urlscan.io logo urlscan.io
SecurityTrails logo

bonus.cekmedia.my.id Open in urlscan Pro
103.134.153.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bonus.cekmedia.my.id/
Effective URL: https://bonus.cekmedia.my.id/
Submission: On March 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 37 HTTP transactions. The main IP is 103.134.153.80, located in Singapore and belongs to CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG. The main domain is bonus.cekmedia.my.id.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time bonus.cekmedia.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    103.134.153.80 (Singapore)

ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG)
PTR: kelapa.cloudhost.id
www.bonus.cekmedia.my.id
bonus.cekmedia.my.id
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
pagead2.googlesyndication.com
1    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.251.179.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f155.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    172.253.62.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f106.1e100.net
www.google.com
9    172.253.115.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f102.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
13 cekmedia.my.id
www.bonus.cekmedia.my.id
bonus.cekmedia.my.id
81 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
www.google.com — Cisco Umbrella Rank: 2
70 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
207 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
257 B
1 gstatic.com
fonts.gstatic.com
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
100 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
37 8
Domain Requested by
12 bonus.cekmedia.my.id bonus.cekmedia.my.id
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 pagead2.googlesyndication.com bonus.cekmedia.my.id
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com bonus.cekmedia.my.id
1 fonts.googleapis.com bonus.cekmedia.my.id
1 www.bonus.cekmedia.my.id 1 redirects
37 11

This site contains no links.

Subject Issuer Validity Valid
www.bonus.cekmedia.my.id
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://bonus.cekmedia.my.id/
Frame ID: 5DAB539C7BFCA2DC6A294765E11491B0
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5091720344107094&output=html&adk=1812271804&adf=3025194257&lmt=1711731507&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x750_l%7C260x625_r&format=0x0&url=https%3A%2F%2Fbonus.cekmedia.my.id%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711731506926&bpp=4&bdt=1119&idt=447&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8443905918163&frm=20&pv=2&ga_vid=201804473.1711731507&ga_sid=1711731507&ga_hid=2083592200&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95320378%2C95328826&oid=2&pvsid=4184883043251867&tmod=701444571&uas=0&nvt=1&fsapi=1&fc=1920&brdim=200%2C200%2C200%2C200%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467
Frame ID: A99C9DD733D7153628B346E7FE56A2C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44B7CAE450EC1365FC5856913E0124EE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92DADBC38AD0E977148AC3CC7FB3F8D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bonus - Informasi Modal Usaha, Event Berhadiah & Aplikasi Penghasil Uang

Page URL History Show full URLs

  1. https://www.bonus.cekmedia.my.id/ HTTP 301
    https://bonus.cekmedia.my.id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

58 %
IPv6

8
Domains

11
Subdomains

13
IPs

2
Countries

498 kB
Transfer

1472 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bonus.cekmedia.my.id/ HTTP 301
    https://bonus.cekmedia.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bonus.cekmedia.my.id/
Redirect Chain
  • https://www.bonus.cekmedia.my.id/
  • https://bonus.cekmedia.my.id/
47 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed / PHP/7.4.33
Resource Hash
7f7d7754fdbde7093924394c7fa5b8ad622e0d05a45c256e80b4b6c41f129b82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 16:58:26 GMT
link
<https://bonus.cekmedia.my.id/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 16:58:25 GMT
location
https://bonus.cekmedia.my.id/
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
style.min.css
bonus.cekmedia.my.id/wp-includes/css/dist/block-library/ 		108 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Wed, 24 Jan 2024 17:32:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13600
expires
Fri, 05 Apr 2024 16:58:26 GMT
idblog-core.css
bonus.cekmedia.my.id/wp-content/plugins/idblog-core/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2024 15:15:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1670
expires
Fri, 05 Apr 2024 16:58:26 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C&ver=2.1.1
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f5e00fb396a85f6c65dd7c98fb54e2b280a8e0c653e417bba8a7255f8102af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
Origin
https://bonus.cekmedia.my.id
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 16:58:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Mar 2024 16:58:26 GMT
style.css
bonus.cekmedia.my.id/wp-content/themes/superfast/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-content/themes/superfast/style.css?ver=6.4.3
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
698a0a9ec46b00a5df6f41eb453773dce038e24cb813bce1f31843e67ca1e9c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2024 15:13:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9357
expires
Fri, 05 Apr 2024 16:58:26 GMT
jquery.min.js
bonus.cekmedia.my.id/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 15:44:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29744
expires
Fri, 05 Apr 2024 16:58:26 GMT
jquery-migrate.min.js
bonus.cekmedia.my.id/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 04:19:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4678
expires
Fri, 05 Apr 2024 16:58:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5091720344107094
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc03cb57f966cca09f0b422cec25fe79c265607a72064a7063cab805c1a992e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
Origin
https://bonus.cekmedia.my.id
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50923
x-xss-protection
0
server
cafe
etag
14857288152317714999
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 29 Mar 2024 16:58:26 GMT
js
www.googletagmanager.com/gtag/ 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FLVYE46872
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d646a0480bae9498cda57e877d35bbd035e8db5efaba0427c1095607c4f5ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102004
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Mar 2024 16:58:26 GMT
4e07c9bd-2952-45fe-a810-7319ecb0988d
https://bonus.cekmedia.my.id/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bonus.cekmedia.my.id/4e07c9bd-2952-45fe-a810-7319ecb0988d
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
js.cookie.min.js
bonus.cekmedia.my.id/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2024 15:19:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
665
expires
Fri, 05 Apr 2024 16:58:26 GMT
jquery.iframetracker.min.js
bonus.cekmedia.my.id/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2024 15:19:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1065
expires
Fri, 05 Apr 2024 16:58:26 GMT
aicp.min.js
bonus.cekmedia.my.id/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		777 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2024 15:19:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
374
expires
Fri, 05 Apr 2024 16:58:26 GMT
customscript.js
bonus.cekmedia.my.id/wp-content/themes/superfast/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-content/themes/superfast/js/customscript.js?ver=2.1.1
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:26 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2024 15:13:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4319
expires
Fri, 05 Apr 2024 16:58:26 GMT
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C&ver=2.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bonus.cekmedia.my.id
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:55:15 GMT
x-content-type-options
nosniff
age
205391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39412
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 07:55:15 GMT
wp-emoji-release.min.js
bonus.cekmedia.my.id/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: bonus.cekmedia.my.id
URL: https://bonus.cekmedia.my.id/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:28 GMT
content-encoding
br
last-modified
Wed, 01 Feb 2023 23:23:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Fri, 05 Apr 2024 16:58:28 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5091720344107094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ee79f803225857cec811281c24d35460e3917363c3a9f3ccf6a4f5857b509afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141417
x-xss-protection
0
server
cafe
etag
15584447750450052148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 16:58:27 GMT
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FLVYE46872&gtm=45je43r0v9181436562za200&_p=1711731506577&gcd=13l3l3l3l1&npa=0&dma=0&cid=201804473.1711731507&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711731506&sct=1&seg=0&dl=https%3A%2F%2Fbonus.cekmedia.my.id%2F&dt=Bonus%20-%20Informasi%20Modal%20Usaha%2C%20Event%20Berhadiah%20%26%20Aplikasi%20Penghasil%20Uang&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5646
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLVYE46872
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 16:58:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.cekmedia.my.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A99C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5091720344107094&output=html&adk=1812271804&adf=3025194257&lmt=1711731507&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x750_l%7C260x625_r&format=0x0&url=https%3A%2F%2Fbonus.cekmedia.my.id%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711731506926&bpp=4&bdt=1119&idt=447&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8443905918163&frm=20&pv=2&ga_vid=201804473.1711731507&ga_sid=1711731507&ga_hid=2083592200&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95320378%2C95328826&oid=2&pvsid=4184883043251867&tmod=701444571&uas=0&nvt=1&fsapi=1&fc=1920&brdim=200%2C200%2C200%2C200%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.cekmedia.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Mar 2024 16:58:27 GMT
expires
Fri, 29 Mar 2024 16:58:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-5091720344107094
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5091720344107094?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2b3e22288f7f3960c8b83c6b83d7c25670c863982dc72bfa8bdd6e1199f1f35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PIDZaJZlXNG35nYV7gTV0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-PIDZaJZlXNG35nYV7gTV0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDseXZ7A1sAj9-P3rMCADcLzIh"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV0dvyoS-wRXi9A4GBc2ENXXCcTKYtR4tWlYZKOHc05FdbT5etOA1BwHbEmGTsY-Yw6oS-rz8xXBQp-nN8m_ZU9tKOPp3-a9xE7zkk_DChzI8EsNwCgbAHOed-8S9MEsCeFmnVsew==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV0dvyoS-wRXi9A4GBc2ENXXCcTKYtR4tWlYZKOHc05FdbT5etOA1BwHbEmGTsY-Yw6oS-rz8xXBQp-nN8m_ZU9tKOPp3-a9xE7zkk_DChzI8EsNwCgbAHOed-8S9MEsCeFmnVsew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzMxNTA4LDYxMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ib251cy5jZWttZWRpYS5teS5pZC8iLG51bGwsW1s4LCJSeW5vNEZEOWlURSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1611d87932700d934ba3a52bfce3eca1063e7ffd6f48b5448bf4416638763994
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xcf0G71L_rxIldVL4OHFxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-Xcf0G71L_rxIldVL4OHFxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDseXZ7A1sAhPmzNvNBADarjD2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240327&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
709741d280d0deb290d7471987139597c9abd4b803b89ebfa8559901bfe31e56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12259
x-xss-protection
0
favicon.ico
bonus.cekmedia.my.id/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bonus.cekmedia.my.id/favicon.ico
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.134.153.80 , Singapore, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
kelapa.cloudhost.id
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 16:58:29 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1238
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 16:58:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.cekmedia.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
166508
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 18:43:21 GMT
expires
Thu, 27 Mar 2025 18:43:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 92DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3qVnUwWqCOH5iPYQ9t73IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bonus.cekmedia.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3qVnUwWqCOH5iPYQ9t73IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Mar 2024 16:58:29 GMT
expires
Fri, 29 Mar 2024 16:58:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
fundingchoicesmessages.google.com/f/AGSKWxUpW3hl7262hgEg2P6TFcf7bglsAjBQKVLht6aNRN2yD4YkbdjmhsCSfSleqtWyZI-bUEhWI0HTbSY1EDTco4Bo6-DUe_-p1h-g8Aq5BW2HfUrVAPdj69oN7kN68CClY6LXy7Ywf3CYgUlcQ07Dat3cklPpe... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUpW3hl7262hgEg2P6TFcf7bglsAjBQKVLht6aNRN2yD4YkbdjmhsCSfSleqtWyZI-bUEhWI0HTbSY1EDTco4Bo6-DUe_-p1h-g8Aq5BW2HfUrVAPdj69oN7kN68CClY6LXy7Ywf3CYgUlcQ07Dat3cklPpenvCrAfihexGrWgkJJDRuhPNkW8-nZKm/_/wp-bannerize./adcount..com/adx/&adnum=.win/ads/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy7cSXtGgaSzwhyAa1SgDG3tjt8eQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
cec8825184b07b983453596e45f27f27488c0423629c9d424854b51b63125bcc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6uv4NWgJ_o_ZUeZsuAKDaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6uv4NWgJ_o_ZUeZsuAKDaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDsfXZ7A1sAjOa959gBADZozEQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy7cSXtGgaSzwhyAa1SgDG3tjt8eQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 02:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
53216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Apr 2024 02:11:33 GMT
AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KrxiNfHL_fUNCJWgJr3cwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-KrxiNfHL_fUNCJWgJr3cwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIh2Prs9kb2ARWLHz5khEAxn4Mog"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bonus.cekmedia.my.id
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0Tlwh0_0EuaWtXNoXP4cFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0Tlwh0_0EuaWtXNoXP4cFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh2Prs9kb2AQe3L_5ihEAydYNFA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bonus.cekmedia.my.id
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vmCL2CAXRZwB0jiuRtj9cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vmCL2CAXRZwB0jiuRtj9cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1hDgFiIh2Prs9kb2AR-LH_5ihEAyTgNAQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bonus.cekmedia.my.id
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-krs7C-gv9UzyJ7SNW1EGpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-krs7C-gv9UzyJ7SNW1EGpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIh2Prs9kb2AR27P_whhEAyRsM5w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bonus.cekmedia.my.id
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXXWS8Nv-_o7VRfGuP6Z3BRTcFZ7plDYi6XNXh8Rqm8XjKjCsqd0uq8xcqpgNRk7eiSOyxc3Paq5Dmy2gDDbtOwb6dAsKZt0qSOPnqWWS2-VZu3hIcGtMGkLuLEfRYCz8ZZml0aoQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXXWS8Nv-_o7VRfGuP6Z3BRTcFZ7plDYi6XNXh8Rqm8XjKjCsqd0uq8xcqpgNRk7eiSOyxc3Paq5Dmy2gDDbtOwb6dAsKZt0qSOPnqWWS2-VZu3hIcGtMGkLuLEfRYCz8ZZml0aoQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzMxNTA5LDQ0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYm9udXMuY2VrbWVkaWEubXkuaWQvIixudWxsLFtbOCwiUnlubzRGRDlpVEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
9d9103d6ee1de572f8da3f903ceed5f0fe9c5b556d9f58ca34515b182ff54392
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7f9618gdaAs4IukE6wJ02Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7f9618gdaAs4IukE6wJ02Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDsfXZ7A1sAi-e9L1mBADc3DG0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMWfVpSQx3AkYI7mfNPnsqF21EC6zoxL2JRZ_X3Z60eOgkFPALSh_ib3R6Cip33q3_hHdgjYMZjsY4eYdAxu-hOTwX-fCnU9PX9IuajNLociGS_NZ0zVU3W_DY3W1m0k_hHFZsNA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUMWfVpSQx3AkYI7mfNPnsqF21EC6zoxL2JRZ_X3Z60eOgkFPALSh_ib3R6Cip33q3_hHdgjYMZjsY4eYdAxu-hOTwX-fCnU9PX9IuajNLociGS_NZ0zVU3W_DY3W1m0k_hHFZsNA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzMxNTA5LDUyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ib251cy5jZWttZWRpYS5teS5pZC8iLG51bGwsW1s4LCJSeW5vNEZEOWlURSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
45e2ef286ed5b16fed9e5f098f8c90e85a33f3b849ee349f805bd3b4c1b08667
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B3_7O3yNnY25yffzFlFEQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B3_7O3yNnY25yffzFlFEQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQCzEw7H12ewNbAIT3vb2MQEAKcE2FA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVNc2vMjj90ZyQ1gSujwrBZg6d2-q0cJ-FvcP49GzMXKiX0MI5C3sHbquJAlkmgUSMGeFHPvC2N8J9UhdM5boPU757XYkcgygTmyKwFhChrLB9bq6Rj8L3SYosiBZnDVHKk4lAaaw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVNc2vMjj90ZyQ1gSujwrBZg6d2-q0cJ-FvcP49GzMXKiX0MI5C3sHbquJAlkmgUSMGeFHPvC2N8J9UhdM5boPU757XYkcgygTmyKwFhChrLB9bq6Rj8L3SYosiBZnDVHKk4lAaaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w52u4LLFCfRJtRI7GveZ1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-w52u4LLFCfRJtRI7GveZ1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIh2Prs9kb2AR-3Hu4hgkAyV8M8g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bonus.cekmedia.my.id
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVp9CpAGc_NgiIzTO-R92clniQJiMWFlDEAb9ZSe5ED1v5XYZ5bIkl3ModNsYL8M6eEmGddZDWOR5Mx-u65Jq7MdWeFV66syxSYU5PVynjMvTpi2b8yIdVNi_0A0LzT4HVfC_AcVA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x3tVazPU_u_Jk0FVzK8V3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bonus.cekmedia.my.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 16:58:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-x3tVazPU_u_Jk0FVzK8V3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2Prs9kb2AQ62t6sZQIAxuAMPQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bonus.cekmedia.my.id
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240327&jk=4184883043251867&bg=!9vWl9brNAAYQOWS2MDk7ADQBe5WfOMRXSFqxFOO1_5rH2k6cQ36RkWN_KT-p_IOY8wmsjkFXBye2OnNM_8dp9XncwKD-AgAAADtSAAAAAmgBB34ANeeIbiZ1LntilkjTKsibBZiWnyLK88odZtclniIzGlM-k-mT0BsHuLIkjt4lg3NBzZVXw9G-mQKjOFOVxYF0NxaPNbso73Md3rAMfz4OmM-zjn5zjP1cXflTVXvwbBU_o_zl_tuzMEaOwbYNc-ZS5eCe_RVm7Evik9XbJd1Hktd2OXNFAgSXq_PIhu96MiKU0mfS34Q_2JGAQloxWyC7WABSKflo7zzn2uyD3jRQDfMUhiLxZ5-mfiD_QjtyZBCWvK65Bw45-RMwOsuHwVrxWBatB0vt7R1jZBVyrNDKZS83PS0p0Dguj7WKEJ_rynkjStBpMTmCg7uXMaFVf9mARaq63Livc3VlFETC5LdA1hnJR7ux-5V9kkBk-_nnCBwXSDia6uAz8b5ZJ1j0ykz6ICsq9IbKgPLREdwe4HbGcMdWDHz8vRnkx2vgV4nheBkUKo2frDC9wvsDdprJEAX0NrJXiYQ-JcTB2-c9mNeBLmvyttmzZatpzsHSvsomNhSGA6t_LodOUoWejGneKrEacWr7-xX3_WP3JPeKBhqbubCw4eq91fVuLvOyH4LfcgoQ4Ck1eQECEDC5AnaypVxQEyYwl8ZjL-Xgiw0P-o_zhx9mg9rRC8zKG0yWIxtJWfW38FnQbRncjuL399VKDo1VjkWFTVkn953iAXPrHOsdq1HEZ--GX5s8etf5dmhzbvEsaECxv7ou8J2NQcf2v0YcjoGSeTKinruwrP2d_LcQxth5SQHFEsY-H4kBjr0fnM-mqqp1gRzpu4CiwR80FDoADOIeKn8rpM3e6cMfEkHjhu7Ir-cDabojQnZxpouQDs9tPypvzAADbzMyqiS9QUnjbBLOVfJGzmCQT282mH7O4ofTJrr1bg1Ov1N4jb_kEB5f1j_aG4kKFqK49JLvz_65IZQ332padoHWX7xGay7Qdi4XZ1ADxV_XtyRNNp6_9VlbHeBn2YtaxyrdPugq

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onpagereveal object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer undefined| Cookies object| AICP object| sidr object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YmE5MmEwOTdhOWZlZGZjYmxvYWRlcl9qcw== string| YmE5MmEwOTdhOWZlZGZjYmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| google_empty_script_included boolean| f417458f-59c2-4d91-a973-3a495db5ae16 object| google_image_requests

4 Cookies

Domain/Path Name / Value
.cekmedia.my.id/ Name: _ga
Value: GA1.1.201804473.1711731507
.cekmedia.my.id/ Name: _ga_FLVYE46872
Value: GS1.1.1711731506.1.0.1711731506.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cekmedia.my.id/ Name: FCNEC
Value: %5B%5B%22AKsRol8IzYR7sgWuSpnexfJJJtokZ3uzmP0-aGE0y7CCvEFF9IfdsJzb-RIrIKASNqSz0zzNZ1SjbLfbt2f_avKzfajlxSyQjTl3hKJIJFz9vugTJ3hzKfFArIB88QurKPj9kbZZedO11R9vPmzSzX_zUAUNk1Bonw%3D%3D%22%5D%5D

2 Console Messages

Source Level URL
Text
other warning URL: https://bonus.cekmedia.my.id/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bonus.cekmedia.my.id/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bonus.cekmedia.my.id
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bonus.cekmedia.my.id
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
103.134.153.80
142.251.179.155
172.253.115.102
172.253.122.156
172.253.62.106
2001:4860:4802:36::178
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c19::61
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
1611d87932700d934ba3a52bfce3eca1063e7ffd6f48b5448bf4416638763994
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45e2ef286ed5b16fed9e5f098f8c90e85a33f3b849ee349f805bd3b4c1b08667
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698a0a9ec46b00a5df6f41eb453773dce038e24cb813bce1f31843e67ca1e9c5
709741d280d0deb290d7471987139597c9abd4b803b89ebfa8559901bfe31e56
7f7d7754fdbde7093924394c7fa5b8ad622e0d05a45c256e80b4b6c41f129b82
842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
8d646a0480bae9498cda57e877d35bbd035e8db5efaba0427c1095607c4f5ddf
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9d9103d6ee1de572f8da3f903ceed5f0fe9c5b556d9f58ca34515b182ff54392
9f5e00fb396a85f6c65dd7c98fb54e2b280a8e0c653e417bba8a7255f8102af0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc03cb57f966cca09f0b422cec25fe79c265607a72064a7063cab805c1a992e2
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cec8825184b07b983453596e45f27f27488c0423629c9d424854b51b63125bcc
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee79f803225857cec811281c24d35460e3917363c3a9f3ccf6a4f5857b509afa
f2b3e22288f7f3960c8b83c6b83d7c25670c863982dc72bfa8bdd6e1199f1f35