2DyadGqaDOz8T06FE2ap7vTmy3XrSN-UBDesYEVdJw8Ij003pqGYpTtwsQ7IjXCFcyX6B5Zm9j3AI1WUXzpOnOOlYf4mZ-UaB3O2SvtudibMvBH2p5MnustlOd4PQ0vhtb7sJj7ARGQRKHwzHX2J5I1mcUrE8CHx_KAakJKjaOrWJyB5I3JIqWFtdYGRIjChk6HDqJo23vFZzSmay_RxeT9hfORZQPtYY9HHcqqNXy16NUETzcQBYu1-LugpYd7I4XPLOqr91jlWNdTF5nJK2-z-jVXFa24nusd73liFllYZOxTM3pnCG7SnQy7TszPzliujITgcC6A-_5hHDZd1EFLt7RQo1WumGTK4EQgc2N--9EeeL-yIGxg9XplVVn8gfZUBF2tpClA5caCOrCvS7CJ7-pv1KM1DOE6S3mg8CljemIivhKUdfca1wfqlwh166E6Thb8l98-MOzKNaUgAsU1ElD3zF7JgaXk8STiUjsqCQ
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
evt
lm.serving-sys.com/lm/ Frame 6EA4 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.242.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-95.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure-ds.serving-sys.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://secure-ds.serving-sys.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B67 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcIheA85LZOuACO269u8Pgsu9sAgAAAAAOAHgBAI&bg=!OjmlOW3NAAb9Sbh13Uk7ADkAdvg8WlMVaOv7xsjElIQYLIcIvGTbiq-yvkd0FWXNjooiPtN84VQ4XzESEjqwNdPE43wArIxdG30CAAAJ9VIAAAAFaAEHmQM2kEGCXXXun3F4X65db0C5tK2WckG3YEyxEKqUcwIk8lRYHbTX8rrb9zOitpFPAItQZgcv_VSzPhdeJUPkv2eiZ-ATDW2uvuqx1Y0U4DuMV5k2qxj7shgVcSPprjSfTly7HjPRNtGFr6U9Rd-Vw56RhabXYrGGwT98Hursr2KQDixdRHYTEoIbLHwKZRg523RVEg4rp5FGzPWFLV1eK-OAgQ60rfig39l4DDeaHzO1dbpr9_Rorw5IpmCTLqX7OmpIqxj8P9MLP4HxrcP-VZv_1gccCakGs3F-kjlV9OgXPfonjvJkb40uUy4VfU4qCu7ePTEWoxqVJMU02xFTckMOO9y4beg5JKcfT4XBTrHOTB-fcCz1NCQZAzIPv9HnWN9-blhiYgc61d7RmndIPCXtpWLZ6dWcEzOS7V_y6St2B59JzD7nv4oxQSQqgS7Y26Oqj_Qp1q23uedqfZXE9AO-wZnXZ2zIOczbze4wCOBkZ-bJ6VQEvZTyUA4gULz7Vjlbwx2Ic2HvD2i6QVdwZ81Cq7IzhNjwJS22jqKPz4W_btAYS7Dh9EoFqEAnaOs7d1bPMznwQNhr8Nk09dqxf7vyya9CCuDAwsjoxAXFO8-VfxCeL-YS9lmLjCrIi41IpotHaJ8TsKkD65ykX9DwE60rIPISH-KHLN7-zJKbLQWyDic6GnDJcpqeQ2V0_cbaolloW-fsgErHCOzQauppJkW_WlbkzN2M_ZWdGzmA6g1tLi7lFyLOFn58f63YXSISmEIUP3KT1lzsG6rz3il-Fqh6cwW0XhRh2hii6GT1eoWrArxDXSdHgemOasQ8-NM7aweRSkAH9fn33Czkyt42Squmtflc-ihXlSuxOjrkrND_AQFRX3nIuKNN77tNm9xU0cqVhbs8UyWx0i7x3iE2aKMM3Z022oI7Ql5eeIRy6IVY5sUipwGOmBUB212ZqFtQ9_AXEA_vH_Zd2u8Yx2-B1oKBMBTmuYPRbOwgNPEk3k7XttQIqjzkvuHyPkjP-krNASL-0JbL3SLpMFPBQuRyuGxaI5gvbHtsKeT82jIvURIf84m3_d0Fl4XpFc4WbTbi_t-FxKAKoqSf
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 09C7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkoyDA85LZOriDZrA9u8Pm8mTuAgAAAAAOAHgBAI&bg=!lZallsLNAAb9Sbh13Uk7ADkAdvg8Wmq3DNOyyXCrKkNbd0cuedPi_xWblEDdLYANtPFzMktAOubPixrUwLhK-Y_r4zaMVn7IiXkCAAAKdVIAAAAFaAEHmQMnoqokbWMes7trS_58z03a2mHvLKpLVBTNKXu9u9nHaCIpDzfiMI7Nn7aii2Mk2qX0eTenvezTqcOyHlF3CxeHT0bfP0faS6GW04Sa1WjWf0nYhto7bmhslmusdLt5CCILWi_dlfeMcN6wnIbuzrQh5GlQ_9ucVVLcfJ4GyhoyJdlSm06hNTjdK4tvm4-FuY8Loyo9kuoLlBW4f7WPmtsKxOCboGyNtxTOO9_yp4ueGzStYOyzRXWEcficM6ww59VuUqyibN5lB92Z1YgnJADRIjKrbdsW-NFGIho1x_arq2TQxaY6hWvLUuLmyN_k06tx-Ibb87-NsSS5QIzEwmu9R7ZWdeIjllUotFm2muHUTfCf3BM5pBnKoPCRtK0kb25yR1K4BluYv9LNuehT7-Gc7z5TYLgEXQqB_AH0GM9BcC-4oscjIgaF3hvKn4s7HpFeql3plVBCj3_AsAmcpqvYDgsraYFZRLeNuTYxFbT_mt7929OLC-vowwMvRnySdEJXwbxoWD57rQ8_eDItTo1LIVsCr72bLs3RboEsJRQ32aSwfV9nrwkPwQKISnexKJhT7O0QUeNYDl5ASwcq7w5yXtKeyc_L7gtRuJ_V2sS3He3zekwHW3ifpWA1XiiPEkTI5Ti-bBpqJ0bQNOTAc-sRjlJgKJ1G572AQZfFzqDOh6422ZWoWifXzpMBMSoEqOqMlx4f5s8nTrMYgbqNpSoh15Wnbd_4Oy4r62W1j6XKa6w02MpBRFtrX7DZpJdPnvYZzyDIQjmi5o7h3xvt5hTl30dFkfbKxgc18oovmF0E90L0chrAd7QA8hlNmXMMTmjeN75pldHTJ_m4--ZliZRpSDTPKZn5YwHI4NwZN0CmFsOxnEIlFa_gonckTCwA97bBbed6E3EQz3F7GSfd4ukHOBsA7vMFmdCoeBSUD5nLKq24Xa9ZUq003Yz4T-0CeMKVp0__oZ1Jhr4XOJlcyR19HjVIzkuGFQSOSvNudlw9OcO5eGvUNeO0uHjQDxswXtg8iIX-QpHT3SGYZ9XO9KPR9h2AN-Fz9Mt7iHKq7f3f_nLNgKxps1w1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaOKg9vM_gIVw6D9Bx2fcgJQEAAYACDWy6Na;met=1;&timestamp=1682689545755;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 69F4 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaOKg9vM_gIVw6D9Bx2fcgJQEAAYACDWy6Na;met=1;&timestamp=1682689545755;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
st.pubmatic.com/ Frame 2CFE 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156479&s=758930&a=3607642&ts=1682689540&wa=0&e=96&ier=901&vadsId=-1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 28 Apr 2023 13:45:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C359 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYsYgA85LZPfsENSm9u8PyueyuAYAAAAAOAHgBAI&bg=!rq2lrfnNAAb9Sbh13Uk7ADkAdvg8Wjh2lCsoFTqyI3Ah4UmZwxPl-IZZQaiyOcA4kZPaHy0FpOjt_Avxsl_7-7vgfb0CURqLv8gCAAAKRlIAAAAGaAEHmQMlqUE3JBaNEvgSjtilnh_WKioZx6lLZrj9D4aBppH9vzva7MVp9-LglFnVr6MHnlKoYJIpfjIZ88UCMshKetKVOhV0_xQXu4epHffxJ3rthzEkYS65H0rjlu_7OxkInV9-pTLHxjtAewBE9b0DamOfRCbEcaMzLB1UJ03GLXRweTIu8vr7aRiduUxZuRUusZibR6L5QE6NlhFEGIn8iqQxpaVm8fU_EXlou216StWzKsk6smTLbFvOprpxigLNxr1Tu6aECl6YzkRT6oyu0d804c-oLA_mmzc0F6kS2UqwMX9jZKpvCOHLUl_PZD83rPm_l6JnsZ8YhhSec6DHUlMvsHQqkJ2KO_NvP3BLpktFelhJDfIEcOLZmZbNZ15dEjdb7TK9hawu0fG0p4LYJ9yoUqLlo2UlmrBP335qRqUeIxgaKrXe6wEGwzHdr_EgW0aUdRRFnGcf_j_KOBWaPLioFG5Z4ezItCnoueZ4iTjwnqWx_8dRjYyL4VTPEuQMLXgXACRoEZl6toCmtjbBFqZx2um3wdbZhQkxPFiL8NbtCuD9oEmSV6ZT9NB3W8IvgLOKzqHRo0_x4P6BjvJ0UsZ41AVoerqYZ-ObgmBbVYA599hKacgB765oZJG3n709-x5YZW8LFWOFIdZgabbegC2iSI6C3FUHPACUTLRYtZ6fmwOIJ7qjBeD5E6sc6MUSovsGZqLkYfzPRJGLamkAN16xhe0AsUdJpwRtzDpURtQaotV0YXHui79FClOIq4EBh8f1yRQwWHpwuFcYLo9fxtCt16P2Y5qWCWqm834-Wq4hv70v9Ct7AXYE7NpKyPitrD2uf4HNdWiwblEQSR4-LoMOqrnch4PmzUYYLZ_tXnPQlG0GdUld0Na84LbHOUk-WwnXqyPEm_SHPNV71rJD_1osqdyaimzJT3oq-HvH-8Rxvv6HUdQZOVMpRKiqKIyYLPbE1zhkUhBlQQGEyvqwFaLYKFyv4fbr4f01ap2k-OmNB0x3bA-wZiQdQGE8gExqPYIMLu5SfmibottYj-DSiKp__zpQl2HsSAE-HP7OC3jSh-932s-CJQ
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D23 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtO9tA85LZOziD5Wz9u8PzteesAEAAAAAOAHgBAI&bg=!qqmlqf3NAAb9Sbh13Uk7ADkAdvg8WpvyvXgPDOtPzvqr8aciViT_-j-iXC8HScruBTUH12ur1xF_N6t--s-_np65pBJ6k0MUYyUCAAAKK1IAAAAFaAEHmQMkgpm860qvXvfv5N4Tyw5q6BetUhxQuSL9c41Dyf6iaFDe5xdAJmwuWd3oCr7d7ouZhabnnzx-PSxLY17zsZnFkFITFgFqy8yG_MCwul-R61NEul3CY5yp8J8AwB1ncLG68-pKF8lO3Z50a5mlXiGsZN3I_3DXVIX1xb7_wlu0JS1meBURkvi9h9Lx53BYlXAKi3glLn16D1GYlv4wLKVBc9nq00YBg8wRbmJpS8SKIjM9HX981tB-udi2uzPtG8NTwhkSHOTTmz3pAHgfl6kYAWOa01nQdW2XgC-Tw50QmrL5uCnwc3qpo0i4UMNiM5Sp53KRLpMJEBJXUDMhpa1LszepQu4E0oLGOnDi6S4lrefCTDmTSec6lZ2uoEdfj8uGGW46G0lReibjiplOomAUP3hvNf-ua-vMpAjj3TRqTLtCp45XeMRi_UGrmNzENRhC2SaqMOPjhp29kVERlhtdwFcxj9TEj7ZuDnXrNCkIi1MsvvYPoIHk_w9O7PkEGYIT6C71kGqrqi-cQ9P3xpk14SwPgV28f-et7-04eWoeimQX51B1P6tn882IHIcMzm36X0ScXGU-IgeTJ9IoVuHfXUDkAKH3Ij9KW7GXWc8x3-2jeqja6arCvFXqTxapSEZRmmOLBEJDqe8G6CFelabXBb6DjrQORIvxZWo3FJ5duRdVBEb5os23PupzdK8hygD9EnC8gSh25IxMTGfOnE-pLmHzL-5rGfWgtKZk8Z4r9N2cPqbrknt1WZmKr_g7EAigzNA3ndvCV_zTyDdRCr0Tw2HAZacL7L8dq2rlALH11Xnv4CQu66bA4W0mjsVbUHcvqV2kmYDrQ7Ef0Ut7qH2zYF9f6BgitNuIsrzCoJfBf-HyScOMYTRSxu-7391n0xy5m_3phYi59r0HOvvvqBJbaWIdKM-8F-g-sXUfSJJb0AxOfPHmpprpm9-8egoaOgG0DnJkVka0DHrL2tWdFAV0JDREvOVw7BRwVMRLeJCNktmZBzmEX9hTxPkkuBgDI0WnjFYqjYHvC2YL6VU1JTkDKVODXCn0YF6hxQygC2VnunLm9eFQ
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFC8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV8t-A85LZJueGcrYx_AP5LWiqAEAAAAAOAHgBAI&bg=!sbKlsubNAAb9Sbh13Uk7ADkAdvg8WlyyxUcuXFwH_IMgDGKIGuD40oVQdGAEBlhWPmwmsDMGEDjrPuFko6zcNYMxKleyKGY50R8CAAAJy1IAAAAFaAEHmQM39l5Kx8rg2Z9jH3ddQeszlOn4T6_d5012cSvs76BPLPoFA1Zkz_YNYL_oPYOl5xg4ZoKFS_EOioZp7-9dpql_2lVJGV8KeQWc3ifxE-GY2qQmnqE75GpGnv49bsB7axR-6WrOMQnlCNWCLKSbq0yw2bR9e_upWiLLdoMYkjcStIggNlHhFEULmAGx8USiQ7Up3dhJDHtA3SJ4OahmN-Pxy2UqBQ6EMMgk9yUdkvPv12xStIEcIyvvXXmdb7rvL41rPC2b72yuU5eCKNzU2QzfYznVwHQmnPRU5_iRg8VF7NhZH7Hc70gF3hpQV9hWsvubHl_0gFZDvKguaFC0YUdMs5Hdy-CfqXnwqPN-MyNThllwNZ-zBJkzYtzvjkb8rH8sEJy0X1XIeDbpMA9_yQsW-gZTRtZ1S12pwT78X51Slq-2LY6L_rI1xF8G42bdSlTeJASZNX5xonso3ZWKCriXDlRrTQuL_xcqFC9FuZbYXfMo3Ierhw-d6H1YJow0QVchffm3w1Vp2_pv6yqUQ6gKb5Stad6tMMlkhzmYhwVmBghOnuDdQI29wqr9CmIvKftxxEr_EMYbDqRUPr_HsteKqFyYlWYBZfnpR_iranYblrWt-NSwbouY4Ru7-FN8norN_BwqBPUgGD_QXiUmuST2Q_Kfj7EHaw9Xpi3wWG3ecOo6MFzRUfz1I3djUhiQL3VHk-bNg652cnQBmD2fbILTgmjS80EuyBEsavQasM4I3IObbbP_17CMNd94crsR7XpG_PUziUoCzH5Lx3PMQCDDgZMLeo4nWBbTo1FTauHR9Zg8-t4KPUqDFNdKV5E0Ed6tbezZcdNuJTG1XA0jLfewqDhHw1gy2fl5rbFY6LnvgLyGIdnLErG--MsSlZMt6y2E1Zp50LhQFg9mnm7wFyTBHok4ZPIHDooxAGhvYVtMn2_bX6cn3RP9jFBwJzD9eZqdynMQ0ZaLyof9yV0dxje0n7oQKp_6FGFVXz08V3F3e-rocU6hw0ITwgpH-VVxDbuipeZHyKRHzA_HFvbiLl6MZp9av4bLDefh8mfQ81jMTHnIu895JDlirGZXy1Q-XG-gd4r1KfifJA
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4CF4 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158361&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame B751 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSB_WA85LZI3IDtHix_AP7NGtKAAAAAA4AeAEAg&bg=!FhWlFUHNAAb9Sbh13Uk7ADkAdvg8Wn7kkj5fkolH51olPyib1p7hfXgGN5oKfpaWq4tPFB7FrPwsBpufeWN2Ow6bQNpJiydaN9cCAAALaFIAAAAEaAEHmQMUeR1neFGELq7RBQFtkbOD0STsHY1xy5Krd2Zktx0-Efjcd_V0ttVqLK9sB6tapOwpuy4q0tkkmvDm3Rf4NkLbeAZk-fPKO0J6gFSTUm-YyMwtkLbS5VIYN9p57XF3rPTFlIOVTEDq7PurbWPFNMnkveRKVM3uVhDOBBu7fGCzmYizaaX0rIcL0q5Pek5ItdqZ9oOeh2FcUHBTPL75a4GTblrz8QTm4qMqwDSE9bAs3jneZ4mL5jnBlXaDLYcwn8rVo6AR-K_u3IRQnCluHBfQhMLTvhvKBraLJhz83_IFfG3jx_bLAIjcJEMCyOKj31mXrTQsnoVUlfS0JUlMrOka_NQdcCA-PE1Qt8MykfB3XaFN6o0YOEeXTRpO8jVgouIOieK7NmdqB4PyrLFqFY7HwRSPgdPLcNh-UjV-zIKVFI5B0JQnroHLm-CFKNEWnAwleA081XfHilUKKXUGxeZd1aASJsHFJWXCTrnAKENCkE7-w7jeX7vH5F7Iy7tbpsYgCrUQ5HAr47yYrI4CV47RSNEsYax7uQ7mW3HiU3mWsPgXYH5I7f3_A68DlYfWa13x8Lel37QXOgKVvuIfxF5jQGntHPPbOiG45Id-bgDoAHOl_yjburAQGYsziRQAy7p-3K0933zGom2lPDcf2f7Of4X65NIgltvQ2wGDDBudH7IA65LWzrTu_dsbxR6SSbnsVqXp4Y-x2QkXXhM_Legmg0o3GjbrJO4FyEBiIBhtA8Wjv71Pj9997ADUEtMG2xw95dYwjfOllhcBa5xZ4lmawppliEzoQ0-Z1xqe-_hpu6fCM5tRB27RPBtROSo32lD_qoEvLsKulJJ1JayuMQYX1edcAa-fMwKQtSdR3Fgm3iCCjrvKIY1BX7Gq285oqxODR9zJgWHc82XZKxnvQkyUid9FzqB1exCdvHPSI2MG4CZUVvQRqumUwPiF_Vi_YWeHKWqAVpH3imzNboRgTyEti5sjH3PfZON5VU0ahDs-omBm-azHaN52C1QaxPewJIMrm6rIP6fwBUfj4JqIaUaTvAQKhRc
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
stats.mainroll.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689545889&pp=pubmatic&ev=xpf&id=vcbl_grid_outstream_mobile_always_float&et=LineItem&cid=0&pid=vcbl_grid_always_float&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A5%2C%22pmErrorCode%22%3A982%2C%22iabErrorCode%22%3A900%2C%22errorMessage%22%3A%22Undefined%20Error%22%2C%22actualErrorMessage%22%3A%22Cannot%20re~~00~~%20properties%20of%20undefined%20(re~~00~~ing%20%27trim%27)%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&hn=health.grid.id&sn=23
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:45 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
nxAx3jVgoIFvI6V7NnSV1D1sXuzPkXAMxSmiqB9MvjPDYJQKDYVDpw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689545891&pp=pubmatic&ev=xit&id=bRjApFq8Z7iH&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_mobile_always_float&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=0&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=undefined&hn=health.grid.id&sn=24
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:45 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
rrXc-PMQzkj3kLPi7kpWH0UXLfHsnufpOy9G5K-oVu_QR37SpnsL9Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689545892&pp=pubmatic&ev=xpf&id=bRjApFq8Z7iH&et=Creative&cid=0&pid=VHJN231y83pD&pet=View&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156479%26siteId%3D758930%26~~00~~Id%3D3607642%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D1%26vmaxl%3D60%26vh%3D321%26vw%3D570%26placement%3D5%26vtype%3D0%26vpos%3D1%26vplay%3D2%2B6%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3DSUPPLYCHAIN_GOES_HERE%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.grid.id%252Fre~~00~~%252F352900082%252Fdapat%2dtelepon%2duntuk%2dcek%2dstatus%2dvaksinasi%2dcovid%2d19%2dkemenkes%2dminta%2dmasyarakat%2dwasp~~00~~a%2dpenipuan%2dmohon%2ddiabaikan&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A5%2C%22pmErrorCode%22%3A982%2C%22iabErrorCode%22%3A900%2C%22errorMessage%22%3A%22Undefined%20Error%22%2C%22actualErrorMessage%22%3A%22Cannot%20re~~00~~%20properties%20of%20undefined%20(re~~00~~ing%20%27trim%27)%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&auc=vcbl_grid_always_float&lic=vcbl_grid_outstream_mobile_always_float&vastid=%5Bunknown%5D&hn=health.grid.id&sn=25
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:45 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
drSISzEOvk-HJ3LcdwEe7tG3hCjcAhzkyzFW9hSMXz94_Jg7Tqa-YA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jTR5KmA4Hx7w&ts=1682689545902&pp=pubmatic&ev=xfn&id=VHJN231y83pD&et=View&cid=0&pid=AIt6fpTBiz53&pet=Session&fs=0&sn=26
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-104.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://health.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:45 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
sL-qD7J6RcSqMLFuOQsRLVXlgJTwc5KzTKDSaFlR37Fb7fwlRNSeMw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4FC 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGGNVBc5LZI2NG8PB9u8Pn-WJgAUAAAAAOAHgBAI&bg=!7O-l77vNAAb9Sbh13Uk7ADkAdvg8WkMU266R9nOduGbNKpFN-cwkhsdx6iiGbwaLj5nPNB1IssI5b8-bffKJKe3FAsbt9AinDnwCAAAG01IAAAAEaAEHCgBW-8BCuiHX_voadxzxKBfvmr-O8pStmMGWmaRLZxWSGian63zYI9kyAtac3dWm5V4dtQGCE2mNacGa9RUhqBuLhBWi48o6kWud7KKxTneeY-KWjT1_XlaZAyDPwuCvQiVjPTn_VTLZp0fPEfMY7aU4OZvvdhDUHrNjn4-LQwiscmowTg1sSrHHiNuV26oUSPGTzPJG1hq3szPWsakIsSyaDfgA6r3mMlW03sOKQutflECyxnxxREj_77n8VhPDexamXaROOh3FINhgyesOMRA0NScesabAtkgAjDswZDHLZJoPh6lW5Q7DjpNG-48IncSr-sd9y2bxzVo4jh_L3dY3udVL4OsVBbXQwrLc4jLPwl6sGLZ_HvCjjUG5new4HZ2ZcFomv56uzxbjGZvenELdA81LruGkBXxLosofbjlsz2zrJynTl5iU4w9r_e1Uuh-893sHe3lKgPGXbhvyu0t26oNnqF6tV33KRyDCqhzyJ5TiFdU1ge0yVrmRxw4ZpyBKt2A94y-tbvTu5xegs8LleSyR0JHmmCsssxjCbKC-nXnSA7YQhq_gQlRzncowivB40jPHCx5YfK9EosS9TnuhxaSNbCtUbJHKtoc0ODdYNcW9cWOfvTPNz-68xcM1_nNHC8OtvpeAXGnG88lLPvpeMRE9e4jODdbBgpjyYvNnxBC3FEhRMxiQadCRQJv2uO1q6dG6NtkKk8C6pcRkHbORj5gJjOdU2ZCzuQtP-uiBFeFnYhMoawp09zOgNrXjzk3YJDQzBdVEK_D5eGID6TVRVYJ1eo4t93M7WqVWRBQ4sKVkHFt0qZizK_qAKK_V_6CahXSpjf5yiKbzrWi17e85PatLBad_8b69_PtWNMcJlG9G7zTYzI-kZIY0dgz6SKJKG5kFr7l47WYty4dbvvLUqMsRxsZAYOX7H4ZuRB1Vv2PgkgoDQc5WRXd6rkmAzGmCWWBz-a7bJnusRFqVtIenbgJrk2fVInUDkocC2Yi8t8l9lSgss8e0zH1NMW1XdipX2WGP7UrQGRNKx_zEujpdyIGr1zfLgc2hXmp1G_kqOFqqivH0wg3XjVSzqjtw2nS2aI1JNyWSLHC4qGxb_VfT2BK4t0kGvzz6Zy9l_mrYMmWSzfy1bBaMkwXP9SCy-LKUhd3SDaBXXUiq4BHsOzNMoyvIlHbz1PszJw
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 001C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?E1r_Ng
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F4 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1374675650075&version=m202301230201&ct=77&x=1&cor=4042712434472144400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
int
lm.serving-sys.com/lm/ Frame CC52 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.242.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-95.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
/
c.mgid.com/pv/ Frame 7AA7 		0
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1682689546330310415165&uniqId=1306d&lct=1682553600&niet=4g&nisd=false&jsv=es6&iframe=2&ref=https%3A%2F%2Fhealth.grid.id%2F&cxurl=https%3A%2F%2Fhealth.grid.id%2F&pr=health.grid.id&lu=https%3A%2F%2Fads.grid.id%2FOSM%2Fosm-desktop-grid.html&sessionId=644bce0a-080a5&pageView=1&pvid=187c81cd85b991b894a&site=543415&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7befbf609de32ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
fee22f5d-91d4-42b3-867c-8975cd098158
https://ads.grid.id/ Frame 7AA7 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ads.grid.id/fee22f5d-91d4-42b3-867c-8975cd098158
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7AA7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SAKNE8T99VM7FFV
age
1602
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7befbf60de262ba6-FRA
expires
Sat, 29 Apr 2023 13:45:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7AA7 		836 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YX26RVNEGW9X6AWK
age
4205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7befbf60de272ba6-FRA
expires
Sat, 29 Apr 2023 13:45:46 GMT
1
servicer.mgid.com/1376263/ Frame 7AA7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1376263/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=168268954644393211200&uniqId=1306d&lct=1682553600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=600&sz=288x186&szp=1,2,3&szl=1;2;3&cols=1&iframe=2&ref=https%3A%2F%2Fhealth.grid.id%2F&cxurl=https%3A%2F%2Fhealth.grid.id%2F&pr=health.grid.id&lu=https%3A%2F%2Fads.grid.id%2FOSM%2Fosm-desktop-grid.html&sessionId=644bce0a-080a5&pageView=1&pvid=187c81cd85b991b894a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d80adb8b867c1dd9385a92ea56473a7248d1338d6eee2da7d9194b1d963c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7befbf614ecf2ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 7AA7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SAKNE8T99VM7FFV
age
1602
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7befbf61ef9e2ba6-FRA
expires
Sat, 29 Apr 2023 13:45:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 7AA7 		836 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YX26RVNEGW9X6AWK
age
4205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7befbf61ef9f2ba6-FRA
expires
Sat, 29 Apr 2023 13:45:46 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83ODMzODUvNzMxN...
s-img.mgid.com/g/15949815/492x277/-/ Frame 7AA7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15949815/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83ODMzODUvNzMxNmQ3YWQ4ZTY2NzdmMzZjMDRjNzFjYjZiNGU1YzQuanBlZw.webp?v=1682689546-XvRRBhpvpirUNCq2gmFhQaEmrvTetSWQtrPI2fQTi98
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ced9426954ca2583c3d13df551bc45594d05b566993cecf06e5b027ab0147f

Request headers

Referer
https://ads.grid.id/
Origin
https://ads.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
cf-cache-status
HIT
last-modified
Sun, 23 Apr 2023 16:23:58 GMT
x-mg-request-uuid
c57e8803-1e03-45e0-8ca5-4f6faa97766e
server
cloudflare
age
422456
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf61eaf018d6-FRA
content-length
5808
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NTUxOTUvZjNkY...
s-img.mgid.com/g/15993992/492x277/-/ Frame 7AA7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15993992/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC83NTUxOTUvZjNkY2FhNzZmMDM0NzdlMWRhMjIyZjExMmM5ZGE0ZjQucG5n.webp?v=1682689546-ayuNkRuGCv6L2kN2-pv4ECuGhWfjrKjB4VJ_7iW1-rw
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefe0bc1bc1c6d4fe06f07c40d6c4dfec463f1c4874c78bce9efe0ef1aaa8315

Request headers

Referer
https://ads.grid.id/
Origin
https://ads.grid.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Apr 2023 10:33:41 GMT
x-mg-request-uuid
08510551-5fb8-491a-850b-a8879d930111
server
cloudflare
age
196100
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7befbf61eaed18d6-FRA
content-length
14612
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
c05f6a1d9189da04d5ed026e4cc6777e.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/599627/ Frame 7AA7 		251 KB
252 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/599627/c05f6a1d9189da04d5ed026e4cc6777e.mp4?v=1682689546-0kh6ysJoICfgQYa8ooWm9Y6z-hc8Sv2P4IpiEC3NwjY
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed122527f5517e1c47d06361f58df3a975ea2fb0e60c75b22bb64b391fcf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.grid.id/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1327677
Content-Range
bytes 0-257522/257523
server-timing
cld-cloudflare;mitm=c;dur=139;start=2023-04-06T05:39:03.443Z;desc=miss;cloudinary;dur=123;start=2023-04-06T05:39:03.456Z
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
257523
last-modified
Mon, 27 Mar 2023 23:52:28 GMT
server
cloudflare
etag
"b2ab8a78e60174a18154f231c809b2d7"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
7befbf61ea575c0e-FRA
i.js
cm.mgid.com/ Frame 7AA7 		0
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1682689546619766845042
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7befbf62581b2ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 6433 		0
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1682689546644663407703
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7befbf6288432ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 7AA7 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
0CA5C8RY4B34HXKP
age
3401
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7befbf628d182c56-FRA
x-amz-id-2
kzLxsGA8+QiQKwPQg9cQQ/bnHc95S+Ty3CuN3xd3/Bl76V8vHx8I0oqBxqdRbR8/KmPEPxdi+9U=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 7AA7 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
acc0b7ae81f59b02a5a37203af5e5aa98664de269454ec084f927ab693950021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 13:45:46 GMT
content-encoding
gzip
last-modified
Wed, 26 Apr 2023 15:11:25 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=160814
accept-ranges
bytes
content-length
63910
expires
Sun, 30 Apr 2023 10:26:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 7AA7 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ads.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ads.grid.id
date
Fri, 28 Apr 2023 13:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
03032023-031528912-1940_500_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame 2292 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528912-1940_500_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d7977e2cd1894f6a5c47f3684f6560e695fcf2b5d43ee4a729450bc0bdea5b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=wWzF7Yls2R&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 22:24:28 GMT
x-content-type-options
nosniff
age
55278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138759
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 22:24:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=3879938248148347&bg=!Dg2lDVnNAAYfNdXmPzU7ADkAdvg8WoLD1qikG8u6VfhbelnROT6OLvCwCceYaud6RHL6rj-mG6ghRotrDU5X0XxwZ05dWPjEE4wCAAACR1IAAAADaAEHmQL6Wk3MHypUV1hAk8V6SVVqvD_iIces9ZChCOzRt0B3ZTlZQk_jmEChiviLYCmgZMQkFyA04Jej5L8Q6TsptXtzKdwz6ONoZQU9p3PggVTP5nFu685gFAJspCOXU8lJFXEyUhZFP2XTXFeVBGorxw3H_dn_QXEN42X_x6sFhEt77DukavSOkUM9g-NUhYlmts1IsmT96IjfZXRMCWbN1bRrT5Y5gYWNPewO-gIofkK_P057OedYax3Q7nlOxR0B86A400S7nEZ84DEi93UlbIXK9phtTxe4u5ors2S-FN1rKbQSDTvK4LF4zV5Liy0ceLE5DxrYlLYg2WUutPWBxJip5Ho0NrHuTPfvCxZVVVXuvtKd9BGP8NukHe33-3-bQPp1f6X2XqY49TDVajWwrNtwoTPDvwBwBSRVu6A4C16g1E7OXFpmNhcxHuQ5LXoteOlHxdzKqQbR9kle1KYvtDKxzu4a9O-CJocWkIGmb3BestCAe9RZuEmj5hzifJUtGYNwtMh4a652y0oXwKR2B_U4ZZYvScw0o4C5OaLdgFttD_dS54rszLLVhIzxxwnNX6YgegNevWmsBff8126Fw7FKXmg82ZDixCNYhXbbctGwqneM0kSykdte58eDEbgF1OOxOmLbFIsT4pDkrnoKJQuAR5XLxK8mtbFE51CLd7ygk5FVYdk2qqkMD7LksNCz_Hi0GSE_FGfqRFHqcz2Ld6eyWcE7NDEW7jtu913nFM2P9YgW7AjM-KbnN5leidXr9Z292Y5LuFOqXcY_JP-IkBpQ8eejgQJPFCRe-GKmxGtDjYIcSbHpwUmsPb7un4T_XBBVDzzC7469gBM0p9YMTqWpAaVXbJ-HPuZDqcmuq3mc-DXKxHY2BykaEEWOtboScGDEkQnwtsBhw-3GzzLzqux8P2mPftNOePfPGOiEsQH97sdMVqp67xehaPy0PtGjdiRVaeNW9Fn_rhgevr9eriXnAaNGgwwJkxNU97pk_X-dWMYZZzBZ1I9aS2Vp
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
231.json
id5-sync.com/g/v2/ Frame 7AA7 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
9df654f494a61d81e488f3f4dab36a2d453b9557bf32c30db689d0a79cdc9654
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ads.grid.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ads.grid.id
date
Fri, 28 Apr 2023 13:45:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
dc_oe=ChMIq479gdvM_gIVbZ39Bx2CZQ-GEAAYACCrvfdKQhMIm8GVgdvM_gIVosi7CB0rhAh5;stragg=1;&timestamp=1682689546802;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 8FBF 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq479gdvM_gIVbZ39Bx2CZQ-GEAAYACCrvfdKQhMIm8GVgdvM_gIVosi7CB0rhAh5;stragg=1;&timestamp=1682689546802;str=Show%20Slide%200;strtype=1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame BB1D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a479a1eb88efd21efcc7384ecb8c93d466da0c6021c87e3169e25164e3bf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=6SfEV6FLWW&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:29:05 GMT
x-content-type-options
nosniff
age
80201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38534
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 15:29:05 GMT
dc_oe=ChMIrPCEgtvM_gIVlZn9Bx3OqwcWEAAYACDg0-lKQhMIoMGVgdvM_gIVosi7CB0rhAh5;stragg=1;&timestamp=1682689546829;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 3D01 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIrPCEgtvM_gIVlZn9Bx3OqwcWEAAYACDg0-lKQhMIoMGVgdvM_gIVosi7CB0rhAh5;stragg=1;&timestamp=1682689546829;str=Show%20Slide%200;strtype=1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame F099 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031229142-240_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a479a1eb88efd21efcc7384ecb8c93d466da0c6021c87e3169e25164e3bf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=9e07NXKxUA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:29:05 GMT
x-content-type-options
nosniff
age
80202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38534
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 15:29:05 GMT
dc_oe=ChMIzdWDgtvM_gIVUfERCB3saAsFEAAYACDg0-lKQhMIn8GVgdvM_gIVosi7CB0rhAh5;stragg=1;&timestamp=1682689547361;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 6E0D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzdWDgtvM_gIVUfERCB3saAsFEAAYACDg0-lKQhMIn8GVgdvM_gIVosi7CB0rhAh5;stragg=1;&timestamp=1682689547361;str=Show%20Slide%200;strtype=1
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 69F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e46baef7-9c0c-8267-3476-38b3f5a1bf2a&tv=%7Bc:b5tose,pingTime:5,time:6481,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:1148%7D,%7Bpiv:96,vs:i,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6481,o:0,n:1477,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1148,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B357~1%5D,as:%5B357~300.600%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:96,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5005~75%5D,as:%5B5005~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:431,fm:tCJjPL7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C1a*.10933%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1c1%7C1c21%7C1c3%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e31%7C1f1%7C1f21%7C1f31%7C1g%7C1h11%7C1h12%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1m1%7C1m2%7C1m31%7C1n1%7C1n2%7C1n3%7C1o%7C1p1%7C1q%7C1r%7C1s,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1705%7D&br=c
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:48 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dc_oe=ChMIqvCCgtvM_gIVGqD9Bx2b5ASHEAAYACCS96ZFQhMIocGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689551999;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A864 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqvCCgtvM_gIVGqD9Bx2b5ASHEAAYACCS96ZFQhMIocGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689551999;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIq479gdvM_gIVbZ39Bx2CZQ-GEAAYACCrvfdKQhMIm8GVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552005;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8FBF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq479gdvM_gIVbZ39Bx2CZQ-GEAAYACCrvfdKQhMIm8GVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552005;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzdWDgtvM_gIVUfERCB3saAsFEAAYACDg0-lKQhMIn8GVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552005;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6E0D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzdWDgtvM_gIVUfERCB3saAsFEAAYACDg0-lKQhMIn8GVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552005;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIrPCEgtvM_gIVlZn9Bx3OqwcWEAAYACDg0-lKQhMIoMGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552017;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3D01 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIrPCEgtvM_gIVlZn9Bx3OqwcWEAAYACDg0-lKQhMIoMGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552017;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIt_qFgtvM_gIVVJP9Bx3KswxnEAAYACCG96ZFQhMIo8GVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552018;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6050 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIt_qFgtvM_gIVVJP9Bx3KswxnEAAYACCG96ZFQhMIo8GVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552018;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI-JGHgtvM_gIVkJv9Bx0ucAFAEAAYACDk8qZFQhMIpcGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552099;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1D02 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-JGHgtvM_gIVkJv9Bx0ucAFAEAAYACDk8qZFQhMIpcGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552099;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI26uOgtvM_gIVSuwRCB3kmggVEAAYACCS96ZFQhMIpsGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552100;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 58E0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI26uOgtvM_gIVSuwRCB3kmggVEAAYACCS96ZFQhMIpsGVgdvM_gIVosi7CB0rhAh5;met=1;&timestamp=1682689552100;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaOKg9vM_gIVw6D9Bx2fcgJQEAAYACDWy6Na;met=1;&timestamp=1682689554276;eid1=2;ecn1=0;etm1=9;eid2=12;ecn2=0;etm2=8;eid4=960584;ecn4=1;etm4=0;
ade.googlesyndication.com/ddm/activity/ Frame 69F4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaOKg9vM_gIVw6D9Bx2fcgJQEAAYACDWy6Na;met=1;&timestamp=1682689554276;eid1=2;ecn1=0;etm1=9;eid2=12;ecn2=0;etm2=8;eid4=960584;ecn4=1;etm4=0;
Requested by
Host: health.grid.id
URL: https://health.grid.id/read/352900082/dapat-telepon-untuk-cek-status-vaksinasi-covid-19-kemenkes-minta-masyarakat-waspada-penipuan-mohon-diabaikan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 13:45:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=DKDJGy4EDKytspToAc5LZA
Domain
dmp.adform.net
URL
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=293c98d6-19f7-4952-9174-80bcb6249ac2&gdpr=&gdpr_consent=&gdpr_pd=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

436 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 boolean| credentialless object| dataLayer function| $ function| jQuery object| jixie_o object| jixie_p object| pbjs object| googletag function| getCookieUid string| uuid__ function| myAdDoneFunction function| SpotXPrebidRegular number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| AdTrack function| sendAdserverRequest object| Criteo object| ggeac object| google_tag_data object| google_js_reporting_queue object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_standalone_135 object| Criteo_standalone_135 undefined| google_measure_js_timing object| dfp_keywords string| safe string| keyword_targetting1 string| keyword_targetting2 string| keyword_targetting3 object| google_reactive_ads_global_state object| google_tag_manager object| d string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| bluebillywig object| _ContextAdsPublisher object| _scripter object| _jxosm function| initSlider function| createArrow function| slideIt object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| block string| text object| _mgIntExchangeNews object| MarketGidInfC1323625 boolean| mg_loaded_543415_1323625 function| parcelRequired6c3 function| triggerEventOnJQueryObject function| triggerEventOnParentById function| setAttributeOnParentById function| bbExecuteJavascript object| regeneratorRuntime object| pbjsChunk object| _pbjsGlobals object| _jxbidsq object| tmpHead object| theDocument number| fmg_cb string| characterSet string| ContextAdsServerURL undefined| targetImageSelectorValue undefined| contextAdsCampaignData string| closeBtnSrc undefined| placementID undefined| urlcat object| IPUInterval undefined| targetimageW undefined| placementID_int string| lang undefined| targetimageH string| CONTAINER_NAME string| CONTAINER_ID string| CONTAINER_CLASS boolean| TestPlacementFlag string| placementQuery string| testPlacementCondition string| reviveParam string| clickBannerId boolean| AdServerCall undefined| cSafe string| interactionTrackUrl string| interactionSelectorTrackUrl boolean| WapBool string| CurrentCity string| Budwiser_Country string| Budwiser_City undefined| forkretg string| domain string| Status object| fis undefined| timeOpened undefined| timeClosed number| secondsOpen number| totalSecondsOpen object| callAdReviveParams object| theDocumentmain undefined| sidekickexpandbutton undefined| sidekicksubcolor boolean| inViewport string| expandcreativetype object| sidekickAdDivFrame undefined| sidekickWebsiteLink string| adclicktracker undefined| websiteredirectclicktext undefined| reviveadconfig undefined| sidekickclosebutton object| prevLog string| tpimpressiontracker undefined| expandimptracker undefined| closeimptracker string| sidekicksettleframeurl undefined| autoShut boolean| isExpanded string| campaignName string| frameUrl number| maxFrequency boolean| showCloseButton number| bannerId object| SidekickZoneID number| frameOffset undefined| maincontainer number| startTime number| endTime boolean| isSandbox string| sidekickFontSize string| sidekickcolor boolean| isFif object| SideKick object| theWindow object| theFrame undefined| posReferenceElement string| posReferenceElementType boolean| fatalError undefined| publisherName string| sidekickzoneid undefined| sidekicksettleiframe undefined| sidekickStyles undefined| sidekickInnerStyles undefined| sidekickAdFrame object| sidekickAdFrameContainer undefined| sidekickAdFrameControls undefined| sidekickAdFrameCloseBar undefined| sidekickAdFrameCloseButton undefined| expandtext undefined| closetext undefined| clicktoexpandtext boolean| adShownOnce number| timeElapsedSinceLastViewPort number| totalTimeViewedViewport number| lastOutOfViewPort undefined| sidekickAdFrameClickButton object| runTimer undefined| clicktoclosetext function| init undefined| sparkAdZoneId undefined| sparkCubeAdCategory undefined| sparkAdUrlDiv undefined| sparkAdUrl function| ForkAd function| getQueryStringValue function| CreateExpandedFloorAd function| expandedFloorAdZoneCall function| applyStylestoAdContainer function| addCloseBtn function| CreateAdContianer function| RemoveContainer function| AdContainer function| PrepareAdtechCall function| SetTestPlacement function| CallRevive function| PipeLineExecutor function| buildErrorJson function| CreativeEventListeners function| handleCreativeEvents function| saveBannerInteraction function| setforkretg function| getforkretg function| checkforkretg function| updateforkretg function| getLocalStorageItem function| selectornotfoundcallprobe function| CreateInterstitialAd function| showInter function| hideInter function| interstitialAdZoneCall function| rotatingCubeAdZoneCall function| clickTracker function| addInteractiveCreative function| addiFrameCreative function| addWebsite function| slideSideKickSiteManual function| hideSideKickSite function| InViewport function| ExpandNumbers function| slideSideKickSiteAuto function| callAdRevive function| getClickTracker function| sideKickZoneCall function| SliderStart function| showSlides function| hideSlides function| sideSlideAdZoneCall function| HandlePostMessages function| expandFrame function| settleFrame function| sparkAdZoneCall function| transferKeys function| setKeyWordAttribute function| sendAnalytics function| isIE function| getParameterByName function| cadsScriptLoaded object| $fdnzone object| $fdninit function| loadAudience function| fmg_getCookieValue function| getAudience function| log function| deviceType function| isMobilePlatform function| isHomePage_cads function| cadsBrowserDetect function| osDetect function| getConfig function| FetchElement function| FetchElements function| readCookie function| writeCookie function| getPosition function| getAbsolutePosition function| ConfigEmbedder function| checkIfSubDomainExists function| injectPixel function| loadJSON function| LocateTagetImage function| LocateCaptions function| setImpulseWH function| SetPlacement function| AdtechAdditionalSettings function| CreateCustomAdContianer function| StyleAdContainer function| CheckForResponsiveIframe function| GetWapAd function| PipeLineSelector undefined| TargetImage undefined| ImpulseAdW undefined| ImpulseAdH undefined| adloaded undefined| config undefined| configWeb undefined| configWap undefined| ExectutionPipeLine boolean| $hasSubDomainConfig object| _mgUserPages object| onClickExcludes object| __ctcg_65349_0_exec object| _mgPageViewEndPoint543415 string| _mgCanonicalUri object| _mgPageView543415 string| _mgPvid function| mgReject1323625 function| mgLoadAds1323625_0fe24 function| MarketGidCReject1323625 function| MarketGidLoadGoods1323625_0fe24 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_895799 function| processGoogleToken object| googleToken object| googleIMState object| closure_lm_399577 string| jxPromisePolyfill object| JX object| player object| jxPlayerCfg1 object| videoIds function| highlightVideo function| cbOnVideoChanged function| triggerOneVideo function| showHideVideoPlayer function| gotoSlide function| getVideo function| setInline function| setSticky2 function| isVisible number| _visFactor2 object| jxtrkr object| getContBottomFrame object| getCloseBottomFrame object| getHrefBottomFrame function| showElClose_BottomFrame function| removeEl_BottomFrame function| fb_share function| tweet_share function| plus_share object| __twttrll object| twttr object| __twttr function| lozad string| base_url object| core object| __core-js_shared__ object| firebase string| site object| uuid_c object| ukid string| id string| jixie_id string| city string| useragent string| uuid function| setCookie function| getCookie boolean| JX_FLOAT_COND_COMPILE object| jxrenderercore object| jxrenderer boolean| jxsellib function| jxsel function| JxMakeOneCloseButton object| jxoutstreammgr object| _jxoutstreammgrq string| _instID object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service object| element object| target object| att object| _pop object| _popIn5_config object| PopInGlobal function| Treasure2 object| PopIn6 object| popInGlobal object| PopIn number| google_unique_id object| FB object| muxjs object| shaka object| shakaMediaCapabilities object| webpackChunkplayersdk_html5 function| initMasthead object| IVS object| default_gsi object| __G_ID_CLIENT__ object| closure_lm_859769 object| JSON3 object| __buffer object| _syntheticCVList object| closure_lm_497549 function| bugsnag string| _mgUniqueHash1323625_0fe24 object| Criteo_prebid_132 boolean| i.js.loaded boolean| i-noref.js.loaded object| jQuery112405896076156010099 object| PWT object| teadsscript object| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists object| teads object| PopIn5Conf number| mdAdPosition object| PopIn5 function| setImmediate function| clearImmediate object| ID5 string| _controlsColor function| TreasureJSONPCallback0 string| qString function| TreasureJSONPCallback1 boolean| popInPositionAndStyle object| PubMaticSync object| closure_lm_104739

128 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: WmxThPVyJQeUGmCe2qspDGv1DIisP2QNzIgiITcUbJg-1682689534-0-AWWRp5uJz5wrFupyH1fZElE15AJ5MfvQNjwXdmcMX+4mXTpBUTrPsO/j41DiwNsm+tuka+YEHD2DTseJSeWaxfM=
.grid.id/ Name: _gid
Value: GA1.2.1569870539.1682689534
.grid.id/ Name: _dc_gtm_UA-19394023-9
Value: 1
.grid.id/ Name: _ga_44BZGBH5PG
Value: GS1.1.1682689534.1.0.1682689534.0.0.0
m1.mixadvert.com/ Name: cb2187e63857a4dbb49457cfacaa4c8b
Value: 452842%2C452841%2C452833%2C452835%2C452839%2C447162
m1.mixadvert.com/ Name: 60bb4ce4cb552b8f95b32637757c80fe
Value: 1
.grid.id/ Name: _ga_DEHFJ8M3W4
Value: GS1.1.1682689534.1.0.1682689534.60.0.0
.grid.id/ Name: _ga_JL4WNPXLQ8
Value: GS1.1.1682689534.1.0.1682689534.60.0.0
.grid.id/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.grid.id/ Name: _ga
Value: GA1.2.48352262.1682689534
.grid.id/ Name: _dc_gtm_UA-93462315-18
Value: 1
health.grid.id/ Name: uuid
Value: 034BD662-9FE5-4859-9C04-8909188574A5
health.grid.id/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgIjspkEAoYASABKAEw_5uvogY4AUABSAEQ_5uvogYYAA..
.rubiconproject.com/ Name: khaos
Value: LH0LWJ2U-1Y-87X2
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrRHDhDxE6iIT5APvdogVCbaTd6KyMQnau+SmvwaNDOnkyNKYWCcBeObBCYgwk868Qm1XbjHv8FWyL5hAXvaZVpodE4MNy5nr8=
.adnxs.com/ Name: uuid2
Value: 1964985283929887858
health.grid.id/ Name: forkrtg
Value: {"generic":"29112019"}
.jixie.io/ Name: jxuuid
Value: f4175e00-e5ca-11ed-abfc-1fec3314eae2
health.grid.id/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1323625%22%3A%7B%22page%22%3A1%2C%22time%22%3A1682689536316%7D%7D
.innity.com/ Name: iGEO
Value: DE%7E05
.innity.com/ Name: iUUID
Value: 0a4cb4b0f8fef72452f94f0d291c7a53
.criteo.com/ Name: uid
Value: 583e8884-b1ab-434c-ad36-10c65f6512c3
.grid.id/ Name: _ss_pp_id
Value: 123a060de5d25ea49871682689537082
.c.appier.net/ Name: _auid
Value: DKDJGy4EDKytspToAc5LZA
.jixie.io/ Name: jxuuids
Value: 1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537
health.grid.id/ Name: _jxx
Value: f4175e00-e5ca-11ed-abfc-1fec3314eae2
.grid.id/ Name: _jxx
Value: f4175e00-e5ca-11ed-abfc-1fec3314eae2
health.grid.id/ Name: _jx
Value: f4175e00-e5ca-11ed-abfc-1fec3314eae2
.grid.id/ Name: _jx
Value: f4175e00-e5ca-11ed-abfc-1fec3314eae2
health.grid.id/ Name: _jxxs
Value: 1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537
.grid.id/ Name: _jxxs
Value: 1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537
health.grid.id/ Name: _jxs
Value: 1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537
.grid.id/ Name: _jxs
Value: 1682689000-f4175e00-e5ca-11ed-abfc-1fec3314eae2~1682689537
.grid.id/ Name: cto_bundle
Value: lFNK2l8yaSUyQnRFJTJGdjJEeHJtNk1JaXpkZzZuUmNacEhWSlMlMkYyUkM5U2JWcVluRHp3dUJHVHdkYnBFUm1xa0NSY3gyQW54WDg5N1AzJTJGJTJGUDJzMSUyQkxmOTVja3B4WFV3ZUFNTjJqdTR6b1lpaXpwNjJ0ekMlMkJ6WmNvS1NuVnNzc2s3NWVFbzZtJTJCbHVJcWJMVDhic2Z6UlpJYUZKb0d3JTNEJTNE
.grid.id/ Name: __gads
Value: ID=1a4810d8d15c6188-22dfdb3db2dd00dd:T=1682689537:S=ALNI_MYURltY_TFZeYiXcT-MAj1U0KKY0Q
.grid.id/ Name: __gpi
Value: UID=00000bf1aa6867a1:T=1682689537:RT=1682689537:S=ALNI_MYunnmXmUPC4HTjOJYBd5KQ2dQAIg
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
.doubleclick.net/ Name: IDE
Value: AHWqTUnQVS4-XJJs3iagh91AUdb6cfbhZBrtgdZzXN1p-UAOfDzqimxaGw7I2282bpU
.popin.cc/ Name: uid
Value: 123a060de5d25ea49871682689537082
.mathtag.com/ Name: uuid
Value: 8cf8644b-ce03-4c00-85e8-fc5db86d10fc
.quantserve.com/ Name: d
Value: EIYBCwHuKPijAA
.quantserve.com/ Name: mc
Value: 644bce02-d38f0-7f13d-35b57
.yahoo.com/ Name: A3
Value: d=AQABBALOS2QCEK_8YkFml9N9O2vktbHAGC8FEgEBAQEfTWRVZAAAAAAA_eMAAA&S=AQAAAl3rOdTYDYAt6I-8aNwYz0U
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pp
Value: 156479
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkZmFpamxhYW4KAKh3NkoQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrE0MDI0tTAzNRTiM9Q1K6soKg_1TrQocC8CANAYpwAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrE0MDI0tTAzNRTiM9Q1K6soKg_1TrQocC8CANAYpwAlAAAA
.simpli.fi/ Name: suid
Value: DF31C5C881104EA6AF30C730DE515B7C
.weborama.fr/ Name: AFFICHE_W
Value: x2CDhpdgye7H10
.de17a.com/ Name: guid
Value: 1.2592218978760150537
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084924902158651
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu&KRTB&19420-FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu&KRTB&22979-FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu&KRTB&23462-FAR7M0FVf2MPVHxpRABiZkQBfDUPA3ozFweWcdGu
.bidswitch.net/ Name: tuuid
Value: 293c98d6-19f7-4952-9174-80bcb6249ac2
.bidswitch.net/ Name: c
Value: 1682689538
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2592218978760150537
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1964985283929887858&KRTB&23339-1964985283929887858
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&KRTB&16736-uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&KRTB&23019-uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc&KRTB&23114-uid:8cf8644b-ce03-4c00-85e8-fc5db86d10fc
.bidr.io/ Name: bito
Value: AAHNNE7Il5wAACITZ2EkhQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMID
Value: ZEvOAoxSpiB3FQ.f2VeMywAA
.casalemedia.com/ Name: CMPS
Value: 5219
.casalemedia.com/ Name: CMPRO
Value: 5219
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2bcd
.adfarm1.adition.com/ Name: UserID1
Value: 7227096539328018578
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7227096539328018578&KRTB&23369-7227096539328018578
.adform.net/ Name: uid
Value: 3752914814332197283
.amazon-adsystem.com/ Name: ad-id
Value: Ax3utLnAfESyiRlP1pmdvh0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid_lu
Value: 1682689539
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENAcRXxeBaq0a0alHZKSsbg&KRTB&16514-CAESENAcRXxeBaq0a0alHZKSsbg&KRTB&23025-CAESENAcRXxeBaq0a0alHZKSsbg&KRTB&23386-CAESENAcRXxeBaq0a0alHZKSsbg
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ccab654c-28a0-5f8d-57dc-6f0903a7a810.C2dRO2xMvLyCExnB5Nc%2BJ4Icsg5poloolTUoGX0NHdg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzKtlTCigX41X3G8JA6eoELnVm6Y.vAxJ7euQzhvnZf73577eZMVthmqiniipTZyrpMC%2BO98
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzKtlTCigX41X3G8JA6eoELnVm6Y.vAxJ7euQzhvnZf73577eZMVthmqiniipTZyrpMC%2BO98
.audrte.com/ Name: arcki2
Value: b4iVdLD9TcDT9yen00BbiuGkg!20220908!1682689539161!ip#185.213.155.166
.audrte.com/ Name: arcki2_pubmatic
Value: 97FF82A3-AC3F-4667-B596-E54CF6CDCBCD!20220908!1682689539164
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-zKtlTCigX41X3G8JA6eoELnVm6Y&KRTB&23334-zKtlTCigX41X3G8JA6eoELnVm6Y&KRTB&23417-zKtlTCigX41X3G8JA6eoELnVm6Y&KRTB&23426-zKtlTCigX41X3G8JA6eoELnVm6Y
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3752914814332197283&KRTB&23263-3752914814332197283&KRTB&23481-3752914814332197283
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1ec80eb4102cb5fd
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb=o8*Dm!@wnfH8K6pQK`!5=E<*L5?%K<f^Y6OaH8tvf@[q584+.D2*_]/BK0<jvJ/68%nugO%v4VB%nmh1)sLBg
.creative-serving.com/ Name: tuuid
Value: e616cc88-289f-47ae-8ad7-41f6bb07ae17
.creative-serving.com/ Name: c
Value: 1682689539
.creative-serving.com/ Name: tuuid_lu
Value: 1682689539
.in.treasuredata.com/ Name: _td_global
Value: 9ee78344-588b-47d7-bdb2-93400336782b
.smartadserver.com/ Name: pid
Value: 9108829653269371145
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAHNNE7Il5wAACITZ2EkhQ
.audrte.com/ Name: arcki2_ddp2
Value: b4iVdLD9TcDT9yen00BbiuGkg!20220908!1682689540000
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAHNNE7Il5wAACITZ2EkhQ
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-293c98d6-19f7-4952-9174-80bcb6249ac2
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 9087829175746998613
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9087829175746998613&KRTB&23150-9087829175746998613
ads.playground.xyz/ Name: connect.sid
Value: s%3AhYgrqiAXWzumcq1Z5Os1gxBSWSFF-Ghi.i%2BArmxpqb6WtqawLuPxHRgtyfgFiqJK3YqHcIwpcvsc
.linkedin.com/ Name: bcookie
Value: "v=2&7e1498e6-3764-481f-8be2-e82a3c58c5a2"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODI2ODk1NDI7MjswMjGALNiPVKCYoxYYYk75yC5JYZODMNQN2gNkoYiUp1B2lw==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2637:u=1:x=1:i=1682689542:t=1682775942:v=2:sig=AQHB68-dbcSbLz3g3zEdMXS8i_02ZsAQ"
.serving-sys.com/ Name: u2
Value: 88821098-c8bf-4ab2-a372-37259997999f4Mj06g
.serving-sys.com/ Name: A6
Value: 10+NKVyMbV1008b3000010000
.pubmatic.com/ Name: DPSync3
Value: 1683849600%3A235_227_226_219_197_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1683504000%3A63%7C1683849600%3A251_46_22_249_71_204_233_161_214_13_166_165_243_7_238_99_220_21_3_55_8_56_81_176_234_254_54_88%7C1683936000%3A35%7C1683244800%3A2_15_223%7C1685232000%3A203%7C1687824000%3A69
.onaudience.com/ Name: cookie
Value: 92fd7994ac04986c
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: f46a3335-83bc-4427-4d0a-ddb80a34f94c
.ctnsnet.com/ Name: cid_86fd86091ac7412599667ef71e7b5202
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 8abdb40c-b837-40dd-9aad-8891c4bd778f.451903543
.semasio.net/ Name: SEUNCY
Value: 1FB44FC460B6EFB1
.csync.loopme.me/ Name: viewer_token
Value: c3147946-7014-447c-bb74-87b8a9408781
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003%22%2C%22nxtrdr%22%3Afalse%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEvOCAAAAIAhzQBL
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&KRTB&23413-97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&KRTB&23479-97FF82A3-AC3F-4667-B596-E54CF6CDCBCD
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003&KRTB&17107-RX-c6cf92b5-9480-4d74-b81d-15ff4e85b1f0-003
.zeotap.com/ Name: zsc
Value: %2B%0B%2Cc%21%AF%D59%0Eq%21%02%B4%E0%18%9D%C8-%5E%EF%11%1B%EA%E5Blo%EB%D0%9E%B87DX%D5%13%C7%F4%27%7B%22%C8%AC%5E%01%5Do%9Ff%98P%1BX%11%E5%FA5%DCG%F9%DCO%F0%A7%96x%BF%EA%7Fdb%8C%3FF%21%18%E0%EB%D3%94i%2BX
.pubmatic.com/ Name: _curtime
Value: 1682689544
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.tribalfusion.com/ Name: ANON_ID
Value: avnseFtMPmFUTgUpMDViZaBcbFVpAldwNCnSVPparcbGHQ7TcbyldGEtZbDI9l2FoTRdMCrb3R9o5E7ZchQrN00
.gammaplatform.com/ Name: _aGeoIp
Value: BR|Araras
.gammaplatform.com/ Name: _aUID
Value: 11vkjsanzv4s
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-11vkjsanzv4s&KRTB&23446-11vkjsanzv4s&KRTB&23465-11vkjsanzv4s
.pubmatic.com/ Name: PugT
Value: 1682689543
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: SPugT
Value: 1682689544
ads.grid.id/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fads.grid.id%2FOSM%2Fosm-desktop-grid.html%22%2C%22svsds%22%3A1%7D%2C%22C1376263%22%3A%7B%22page%22%3A1%2C%22time%22%3A1682689546542%7D%7D
ads.grid.id/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.grid.id/ Name: _td
Value: 23c9b76b-13a4-40da-8eb6-862ab9da4793

7 Console Messages

Source Level URL
Text
security warning URL: https://s0.2mdn.net/instream/html5/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://cdn.contextads.live/publishers/grid/grid-health.config.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=97FF82A3-AC3F-4667-B596-E54CF6CDCBCD&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js(Line 117)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_234_3_0/ebHtml5Banner.js(Line 117)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://jsc.mgid.com/g/r/grid.id.1376263.es6.js(Line 270)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a907f26cda6955fac87ec1c220e6d55.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad2.apx.appier.net
ade.googlesyndication.com
ads.grid.id
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api.popin.cc
apis.kompas.com
as.innity.com
asset-a.grid.id
asset.kompas.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bs.serving-sys.com
c.mgid.com
c1.adform.net
cdn.bluebillywig.com
cdn.contextads.live
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cl.imghosts.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
code.jquery.com
connect.facebook.net
content.jixie.io
core.iprom.net
cr.frontend.weborama.fr
csi.gstatic.com
csync.loopme.me
d2wy8f7a9ursnm.cloudfront.net
d5p.de17a.com
d67696bc017c369bd12aad494b26120d.safeframe.googlesyndication.com
delivery.r2b2.io
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
health.grid.id
htlb.casalemedia.com
i2.mixadvert.com
ib.adnxs.com
id.popin.cc
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageaws.popin.cc
images.outbrainimg.com
imasdk.googleapis.com
img.youtube.com
in.treasuredata.com
inrecsys.popin.cc
ipac.ctnsnet.com
jsc.mgid.com
kompascybermedia-d.openx.net
lb.eu-1-id5-sync.com
lm.serving-sys.com
log.outbrainimg.com
log.popin.cc
log.r2b2.io
m1.mixadvert.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mcdp-nydc1.outbrain.com
mixadvert.com
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
openbid.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
player.ivideosmart.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prg.smartadserver.com
prg8.smartadserver.com
pubmatic-match.dotomi.com
pubmatic.mainroll.com
pubs.contextads.live
px.ads.linkedin.com
r.popin.cc
r2---sn-5hne6ns6.c.2mdn.net
r2b2-emea.adnxs.com
region1.analytics.google.com
region1.google-analytics.com
rock.defybrick.com
rtb-csync.smartadserver.com
s-img.mgid.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.jixie.media
search.spotxchange.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
st.pubmatic.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
stats.mainroll.com
stgrid.kompas.com
stream.jixie.media
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.teads.tv
tag.adbro.me
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
traid.jixie.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.pubmatic.com
video.jixie.media
vpaid.pubmatic.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
ad2.apx.appier.net
dmp.adform.net
green.erne.co
simage2.pubmatic.com
sync.adotmob.com
103.132.192.30
104.111.217.42
104.18.24.185
104.244.42.136
107.23.195.49
108.138.17.104
108.138.17.29
108.138.7.125
110.238.107.108
114.119.175.30
119.63.193.220
119.63.197.136
119.63.197.150
119.63.198.143
119.63.198.180
119.63.198.188
119.8.163.248
13.32.99.108
13.32.99.86
139.99.33.191
139.99.50.243
141.101.90.96
141.95.98.65
142.250.181.226
142.250.181.230
142.250.185.162
143.204.215.47
143.204.89.91
146.59.148.16
146.75.118.132
151.101.66.49
162.19.138.118
164.92.213.94
173.194.76.155
173.231.180.197
178.250.1.11
178.250.7.11
185.29.132.245
185.59.208.177
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.221
185.64.190.75
185.64.190.79
185.64.190.80
185.64.191.208
185.80.39.216
185.86.139.94
185.89.210.141
185.89.210.244
185.94.180.124
193.0.160.131
195.5.165.20
198.148.27.140
198.47.127.20
2.18.232.7
20.43.132.133
2001:4860:4802:32::36
2001:4860:4802:34::178
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
213.155.156.168
213.19.147.45
216.58.212.130
223.119.20.23
23.216.77.54
23.35.229.181
23.35.229.56
23.35.236.201
23.35.237.86
23.56.202.187
23.88.86.2
2600:1f18:1aca:4280:cf6d:81b5:bf94:c60c
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2057:7a00:1a:ba5c:3900:93a1
2600:9000:206f:2800:16:d4d3:a440:93a1
2600:9000:223c:fc00:a:5b2c:b080:93a1
2600:9000:223f:200:8:48e:53c0:93a1
2600:9000:2250:da00:1:420f:ab00:93a1
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::6816:31fd
2606:4700:10::6816:3556
2606:4700:1::6813:854e
2606:4700:1::6813:874e
2606:4700::6810:5914
2606:4700::6812:19ad
2606:4700::6812:c2d
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:808::200d
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c0b::9b
2a00:1450:400e:3::7
2a00:1450:4010:c0b::5e
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:8::c16c:9913
2a02:6ea0:c700::18
2a02:fa8:8806:13::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f276:d2:face:b00c:0:43fe
2a03:2880:f276:e8:face:b00c:0:4420
2a05:d018:d29:3601:5e70:3935:160a:9425
3.73.242.95
3.75.62.37
34.102.163.6
34.102.253.54
34.111.129.221
34.111.131.239
34.248.248.159
34.91.62.186
34.98.64.218
35.186.193.173
35.214.153.92
35.71.131.137
37.157.3.30
37.252.173.228
44.195.220.48
47.254.199.63
5.196.111.65
52.220.229.2
52.222.206.51
52.222.236.21
52.29.121.87
52.46.128.147
52.57.62.215
54.155.133.203
54.155.84.200
54.169.169.4
67.220.226.234
69.173.144.138
69.173.144.139
70.42.32.95
76.223.111.18
77.243.51.121
81.17.55.112
85.114.159.93
94.23.153.171
98.98.134.242
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
014d7fe9e37fd7ea12010975a66e9c6c40bcc0f2e1f281af694d72980e42bd23
01673a661f91f390ccf8fce73499126259f9fec05dc8aa8ad1377556e0aee6a6
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
025e1ffaf2b42d0fda6a591b2f5ec81ecc1dd0d16aa1b529a691e4382f970db2
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
032f8bc8c097a8a75e34561fd18a4bfde7c48eafd5deb9584838a9a1ef8de155
03638bc68faebcc4acaef8cf76412ca41eeb1747d5c8242dd86a020c8344aa82
03aea036d7101b727344ac9853097ca385fec3cb43dcd3d9763365a69df06e41
043b855c237ef2b5110343dfbcd980267e44e97bb770d3e0d9b02dac2addd3d4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06373c7982d2ec1613c29e5f4954c2479158e9bcbffc39e0ce0b09c7c9e9939a
06da785813fb88fa53aa264bdc972cff651b0ab447fea11d0bca4a2794678739
06f6ac0647eb0fea0953a420effa243b4f0426b3975d49d04c59144889ea2df5
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0b6f7d3163f12bff50d9de3278eaafa8c44d1762120cb9e394600d2fff92b287
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c394779971f0c21a34edca73b12f190aba976711c1b0f164400413d4a3828fe
0c688d8ded0bccd109fbff45983684ba602af9a692302b75de61980c069c6cae
0cd99ca2bfb922fb3c52fa43f406bc0e1412628943e6c216c5f002dc4a50e852
0d008c0a3f6ff59b87e7d8bfda51021c2bd462c33d66118ba69c3fb9edabb4c0
0da309d2da02823e8895c23d2027acf0a07d49ba4efe2ae142f0ad9b467a3014
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
0ff67c97b157b9ae7a94c8dc9d136d6ac0b17ca927f48fd56b455b4a3b750a81
125c9212ccbe3d3cea506b8636b45bebb83dc30ee662c4f3386b9a026c83843d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129753303866eab33df3758c24910849b68ac7e287b7a6e7f5f146cc0721270d
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
1602601758af40201d0d28cb6883ce194bced6247eb561015371451f27599340
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1874f5a1f165d0a588d8a3edecf3eb281e4530e4db0503e783780b734cf02dd1
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19ebfb26fb44c94f1e79d680192b2f4524a1c0a6373378cd342586b4e8b2f16f
1a4a88b5fa3475335506f412d847d4d9b89b50f720db8e4c3bbe9c7773681e12
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
1fb6f1b86e731bc496499ac847251c2c7ba0c1cc565289806786c01931379fde
2100750f756ddf0f30671e283e36ac283c3428bd9ce6720b8b40f25810816267
22c91b997a279af6250017c6f556f9687f490faa1fa4e2b1a1dff72a39d57137
23e5c08cac53d2d04e815d7f211797319b32be9ff189275dc5329feb791b7ed0
2420eb3c442320b1f958bd28fea988c51332a5c80dda35aea85427148420c67f
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25395ce3e854ac28b091b423bf41e3b42e862e4af130167b78171da98366f216
267854b1083c97899a2c8cfdb8fa73ce3d3ce304d04145f330654c6a94038ac1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
27101d3658a60be2ad7c9802e965507b68424dc45e1892bef386adb1094e60d9
291cd06397b3e78a6c3cdd0b05344064f95d7bb1fda4fad8703412a29cbad4f5
29892863ed6a43bcac89e06a2f3632b5df38395232accc6bc953bc2868376c80
29ae66060b7f121cc2e095a336002d02fde9e9b0f7f972dc251128f0e58540c0
2a9e0440f6d7e307945f9fc5e65871f45d2c006574f93959e7aede47e763ec91
2aae7aab0d95de1b9315ce8b1d01ba1366cbf4be59751ca43f7cc08d1703707e
2b170d0f170c8bf15eddb42622363b0a1a6a360f1f480432b600085c102e5e1d
2b8e286e3fc1e9daf2c95191f8765aa137f574c3602da3cb30f47f6bcf21ce14
2bbf6d07c92d485bba6c0adc32a03785eddc022a77eaaa73f450a137857bbc4e
2c761f6efb7b0c29ae522ae9551dfb2cf89102816bff0981561ad0fea477d59f
2c941e4f096905f203b29f9dc2b7563020d0057614a55e8b77d296108819d4fe
2d1e359bcb01f052f6aae20c04a72fe98f7e25354f64dac1b733c96cec0b77f5
2dc50ae65428d79405409ef55d627783ee8e7f1c5f668d96a3ad715c2e301e0d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2ef5fcc8b290d6df2168b3d2d07d27350735f27ce1706422e6b6cd50fa35f107
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300854279a71f064b5f1b2d2cdbe71214e597b5b164caad2229a2032f47e7fce
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ced9426954ca2583c3d13df551bc45594d05b566993cecf06e5b027ab0147f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
339e892881c7d1e89172dc6c2e16ae37bfeb3b49b25e6dab581c50ed38132321
347ca7212d60810aac86cb5e7ecd7a73c9899a41442b55e35e0f59460e4bb832
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247
35cda10301108a8fe6ef37fe10171f2b1362dc48b8c2a27cab1aeaff143fd430
369fb34ae20b3e5284e62518b9b1b46f11b2cf50fe7cf0885b4c0aeb082aecfc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37e13d8e286e8ea7f782b3484247ae4398612f0e2ce7ad7b26d3ae7d2ac55116
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
38cd707764af5e7610feaee1542d30cfd86a74d0eee75df12aaf6b1d0ded65e5
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
395935b2ed248df7eaaf8f85235c19773885984df8165df1acc0efd3e39c5ee7
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
39dff9c036ea060f330b4fe5155a1c40c05dbe3c855cb570bbdf503a688a1de8
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3ab37db23e8db8ffdfd3daf6a403d1a8a4a4aad438fc379a72bfa4aa18507ad6
3c5182993905dd1648e5b0267bef0a3d687da782dd1966440aaf11f2b20cd663
3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec
3d1846ac6379fa24aa003e1aeaa072991a79378b02e2b7a0f4537cddfd6ef57c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f73768613f925c342c620a9bcd75ed2c122048a54f092fae9fb73d7caff460e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
4040e04124ea531dfc072f90d959d12dfaff5622d9adc404c8f4469d7499caa0
40a68e41bee33b3de01d5e366b4967bd061b5c649aca000a48d491413fdfb7c5
40e64baaecb1167c8b9d5dbf1d845e8a158c9cb58029288052884e46c816a069
41a5bbe4a497fcb545737366bf0bf06ce06029d7d59c72081e723c88992b1dc4
41db42a288c3babc3a6508928fbc02e1fb16ada9422273149b27995889c9073f
4287533deeba3e70ee2ac903b7492a1891442ceacb4bb210169718e206348f5b
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b9d978568a7ab2c1f21a6502ac72155cd6f1fb92de8b1ad995c3da16a10a58
450bb42a171b7c0390732992ce3ef6d6da422c0409d5fc91ebe3cf87b875ec9d
455becd139d64a530b9f539876695b132493b27d972a8147440b09c31d7bce41
456a2c4bf0326f0bc407ade3ff759d2cce698028122cbef274da51e06062f078
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4816e7551f3c0bcaf0bf31c6af27d9197c2677eab98b4e8b8cc9414cbe5cd814
482aa80c18fe97787e186f3d5bd8b80dcd8306da4cc027544dfb5d29bb09a543
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4af86d66ea8ef25309ec95a02719bd7ec6f1dc9e36b76ba00809354844bf88f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6cf1c7c2be57da3aaf34a3fecd3c6b9002672bdc6fa4cd73100739a288c34c
4beea9d091742d06b65c0b86ec988202604b805e65c0e63a3b165b52416337d9
4c088b4dd0d1a5ccc708e1cdf4dc6cae55b0bf23769b8976adb73512d694a330
4cc6d96be7288c37a428bd187ad55083745f84c197413a805a87f700c811325b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4da12016c86d20fd4a774424b56b3c0f9d1a3cc108ffef7fa5e875e5ecaab811
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fbe7f87aa340de13baffd8b52770877e5c29dcb9e49bca49e63c16d0048510e
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521af6605e9d51e73c9ff3caaa44e8f05b520f55894fc2bb4d299f1077b1704b
52a417038a5a7907e179364f9881d09ed77a4988bb1496a14e92fc44a5045e61
52fcf9ab6d40dae8ccdb14001de9f88166f017e719830277e869cbb73baf400f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5941e5da6edbba1dc96d93b85dff34f56211ce2404b0f669ef2cece527903176
5a04990cb63f275870ed0a1babc05118813d72097e39c18fa7b62a38bd0f23d9
5a271d0e5892d3a0e1635af56f4922c653f51e0611372dd5e00a1e89c77209d8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5cf3f1ff3b9e68a6faec8abff814b05d2e09059b86b6242a8675dffa3cb78916
5f4575cd804079f0ad8613aca964acb76cac9b7988ec2c04da952f0d5d35b224
5f749894f6fd95b21acd612b16145be696306cac6956f585a29251513e5434c4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
628cf6bc266d3cc7e59d5b57747056cd10668b177cf3c618639615f81e8d546f
630769985f89ffa7c93f5b14f2172a5d9254602532699b23e0830bfbfda9b337
635f02993243061bd36f3dc1c75e7a8b3c1d44aa9be7697d94dce6cf453e819c
63d3ca66f82e13b0878a462965897746b9c39abb685fc022f1da615654ecb5f0
63ff26103a9090d395ddf49da6fb81901db90bdd37ddf86efdec251201555222
648f19750e1743a5b99b146aead04560a24cb778fa709d4fd524745ffbe0fe6b
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
656136cf92d62284887324cf2f49d5fcc708d9d63750670d9bf17c58654561c8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668daf4f00c81c3d83f7c833c332e247aab6c8b20ce28d9d428376e8d09a6f3a
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
67a09458aa2b97d54491755dcf3d3d00298de54799b49fded2de6db24e103a94
69db46220d7044b46e129a69b0e3ad94ab0bd4ecf5e82369e969ed936c5e2618
6a0a5c5609403e50a964e4b1d8bb6fa4cbc0f15d49ec32e3c5a36b9e9a8a4a54
6a44064eb80d0022edec5cc6e7348d55e7653a57b2a9286a19fa46b7e076c18c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b2f326caa647b2721ad01e623d12b367d7656fd87b852a13d60d9b230ffa946
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c679157c1362ade788c0289ca8d7ab209684a91d1d9becc9d7d902f58e25ab1
6c8e6eb903aeabcb1b491517b59e0cc3ab67692c9dda9999f728189bcf73177d
6cffbea1b3aaf749587f19e7713d17192b691c887f68b94791e8ee337985d874
6da06e91c350c7fbf1a9ad3063aebb760df1435cba455ac3a24eadb22942e1ba
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
6f0342383bc9e1e70756e8dd4dd70a3c5c2afd7ece9eca1f9550589d94e24552
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
710ebb15f3d7258f83f9e78c844eb86dbb07b13082221088facf88e226bac76d
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73313bf72936d61d2cc21d5d850e94789f26667d868926fc0272fe1f62db953f
7407d52430657bba6899ca3ec53127c1053238e4a309c37817cc34826212cd16
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
75f73129bc477032125b5235e71e2e9e66bf87fb2eda4aad151ba9798e13627c
77409a842a27776bec0eb115ba6baae4ffcfc77eb0971808ddfefb0bde0b5231
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284
77c4f243280e815a8a4b843b3cd3e49b711b45c6fbc15ede1169270932f33510
77c8c6f2fd0a6e255531807e2254e793e8c4f00f2c190c40ef16da7245f71c69
78713fe18c2a237a284fd105b196cd0ac198e0add10448c4d09dcca779e6a21e
78a4a0692d8778f558d454bcbc01b0f5b2375543aac034579a166688ac92c4d4
78f21e3dc1aade746a339f6dfc049ab5f9465fb004527513d0fd1468523a94b2
795c86ca9140f5ab15efd64e171c82cfbd4306cbac92d9a8d766830ab8587ddf
7992801366895c2ca81680632c761f7bd76658d26dc047139983f0d6147d4827
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a0d0b9e4577bbd3528905ef263168d28db4a97ab863f69645eca3a485a0c8cc
7a99b8eb40b91718c44d7791e97ce94d44fd07fd29b377b8a33e178f3987073a
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7cc729d7ef43a35f7c25a0509cf62c2b0ea648281f1ffec43e57740e8bc54db8
7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06
7d7977e2cd1894f6a5c47f3684f6560e695fcf2b5d43ee4a729450bc0bdea5b6
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7dd6d65899ac0ff6050221cd39ab804bc4862a6b70428fb93f2916b66c995a93
7df1c5befd2f9b8b9128bda00128b9a8105f006e6758a52fa67b25d9018b1a81
80d4fad1fa946b25a60a3c8edea0548372bb995eb717c6c823e8cbc89064d04f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834a0cd8c915782180b7726c1531fe05e02e2ae5c6243ed0da865011abe93778
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5
8516e0afcb0600974ce6ec6444efea1518b957fe79a0c91a572ed2527df6ffda
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
8562070f0843437db7f5ebd12b884ecc6b5ee8c607beea8a93ce4a50843f8cac
888e5fbb6c02233e7945443cd860a12f41246737fe10bca49e067f2001862aed
89af293e0529e75638ccd0b9f20854277f4768694c99578cad533545e00f1633
8a41d8ecc60bc823f710be5f41f4c6ec128c644d56d78c3366d621937b7b61bc
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4c3f81037f03d7851d0dc5bdc30906d542303fad118bd695131a6bd1116dd8
8ecb5d420d66b3bf0663f906da9469bed70b9b149c849ecde277988801eadefa
8f64a10fdf4f618b0727ea45a8b6a4136c62f6ffaaf7a8b7eaf4fd162be1757d
8f890e4c8d8fc78ad8cac463eecfe9e6b6e3e6e160f9641408e9bb4210362a3f
908b02033cb181b4ba53ce5548132b27486b3be34677c7a5670b1c7d0b4cfb15
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9529b0a64a297463ef67485e060c33abd87638cb8a07771b50d7766afb0752ac
95a0fc5aeb03b41aa42d828b67bf36b8fc011e110c307c7d9697b478a1cf246b
960e40684728fea2e042004e990e2e95bc8222eda7c4d559f0a73bf3fff7b9e3
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
966e35af09560f03c1ecc53c980006942d479d970ce19b5535e1b68c8114cb64
96b73c29c11ee46cca42ab7876d1ab3b78f5b13c0179c8f3f8006d543505cbf1
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9be08c21a7272ad196c40d5456f0032c89f4e8371849f1f6b0389c78f270bc27
9c5b59af5b6c86274a718bbe2f0aa1b326aef14e211b10c5a3bb6bdb7762c22b
9d9e3a6573aa8912c37008ecb47117eb9692807d0e900057d6d142433da3fbcb
9df654f494a61d81e488f3f4dab36a2d453b9557bf32c30db689d0a79cdc9654
9f28d9f6129b9735f17cd2cf2a6bd6951ab9383e5487b54b05fc57ab3a679bda
9f8eb7df3fbe2801f66be5ed819a4330a682799f8b101e4467519bb398eb4d87
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a17ebe790c0dc8c46de3a4ceb23215091877052c5b99a6a2f9cc746055326072
a26ed7e6d120d13306933dce863ec9db55532263c7ae37a29ab02dc2e41d236a
a4296c8d99c235b39527fdc60fb8774a6d719075e2713c30af08d5d0dfef785e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6880ce1cd4c2cbfc908fc7236838231a254b97f9dfd3b585884439f35beeab6
a68fef4ce7cd0b5e860e4cd6fac6468cc45feab3d42049542222923fa0a38775
a6bab38dd771d4056ff9339cfec9c45abd47461ab2d930e4c165199e0438dfcf
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a783b1a6018e7a612f5d0eaeba58b46240cd19fffcbd5a134a260501d4b73ed8
a78bbd7192e549a2214a6f47a7594a2a580ddbe7ce53b4935c72023de6dbf717
a89d6e94fc104f94c1c5ed0655ab04b5e21b566209a4c34015f568240d9583c1
a8c8f5a5eaa5ed1212829b96a844ab27a112d067399b838a98e61a676d24d5d5
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa343248b191d3a84f8a769251349eea96fe41aeaf7931398f6b13e3d86ce02d
aa432040ba5c13d5e931c699e258f9fbbffd5276c6463e306473bbb15efc52cc
aae336abd5e6ee1d571aaea262b90f26d91e96e32ecb026127b283c48e5c4907
abac5870a9c1ea59ad4d02cd7e0a7d179fad72344f9c1ce1b91228728d1bb888
ac1bea1a6cd25ab88d6d551a0ce0c4cc217dcf27d10e73b6d0a89a5197ff35ad
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
acc0b7ae81f59b02a5a37203af5e5aa98664de269454ec084f927ab693950021
acc8668870ce4533ac70038bbf44aaaa7b91be2ad4eaef00bcab8643aa5f9e6f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae63ac1e1efeb0aff984795cbb48aef235c77158cf3e6a120f99e1d9e83b03bb
b0824c87c3bcbc6399ee910c02abb4eb88ba103f4395b1826d7830817a051a99
b0d4153897be61e843baba4be43231cae1586f95537da54a7ff680171f3eeb79
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cdfc1bf7bbfde300a3895c48d89681e4ae43f7b39812314a58667ad51a71fa
b2dac81a437ce5b7a50e7b72f37faf10c1ea20da05aec20ca2ba39dc31e0e618
b39cf3025b7fec9fa5e42f926fdd547cfb4248c0133913cf372ed5c4e9c3e99f
b533bd354791c2cca309a4777f0cd0186c5b7194bc73bec261ae9250d3e0b9d6
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b68652d8acf44ce2e300ab6df7f41d76a25f5c30e9bc080423adbde4243e2fec
b7c880bf198b4d549fb99802e192c551a07dd7faf9b5c1d73da6362974898044
b8099fb062b5dccaf78f56463d3dd7f2c4ff0f76d34617c517eeba08aefbc343
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
b9097a92dc58b6cd3880cff2f7277a3c9b76684e5096054b185163eaf48293be
babbad8a7d1053f124392af6a215dffc5af9e8c36c5dc60ec15b1a516a2d2772
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb60999591ee6ddedf020d92888094d31ac04cc90199ec3c42913993161f7835
bbd0411a1b54dd09c393f94faa87501541c559767ea17d891e40bdcfdecc30dd
bbd1d77621bf718d97f2c105042ac0bd5a5459db349ee8b7695d0b636c761caf
bc13921a91dafac60dd05306b23424c5d618b5e3b1a2c5894ef71864a879d575
bc74a7bde782e5d864fa129b87e19780da625271b030ca5dd40b51d98659edf6
bed122527f5517e1c47d06361f58df3a975ea2fb0e60c75b22bb64b391fcf6e1
bf4db2f8f53ab2893d0c6da9df4b76b4246c23857c74417be7a63d595107a3ff
bf509ac01688349b5a00186efb450b2b914a5c14816422de1bb3ba6b32393c7e
c00baa2126271ea1117a6f5efa92d019c02261d076d306c9abf134ae84c13736
c03ab77d714ccf8fc6539dc5c1e6656063086ea62a9052df4304d261c8e88c0a
c0c34b2e1fd7ea13986f74928619cf3cfb44695216db0df70c7db87e7db6a923
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c3b0bb86c444d3af0de2f344d5649f3dea22b78006ec660b8c57a9d3099ee1b1
c56b20dc5743791bdcf704fce8e445e3565a3e0795436290b4c361af1faca48b
c5702531ed489db7b6b59902ceae31e57ef74890aedcc4d4b1abc348dd723d2f
c7d80adb8b867c1dd9385a92ea56473a7248d1338d6eee2da7d9194b1d963c4e
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c882cfe8a299ca410b302d9bf7a46332fce12fe63fd373dd7212d4e5f3989438
c8b88a3b6eb14c181238be3395fca76a967c1918f918eed36e0f03c4e9962b19
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7fc0d9dea60259cd47ac9185dea859cf93cba538b4fad5bd43c92f91789e74
cc0342a245f656bd0d1a3abe1668ef9b557f0e74990bc87952478deb7212a19f
cdb74d4d60bdffe68750c9495007f9aa83f19503e312d0d1ff8f52dc94bf2155
ce99e1ef0a8b095b8493b6a5ead79bfcbf298b90d9f087eb6e53dab34041cd08
cef0463aa11a4b36027f7698c218ea8f8427acb57087016c82bee242732036fa
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d0bdc7f12f47654c38b92d4f4884b6ee9fde6d105937de91e2257a4ae3a606b4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d172ecc86c494ee8e8de8cd7e5db84f0689183174e6546d57e8d73984ea47c86
d1a479a1eb88efd21efcc7384ecb8c93d466da0c6021c87e3169e25164e3bf8c
d3cb26cf3f96f84c1ee6cc1abb3c84798e8618313f4371ff3d76ce6b5b4aff6a
d7376eec3075bfa1b4fe198e724885772b1d803c0a64cba9c91187e768d86731
daee5339da0351f0b596284a85b2e71533e54cea7f8fae1f547c2f1e1aa91f77
dd1b7b6f603a148d6f3fb701585274ecc3fad1adbf6ea416ab24c19f89427270
de7416ea93d5748d4a5e1d46e9d3c7e6df20d67a76fdc613f15acabfdf341b72
e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5
e01225cb7adfe0fedba2e955c952bdb38594d5f3413acb856defd77d32605b8e
e290dc1c1687754eb993a52f862922cc66e154f394ce48500901c4969c1e0303
e2d562d8c984b21383db1cbae9e999e38f5eafe67312242b2319f570e8975e36
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5f3227e2e31b1212dae5f7d5efd24656ef31949913b16585233c0404067216e
e6040019a0efaa88de24b8c8c6fe247c26418220aac4d51779a004fde113b334
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9bdc03b02fb2ee9cda29955b68b5b11c670c612d868260738cedc2270996117
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
eceab14afb6511a91b9918fdcd008cfff68609a27d9d43bcd932ef8f56ad3f23
eee7d0e02b19240b6d9fb30de1b6a366345b05adde615b8741d3a32fe3dd9358
eef2525c2fdb145070cc666174212f34c138606674ae23e4a7d035a88282a048
eefe0bc1bc1c6d4fe06f07c40d6c4dfec463f1c4874c78bce9efe0ef1aaa8315
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efed81850e59d22324b788d67c2df5462c4ac3e5d7fed27e88d7cba5cff754d7
f0fc52a6a8aa9e62d040a390962506c03551e4ff87665162127ef5a92fa73672
f2143dd73b717eeb668e7a10162553dfde18d8faa3b96f30ef67f9a78c4a6f85
f2986eb25c1bb5d3076c2efc2970a0443e343e833506ec246b3f3938fb12b338
f498acfab40dc89548d6e8038f9ea963b962f3175759662722af93db4ba164c7
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e13b65aa8de4d3bb4345180f34c13d57def9fca43c909bbc85ce526248b335
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e4e5372b8b03f98e8461f9bd5ad748daea5666b3d9c60e2cee3becc42982e6
f6e67dba822bfb126e761cb43bd577ec245f60c6e222379a1d1144a02e7713ab
f72b717dfeb18b0e513c0ca4dabb1cca150a35029e0fe0ccca1524beace1b696
f7ffa6fea5799287955bbccb8247344d1b93a2e2becfc2c7ccd92b44b9279bee
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0
fa0a88c51b8cea7025715b8adba139f47a8c9ca198e390ac108b7b05d7bc1606
fc12ea0f13ccbf067370db395a3d6562d863cf832fdcc8a030386a656a9b5aab