urlscan.io logo urlscan.io
SecurityTrails logo

www.cekaja.com Open in urlscan Pro
2620:1ec:46::44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsletter.cekaja.com/l/587634PifyutSCh7IX85tELQ/1O4b14QsUO4qPJrbkde1jQ/2hm2iKW5ZPTWCr1onMoMwQ
Effective URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Submission: On September 23 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 9 domains to perform 26 HTTP transactions. The main IP is 2620:1ec:46::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.cekaja.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 7th 2022. Valid for: a year.
This is the only time www.cekaja.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.214.171.83 14618 (AMAZON-AES)
12 2620:1ec:46::44 8068 (MICROSOFT...)
2 2606:2800:233... 15133 (EDGECAST)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.208 8075 (MICROSOFT...)
1 2 137.116.153.238 8075 (MICROSOFT...)
26 11
1    3.214.171.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-171-83.compute-1.amazonaws.com
newsletter.cekaja.com
12    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.cekaja.com
js.monitor.azure.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn-vz-main.cekaja.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    13.69.106.208 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    137.116.153.238 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
identity.cekaja.com
Apex Domain
Subdomains		 Transfer
16 cekaja.com
newsletter.cekaja.com
www.cekaja.com
cdn-vz-main.cekaja.com
identity.cekaja.com
999 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 819
280 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
33 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6352
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
204 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
442 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2377
45 KB
26 9
Domain Requested by
11 www.cekaja.com www.cekaja.com
js.monitor.azure.com
3 www.google-analytics.com www.cekaja.com
www.google-analytics.com
2 identity.cekaja.com 1 redirects js.monitor.azure.com
2 dc.services.visualstudio.com js.monitor.azure.com
2 connect.facebook.net www.cekaja.com
connect.facebook.net
2 cdn-vz-main.cekaja.com www.cekaja.com
1 www.google.de www.cekaja.com
1 www.google.com www.cekaja.com
1 www.facebook.com www.cekaja.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js.monitor.azure.com www.cekaja.com
1 newsletter.cekaja.com 1 redirects
26 12

This site contains no links.

Subject Issuer Validity Valid
*.cekaja.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-02-18		 a year crt.sh
sni8aa7gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-07 -
2023-10-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-06-26 -
2023-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-07 -
2023-09-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Frame ID: 30B5C0275E440FB2AFB67F5027BB994E
Requests: 24 HTTP requests in this frame

Frame: https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg
Frame ID: B47C4F98675C1946B57AAE4E73DCFE0C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tabungan Terbaik Wizard

Page URL History Show full URLs

  1. https://newsletter.cekaja.com/l/587634PifyutSCh7IX85tELQ/1O4b14QsUO4qPJrbkde1jQ/2hm2iKW5ZPTWCr1onMoMwQ HTTP 302
    https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

26
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

12
Subdomains

11
IPs

6
Countries

1098 kB
Transfer

3093 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsletter.cekaja.com/l/587634PifyutSCh7IX85tELQ/1O4b14QsUO4qPJrbkde1jQ/2hm2iKW5ZPTWCr1onMoMwQ HTTP 302
    https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://identity.cekaja.com/connect/authorize?client_id=js&redirect_uri=https%3A%2F%2Fwww.cekaja.com%2Faccount%2Fidentity%2Fsilent&response_type=code&scope=openid%20profile%20web_api&state=adb624588b4e4af9ba53f432ca4668a8&code_challenge=gbswUrbGUs9Etqk2Hl_drNKDa7mmX4Ss5r4283bobKA&code_challenge_method=S256&prompt=none&response_mode=query HTTP 302
  • https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tabungan
www.cekaja.com/wizard/
Redirect Chain
  • https://newsletter.cekaja.com/l/587634PifyutSCh7IX85tELQ/1O4b14QsUO4qPJrbkde1jQ/2hm2iKW5ZPTWCr1onMoMwQ
  • https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7a968abb89bd9eadfe5f6d928bde336f3b23a04176b3ca214fe28afc3bec0138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
11011
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 13:08:45 GMT
expires
-1
pragma
no-cache
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-azure-ref
03a8tYwAAAADI5+XhZXEORI/IPHf6jI/fQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
x-cache
PRIVATE_NOSTORE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-generator
Orchard
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 13:08:44 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022#Page1
Server
Apache/2.4.29 (Ubuntu)
wizard.css
www.cekaja.com/Themes/C88PortalTheme/Styles/ 		259 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/Themes/C88PortalTheme/Styles/wizard.css
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ffbe3b51b81ac85033b799ded5cea6642424a391b2a66d1a3b69de31ecdf527c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-cache
TCP_HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 26 Jul 2022 14:10:56 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:45 GMT
x-azure-ref
03q8tYwAAAACFlMNZ5Ov1R4lGnvLmEkVBQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800,public
etag
"018d485f9a0d81:0"
accept-ranges
bytes
img-loader.png
cdn-vz-main.cekaja.com/media/Default/Cekaja/ 		95 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-vz-main.cekaja.com/media/Default/Cekaja/img-loader.png
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B6A) /
Resource Hash
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 13:08:46 GMT
content-md5
mV62revoVCnxvi50y9GBfg==
age
1298011
x-ms-meta-cbmodifiedtime
Sun, 17 Jul 2016 23:18:38 GMT
x-cache
HIT
content-length
95
x-ms-lease-status
unlocked
last-modified
Tue, 30 Jan 2018 18:13:19 GMT
server
ECAcc (ama/8B6A)
etag
0x8D5680D24432F63
content-type
image/png
x-ms-request-id
09d240f4-d01e-00e2-6e7f-c3dae4000000
cache-control
max-age=2678400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Sun, 23 Oct 2022 13:08:46 GMT
standardwizardscript
www.cekaja.com/bundles/scripts/ 		1 MB
513 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/bundles/scripts/standardwizardscript
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
165be9666f976f6e009e6c707663d6db97a1664b579afba2920deee6edb6812c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
TCP_HIT
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
last-modified
Fri, 23 Sep 2022 12:41:51 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:45 GMT
x-azure-ref
03q8tYwAAAADyQhr8yREZR6wT6SqXhGe9QU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-generator
Orchard
access-control-expose-headers
Request-Context
cache-control
public
expires
Sat, 23 Sep 2023 12:41:51 GMT
Globalize.js
www.cekaja.com/wizard/libraryscript/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/wizard/libraryscript/Globalize.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
65bbaa03a775e6fde0cff077a89d36c781392c229420564b3c57adf47904821d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
PRIVATE_NOSTORE
vary
Accept-Encoding
content-length
16928
x-xss-protection
1; mode=block
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:46 GMT
x-azure-ref
03q8tYwAAAACF7lwrsJVVRpvhjoUkQfyCQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-generator
Orchard
access-control-expose-headers
Request-Context
cache-control
private
GlobalizeLocale_ID.js
www.cekaja.com/wizard/libraryscript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/wizard/libraryscript/GlobalizeLocale_ID.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5ffb1d62fac1fcfab4e4db7c8d27d249a450b352fd0c06fefed2aa7014cafe27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
PRIVATE_NOSTORE
vary
Accept-Encoding
content-length
931
x-xss-protection
1; mode=block
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:46 GMT
x-azure-ref
03q8tYwAAAAASVW5VvbUpR5ZZJ4OiIJTcQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-generator
Orchard
access-control-expose-headers
Request-Context
cache-control
private
WFSMalmo.js
www.cekaja.com/wizard/libraryscript/ 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/wizard/libraryscript/WFSMalmo.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2e531548aed7e8a11410ce8a072eb62a8abf6d78723b4136304ea73012b10991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
PRIVATE_NOSTORE
vary
Accept-Encoding
content-length
24106
x-xss-protection
1; mode=block
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:46 GMT
x-azure-ref
03q8tYwAAAADfx6mbf1toSrRDtgY9nKnwQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-generator
Orchard
access-control-expose-headers
Request-Context
cache-control
private
CASAWizard.js
www.cekaja.com/wizard/script/ 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/wizard/script/CASAWizard.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b8382d233b285e3ed830e739cc1e5b78eeb551c96dd246cbe4faa6bc0b431ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
PRIVATE_NOSTORE
vary
Accept-Encoding
content-length
10012
x-xss-protection
1; mode=block
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:46 GMT
x-azure-ref
03q8tYwAAAACXpX0SFKOyTq5eUwEaZW5aQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-generator
Orchard
access-control-expose-headers
Request-Context
cache-control
private
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
oysHLcaMEtiKv36dVADWYbHw0UOMDiOGRS0ywWFOpoTkn+HIgcFTwqYiJdpvzKFWXpPdGo1W5x0MenyuqgenIQ==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 23 Sep 2022 13:08:46 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
6768
date
Fri, 23 Sep 2022 11:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Fri, 23 Sep 2022 13:15:58 GMT
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d0b6653128ad20e90b1bf6c49217a4730919307da8b1fdb75a4c0813a6a30d5d

Request headers

Referer
https://www.cekaja.com/
Origin
https://www.cekaja.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 13:08:45 GMT
content-encoding
br
last-modified
Wed, 14 Sep 2022 17:06:53 GMT
content-md5
H8Ds/l+aJsCZr7YO9V9k0w==
etag
0x8DA967385DDEAD4
x-azure-ref
03q8tYwAAAAAGNdA3zqUoRocSwWNt3hXNQU1TMDRFREdFMTgxOQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
743c6699-a01e-0063-354a-cf758e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-meta-aijssdkver
2.8.7
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.7.min.js
x-ms-version
2009-09-19
c88-wizards-icons.woff2
www.cekaja.com/Themes/C88PortalTheme/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/Themes/C88PortalTheme/fonts/c88-wizards-icons.woff2
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/Themes/C88PortalTheme/Styles/wizard.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3e44b17f2ae7daf2c007a333268c0061dee098213100215faf581702f7b3dd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cekaja.com/Themes/C88PortalTheme/Styles/wizard.css
Origin
https://www.cekaja.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 26 Jul 2022 14:10:54 GMT
server
Microsoft-IIS/10.0
etag
"0eba284f9a0d81:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800,public
date
Fri, 23 Sep 2022 13:08:45 GMT
x-azure-ref
03q8tYwAAAADRsDN4u3PqTLM7bDsNDnD7QU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
accept-ranges
bytes
content-length
13704
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1812897527&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cekaja.com%2Fwizard%2Ftabungan%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DDanamon_CASA_23_09_2022&ul=en-us&de=UTF-8&dt=Tabungan%20Terbaik%20Wizard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1941560613&gjid=1272955304&cid=405422858.1663938526&tid=UA-49658582-1&_gid=136538449.1663938526&_r=1&_slc=1&z=681562205
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cekaja.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 13:08:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cekaja.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-49658582-1&cid=405422858.1663938526&jid=1941560613&gjid=1272955304&_gid=136538449.1663938526&_u=IEBAAEAAAAAAAC~&z=966939139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cekaja.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 23 Sep 2022 13:08:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.cekaja.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1532790063704683
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1532790063704683?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f3b95b9186089503cc16f8408a149f0013c644d419071f9c7cdd50a373b2ba1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6897
x-xss-protection
0
pragma
public
x-fb-debug
GPO5DC4TnkDlFvMGDYZCTbkH/hrgaQM8MMyinZBCNM2K/e3PaXPqYqGvAGEoLOD5yeWZ42nwpflfMc+v20boYQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 23 Sep 2022 13:08:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1532790063704683&ev=PageView&dl=https%3A%2F%2Fwww.cekaja.com%2Fwizard%2Ftabungan%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DDanamon_CASA_23_09_2022%23Page1&rl=&if=false&ts=1663938526323&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=28&fbp=fb.1.1663938526321.269038632&it=1663938526258&coo=false&rqm=GET
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 23 Sep 2022 13:08:46 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
logo-cekaja.svg
cdn-vz-main.cekaja.com/media/Default/Cekaja/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-vz-main.cekaja.com/media/Default/Cekaja/logo-cekaja.svg
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A9F) /
Resource Hash
0b50449b915c876d0fa16b58ca8ab18c30070082ec8b9899f8b9e0436e30d8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 13:08:46 GMT
content-md5
up1eOek6bjtzAJu8vgqgVQ==
age
1405655
x-cache
HIT
content-length
5374
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2019 11:03:24 GMT
server
ECAcc (ama/8A9F)
etag
0x8D6F95CBE780190
content-type
image/svg+xml
x-ms-request-id
571c30bb-201e-00f7-3784-c2187d000000
cache-control
max-age=2592000
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Sun, 23 Oct 2022 13:08:46 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-49658582-1&cid=405422858.1663938526&jid=1941560613&_u=IEBAAEAAAAAAAC~&z=1839724863
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 13:08:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-49658582-1&cid=405422858.1663938526&jid=1941560613&_u=IEBAAEAAAAAAAC~&z=1839724863
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 13:08:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getmultiplelookups
www.cekaja.com/lookups/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/lookups/getmultiplelookups?lookups=getCASAEmploymentType,getProvince
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5788360526a43750e4704339fa05d5a90f2dc60f12c198b3da90bd656960139a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Request-Id
|bc3d57d352474cbf8fb93f680c7a002e.02fae1f445464e2b
X-Requested-With
XMLHttpRequest
traceparent
00-bc3d57d352474cbf8fb93f680c7a002e-02fae1f445464e2b-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer
https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
TCP_MISS
vary
*
content-length
1020
x-xss-protection
1; mode=block
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:46 GMT
x-azure-ref
0368tYwAAAADovEUGOk4lRYmKB5GblgaOQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-generator
Orchard
access-control-expose-headers
Request-Context
cache-control
public, max-age=1200
etag
4dc1259c0a3542edb0c92c0a0d9b00de
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1812897527&t=event&_s=2&dl=https%3A%2F%2Fwww.cekaja.com%2Fwizard%2Ftabungan%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DDanamon_CASA_23_09_2022&ul=en-us&de=UTF-8&dt=Tabungan%20Terbaik%20Wizard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CASA&ea=compare_wizard&el=launched%3A%20true&ev=5&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=405422858.1663938526&tid=UA-49658582-1&_gid=136538449.1663938526&z=1231761336
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/wizard/tabungan?utm_source=email&utm_medium=email&utm_campaign=Danamon_CASA_23_09_2022
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 03:40:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34114
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		96 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7514dca7db5acaa70529ce2da81f655533723b5e68c41259f660607b48b90082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cekaja.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
07855265-7433-4D97-AE41-EA9E822707F5
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 23 Sep 2022 13:08:46 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.cekaja.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 23 Sep 2022 13:08:46 GMT
x-content-type-options
nosniff
truncated
/ 		186 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ceb0d15b271246f4e66f60e80634b6178b3d9d56532518e8d38d90c350258dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
openid-configuration
identity.cekaja.com/.well-known/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.cekaja.com/.well-known/openid-configuration
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.116.153.238 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d384eafb190b5e84cb8d1c899e6bcfdbf71b4afac52d724b2f7f3132db2cda38
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 13:08:48 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.cekaja.com
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=2592000
Request-Context
appId=cid-v1:030e512f-8610-4860-ba49-448401526912
silent
www.cekaja.com/account/identity/ Frame B47C
Redirect Chain
  • https://identity.cekaja.com/connect/authorize?client_id=js&redirect_uri=https%3A%2F%2Fwww.cekaja.com%2Faccount%2Fidentity%2Fsilent&response_type=code&scope=openid%20profile%20web_api&state=adb62458...
  • https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg
720 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/bundles/scripts/standardwizardscript
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d8d210b24fc4b7045bcada346187be3bb004230a92322cc5bd5d3b173dfebb40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cekaja.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
498
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 13:08:48 GMT
expires
-1
pragma
no-cache
request-context
appId=cid-v1:2d2c5381-9d6c-4a6b-bdf4-843e6e66e14d
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-azure-ref
04a8tYwAAAAA4Gjo2NLXATZbXJB3eBI9jQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
x-cache
PRIVATE_NOSTORE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-generator
Orchard
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, max-age=0
Content-Length
0
Date
Fri, 23 Sep 2022 13:08:48 GMT
Location
https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg#_=_
Pragma
no-cache
Request-Context
appId=cid-v1:030e512f-8610-4860-ba49-448401526912
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
X-Powered-By
ASP.NET
oidc-client.rsa256.slim.min.js
www.cekaja.com/Themes/C88PortalTheme/Scripts/oidc/ Frame B47C 		800 KB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cekaja.com/Themes/C88PortalTheme/Scripts/oidc/oidc-client.rsa256.slim.min.js
Requested by
Host: www.cekaja.com
URL: https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
89738c4b04ddb1248b243a4e1d8c6d2107ecfe6f8c514d25684814823f8ba9dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cekaja.com/account/identity/silent?error=login_required&state=adb624588b4e4af9ba53f432ca4668a8&session_state=dT1tfq5ERhSyrMAP9tKfer53rxqQiMAiHVydmx0JJdM.bXbYqr1rh3Vq9_QZ6nR8Xg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-cache
TCP_HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 26 Jul 2022 14:10:56 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 13:08:48 GMT
x-azure-ref
04a8tYwAAAADXeD8HA0mQTr26tsSMeSvyQU1TMDRFREdFMTgxOQA5YzJlNDEyOC03OWI0LTQ1MDAtYjdjZC0wNTJiY2RhMDE2OGQ=
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
etag
"018d485f9a0d81:0"
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| appInsights string| Portal_URL object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Oidc object| event_transition function| $ function| jQuery object| Cookies object| ko object| lazySizes object| e function| n object| Microsoft function| Globalize function| isJSON function| clog function| initNamespace object| C88Wizard object| _targetForm string| _localKey

11 Cookies

Domain/Path Name / Value
.www.cekaja.com/ Name: TiPMix
Value: 95.53061352368765
.www.cekaja.com/ Name: x-ms-routing-name
Value: self
.cekaja.com/ Name: _ga
Value: GA1.2.405422858.1663938526
.cekaja.com/ Name: _gid
Value: GA1.2.136538449.1663938526
.cekaja.com/ Name: _gat
Value: 1
.cekaja.com/ Name: _fbp
Value: fb.1.1663938526321.269038632
www.cekaja.com/ Name: ai_user
Value: iJ+jUKM5nX/MoiV+d49StK|2022-09-23T13:08:46.394Z
.cekaja.com/ Name: UTM
Value: {"utm_source":"email","utm_medium":"email","utm_term":null,"utm_content":null,"utm_campaign":"danamon_casa_23_09_2022"}
www.cekaja.com/ Name: ai_session
Value: qNdIfxSSV7NPz7b+auDQ3M|1663938527097|1663938527097
.identity.cekaja.com/ Name: ARRAffinity
Value: e99685487686b4adc5b7ebafdbd54dfe4c4f0f727c87891fd318d83bde8638b8
.identity.cekaja.com/ Name: ARRAffinitySameSite
Value: e99685487686b4adc5b7ebafdbd54dfe4c4f0f727c87891fd318d83bde8638b8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-vz-main.cekaja.com
connect.facebook.net
dc.services.visualstudio.com
identity.cekaja.com
js.monitor.azure.com
newsletter.cekaja.com
stats.g.doubleclick.net
www.cekaja.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
13.69.106.208
137.116.153.238
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:46::44
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:400c:c06::9d
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
3.214.171.83
0b50449b915c876d0fa16b58ca8ab18c30070082ec8b9899f8b9e0436e30d8cc
165be9666f976f6e009e6c707663d6db97a1664b579afba2920deee6edb6812c
2e531548aed7e8a11410ce8a072eb62a8abf6d78723b4136304ea73012b10991
5788360526a43750e4704339fa05d5a90f2dc60f12c198b3da90bd656960139a
5ffb1d62fac1fcfab4e4db7c8d27d249a450b352fd0c06fefed2aa7014cafe27
65bbaa03a775e6fde0cff077a89d36c781392c229420564b3c57adf47904821d
7514dca7db5acaa70529ce2da81f655533723b5e68c41259f660607b48b90082
7a968abb89bd9eadfe5f6d928bde336f3b23a04176b3ca214fe28afc3bec0138
7f3b95b9186089503cc16f8408a149f0013c644d419071f9c7cdd50a373b2ba1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89738c4b04ddb1248b243a4e1d8c6d2107ecfe6f8c514d25684814823f8ba9dd
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8382d233b285e3ed830e739cc1e5b78eeb551c96dd246cbe4faa6bc0b431ad7
ceb0d15b271246f4e66f60e80634b6178b3d9d56532518e8d38d90c350258dc4
d0b6653128ad20e90b1bf6c49217a4730919307da8b1fdb75a4c0813a6a30d5d
d384eafb190b5e84cb8d1c899e6bcfdbf71b4afac52d724b2f7f3132db2cda38
d8d210b24fc4b7045bcada346187be3bb004230a92322cc5bd5d3b173dfebb40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e44b17f2ae7daf2c007a333268c0061dee098213100215faf581702f7b3dd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffbe3b51b81ac85033b799ded5cea6642424a391b2a66d1a3b69de31ecdf527c