urlscan.io logo urlscan.io
SecurityTrails logo

ald.my.id Open in urlscan Pro
198.252.106.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ald7verify.blogspot.com/
Effective URL: https://ald.my.id/
Submission: On July 03 via manual from IN — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 33 HTTP transactions. The main IP is 198.252.106.147, located in Los Angeles, United States and belongs to HAWKHOST, CA. The main domain is ald.my.id.
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.
This is the only time ald.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    142.250.66.193 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f1.1e100.net
ald7verify.blogspot.com
5    198.252.106.147 (Los Angeles, United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.106.147-static.reverse.arandomserver.com
ald.my.id
2    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.66.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f1.1e100.net
blogger.googleusercontent.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.20.18.71 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    103.180.114.1 (Australia)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
1    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net
s4.histats.com
4    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.221.74 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
ajax.googleapis.com
1    141.101.120.10 (None, )

ASN- ()
e.dtscout.com
3    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
fundingchoicesmessages.google.com
1    18.67.110.7 (None, )

ASN- ()
get.s-onetag.com
1    104.18.34.83 (None, )

ASN- ()
cdn.tynt.com
2    18.67.110.109 (None, )

ASN- ()
onetag-geo.s-onetag.com
1    108.158.20.29 (None, )

ASN- ()
data-beacons.s-onetag.com
Apex Domain
Subdomains		 Transfer
5 ald.my.id
ald.my.id
12 KB
4 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
data-beacons.s-onetag.com
11 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
73 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 10359
s4.histats.com — Cisco Umbrella Rank: 10281
5 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10044
44 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
196 KB
1 tynt.com
cdn.tynt.com
ic.tynt.com Failed
de.tynt.com Failed
6 KB
1 dtscout.com
e.dtscout.com
t.dtscout.com Failed
3 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
2 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 16038
714 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
28 KB
1 blogspot.com
ald7verify.blogspot.com
11 KB
0 lijit.com Failed
ap.lijit.com Failed
0 sharethis.com Failed
pd.sharethis.com Failed
33 16
Domain Requested by
5 ald.my.id 1 redirects ald7verify.blogspot.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 onetag-geo.s-onetag.com get.s-onetag.com
2 blogger.googleusercontent.com ald.my.id
2 pagead2.googlesyndication.com ald.my.id
pagead2.googlesyndication.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 cdn.tynt.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 ajax.googleapis.com ald7verify.blogspot.com
1 s4.histats.com s10.histats.com
1 cdn.jsdelivr.net ald.my.id
1 cdn.rawgit.com 1 redirects
1 s10.histats.com ald.my.id
1 cdnjs.cloudflare.com ald.my.id
1 ald7verify.blogspot.com
0 de.tynt.com Failed cdn.tynt.com
0 ap.lijit.com Failed get.s-onetag.com
0 ic.tynt.com Failed ald.my.id
0 pd.sharethis.com Failed e.dtscout.com
0 t.dtscout.com Failed e.dtscout.com
33 22

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
ald.my.id
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
s10.histats.com
E5		 2024-06-09 -
2024-09-07		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh

This page contains 6 frames:

Primary Page: https://ald.my.id/
Frame ID: F59A919946A324386E64903B7B1F033A
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240626/r20110914/zrt_lookup_fy2021.html
Frame ID: 4559FC5151CD272F315EDE9982D46E51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&abgtt=3&lmt=1719965222&format=300x250&url=https%3A%2F%2Fald.my.id%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719965222008&bpp=3&bdt=259&idt=342&shv=r20240626&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4699216085441&frm=20&pv=2&ga_vid=702820373.1719965222&ga_sid=1719965222&ga_hid=4003296&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795922%2C95329722%2C95331696%2C95334508%2C95334524%2C95334564%2C95334572%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3733743954976216&tmod=1043767055&uas=0&nvt=2&ref=https%3A%2F%2Fald.my.id%2F&fc=896&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=362
Frame ID: FE7ABD6281FBD6B1DB89C4B5D53C65DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&abgtt=3&lmt=1719965222&format=300x250&url=https%3A%2F%2Fald.my.id%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719965222011&bpp=1&bdt=262&idt=374&shv=r20240626&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250&correlator=4699216085441&frm=20&pv=1&ga_vid=702820373.1719965222&ga_sid=1719965222&ga_hid=4003296&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=525&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795922%2C95329722%2C95331696%2C95334508%2C95334524%2C95334564%2C95334572%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3733743954976216&tmod=1043767055&uas=0&nvt=2&ref=https%3A%2F%2Fald.my.id%2F&fc=896&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=380
Frame ID: A21AEB7E9C368970AC8052CD516F6256
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719965222&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fald.my.id%2F&pra=7&wgl=1&easpi=1&aihb=0&asro=0&ailel=30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_5&aiixl=30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719965222012&bpp=3&bdt=262&idt=385&shv=r20240626&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250%2C300x250&nras=1&correlator=4699216085441&frm=20&pv=1&ga_vid=702820373.1719965222&ga_sid=1719965222&ga_hid=4003296&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795922%2C95329722%2C95331696%2C95334508%2C95334524%2C95334564%2C95334572%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3733743954976216&tmod=1043767055&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fald.my.id%2F&fc=896&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=389
Frame ID: 4BC4F4833D8DEC68398740AF72F58731
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D00171996522319D6810BC4FD0C3BB0
Frame ID: 4186CF63A441FF58993F5F595DC79B31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ald Verify ...

Page URL History Show full URLs

  1. http://ald7verify.blogspot.com/ HTTP 307
    https://ald7verify.blogspot.com/ Page URL
  2. https://ald.my.id/?arsae=https%3A%2F%2Fald7verify.blogspot.com%2F&arsae_ref= HTTP 302
    https://ald.my.id/ Page URL
  3. https://ald.my.id/ Page URL
  4. https://ald.my.id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

33
Requests

79 %
HTTPS

0 %
IPv6

16
Domains

22
Subdomains

17
IPs

4
Countries

422 kB
Transfer

1189 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ald7verify.blogspot.com/ HTTP 307
    https://ald7verify.blogspot.com/ Page URL
  2. https://ald.my.id/?arsae=https%3A%2F%2Fald7verify.blogspot.com%2F&arsae_ref= HTTP 302
    https://ald.my.id/ Page URL
  3. https://ald.my.id/ Page URL
  4. https://ald.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ald7verify.blogspot.com/ HTTP 307
  • https://ald7verify.blogspot.com/
Request Chain 1
  • https://ald.my.id/?arsae=https%3A%2F%2Fald7verify.blogspot.com%2F&arsae_ref= HTTP 302
  • https://ald.my.id/
Request Chain 10
  • https://cdn.rawgit.com/igniel/blogger/master/iglo/v2.js HTTP 301
  • https://cdn.jsdelivr.net/gh/igniel/blogger@master/iglo/v2.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ald7verify.blogspot.com/
Redirect Chain
  • http://ald7verify.blogspot.com/
  • https://ald7verify.blogspot.com/
50 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ald7verify.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
10825
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 00:06:58 GMT
etag
W/"4ec0e4cdb3f033f1a02f9410545a5a1ef224a7aa4ba014cdd860b4c73e02bfd0"
expires
Wed, 03 Jul 2024 00:06:58 GMT
last-modified
Mon, 27 May 2024 10:06:06 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://ald7verify.blogspot.com/
Non-Authoritative-Reason
HttpsUpgrades
/
ald.my.id/
Redirect Chain
  • https://ald.my.id/?arsae=https%3A%2F%2Fald7verify.blogspot.com%2F&arsae_ref=
  • https://ald.my.id/
219 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ald.my.id/
Requested by
Host: ald7verify.blogspot.com
URL: https://ald7verify.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.106.147 Los Angeles, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.106.147-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
6278b778324719e367c0750110781b6743351b33b4d0838ee4f82c2d7efd00ab

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald7verify.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
131
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 00:06:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 00:06:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://ald.my.id
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.4.33
favicon.ico
ald.my.id/ 		796 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ald.my.id/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.106.147 Los Angeles, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.106.147-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Jul 2024 00:06:59 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
796
content-type
text/html
/
ald.my.id/ 		222 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ald.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.106.147 Los Angeles, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.106.147-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
7aa28ef8ec612938c2bcca609f21ac3e3c6e114d14835cc225af4cf2c5681f55

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
132
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 00:07:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
Primary Request /
ald.my.id/ 		50 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ald.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.106.147 Los Angeles, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.106.147-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
69365d5f6f6d88b0f03911a6c7170dddb08d0c102620d18e4436e232fa6c0d43

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 00:07:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ald.my.id
URL: https://ald.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
a617f87f40a0c8019f056c2fc35f7cad19ed751a82d307374604fd170960794a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53227
x-xss-protection
0
server
cafe
etag
1175496350190707024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 03 Jul 2024 00:07:01 GMT
motor%20insurance%20quote.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhV2mufCwic-NGC9wpgCnQ_tNbFA-l8rrqbieFyIxc-hwTYbS3a1TQOLU60Y3imqy1yV2Ra0mLvkxr0mtirFQzRdl8HUIFGwZeHbN-1ZYAFW0XPgAB4Joue2DmmjAJHamVEq0bhi80fVeW8ke7p... 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhV2mufCwic-NGC9wpgCnQ_tNbFA-l8rrqbieFyIxc-hwTYbS3a1TQOLU60Y3imqy1yV2Ra0mLvkxr0mtirFQzRdl8HUIFGwZeHbN-1ZYAFW0XPgAB4Joue2DmmjAJHamVEq0bhi80fVeW8ke7prIDNkNsCHk_8H_jfvg2VB1AGMJndzaxuFOSC_HidiCg3/s1600/motor%20insurance%20quote.jpg
Requested by
Host: ald.my.id
URL: https://ald.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f1.1e100.net
Software
fife /
Resource Hash
7c2894035a97e01d6b6bbea2528887d30e1766e50b0a22cdd10f68131e924cfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:03 GMT
x-content-type-options
nosniff
server
fife
etag
"v472"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="motor insurance quote.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29882
x-xss-protection
0
expires
Thu, 04 Jul 2024 00:07:03 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: ald.my.id
URL: https://ald.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Origin
https://ald.my.id
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1049119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27964
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCafY5j0O1KvYN2DVKCARt%2FBW4iNdPEfimWn2iWOTaTQFTiWLpQPy0EkgSoobCeOqWS2ZaT8exKkqlzozpgREgbIVxjBwZ8Z8zjIBGs2usIG6Borkk%2FpChSL3rnA%2BDMDz7gC1k0j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89d2a20c08c95727-SYD
expires
Mon, 23 Jun 2025 00:07:01 GMT
truncated
/ 		362 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Best%20Auto%20Insurance.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTZef2smB-4WzKsOkrjN080E4YRXcWmVbIq6jcTxUMgr56k-eUFqy-Jm7D6EXXqB1WQfk-XifK51XMT1BsWcREtTRxd8-6dGx6m_nWYjXwYtdWuSM5xKwP0FgJhf4pxe8oEKqIizH5_bYtcQc3... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTZef2smB-4WzKsOkrjN080E4YRXcWmVbIq6jcTxUMgr56k-eUFqy-Jm7D6EXXqB1WQfk-XifK51XMT1BsWcREtTRxd8-6dGx6m_nWYjXwYtdWuSM5xKwP0FgJhf4pxe8oEKqIizH5_bYtcQc3HUz44jaH9QX0JyjQKcO_NqOZwd1QZx9dzpk_d77Uaw/s300/Best%20Auto%20Insurance.png
Requested by
Host: ald.my.id
URL: https://ald.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f1.1e100.net
Software
fife /
Resource Hash
0f7e0cfb6d530c55022148ddcdb56488b7555c33ba634aace1248a64aeefc917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v2a8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Best Auto Insurance.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14864
x-xss-protection
0
expires
Thu, 04 Jul 2024 00:07:02 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: ald.my.id
URL: https://ald.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.18.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
7168
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
89d2a20cbad0aaea-SYD
content-length
4547
v2.js
cdn.jsdelivr.net/gh/igniel/blogger@master/iglo/
Redirect Chain
  • https://cdn.rawgit.com/igniel/blogger/master/iglo/v2.js
  • https://cdn.jsdelivr.net/gh/igniel/blogger@master/iglo/v2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/igniel/blogger@master/iglo/v2.js
Requested by
Host: ald.my.id
URL: https://ald.my.id/
Protocol
H2
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfac6379159622c5669df9729c10cd6a801886ad458533283d9e19ba84107ebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jul 2024 00:07:02 GMT
x-content-type-options
nosniff
content-encoding
br
age
2838
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1859
x-served-by
cache-fra-eddf8230107-FRA, cache-syd10126-SYD
x-jsd-version-type
branch
etag
W/"1057-NqqERqSFe0flT912NfuehVLlGkw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Wed, 03 Jul 2024 00:07:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1151
age
67045
x-cache
MISS, HIT
cdn-cachedat
07/03/2024 00:07:02
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
94
x-served-by
cache-fra-etou8220086-FRA, cache-chi-kigq8000045-CHI
server
BunnyCDN-SYD1-1151
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/igniel/blogger@master/iglo/v2.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
ca49e674e5dc4364c3a007e2bf6aa318
timing-allow-origin
*
cdn-requestcountrycode
AU
cdn-status
301
cdn-requestpullsuccess
True
0.php
s4.histats.com/stats/ 		380 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4785196&@f16&@g1&@h1&@i1&@j1719965221890&@k0&@l1&@mAld%20Verify%20...&@n0&@ohttps%3A%2F%2Fald.my.id%2F&@q0&@r0&@s0&@ten-AU&@u1600&@b1:-177638463&@b3:1719965222&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fald.my.id%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5000868.ip-142-4-219.net
Software
/
Resource Hash
f5ee653f2f00f3635eb6e9f8a06e14f3e1d7eae5d3f764ea040f620e469d3f9c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 00:07:02 GMT
Connection
close
Content-Length
380
Content-Type
text/html;charset=UTF-8
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
6074fe16b152b8c4462ace1f5815c76f88a327a1a843206d41fe1d194a0f81fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146933
x-xss-protection
0
server
cafe
etag
17134143259860479516
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jul 2024 00:07:02 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240626/r20110914/ Frame 4559 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240626/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
48143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 10:44:39 GMT
etag
9187630395144177108
expires
Tue, 16 Jul 2024 10:44:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FE7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&abgtt=3&lmt=1719965222&format=300x250&url=https%3A%2F%2Fald.my.id%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719965222008&bpp=3&bdt=259&idt=342&shv=r20240626&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4699216085441&frm=20&pv=2&ga_vid=702820373.1719965222&ga_sid=1719965222&ga_hid=4003296&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795922%2C95329722%2C95331696%2C95334508%2C95334524%2C95334564%2C95334572%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3733743954976216&tmod=1043767055&uas=0&nvt=2&ref=https%3A%2F%2Fald.my.id%2F&fc=896&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=362
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38753
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 00:07:02 GMT
expires
Wed, 03 Jul 2024 00:07:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A21A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&abgtt=3&lmt=1719965222&format=300x250&url=https%3A%2F%2Fald.my.id%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719965222011&bpp=1&bdt=262&idt=374&shv=r20240626&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250&correlator=4699216085441&frm=20&pv=1&ga_vid=702820373.1719965222&ga_sid=1719965222&ga_hid=4003296&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=525&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795922%2C95329722%2C95331696%2C95334508%2C95334524%2C95334564%2C95334572%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3733743954976216&tmod=1043767055&uas=0&nvt=2&ref=https%3A%2F%2Fald.my.id%2F&fc=896&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=380
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41984
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 00:07:02 GMT
expires
Wed, 03 Jul 2024 00:07:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4BC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719965222&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fald.my.id%2F&pra=7&wgl=1&easpi=1&aihb=0&asro=0&ailel=30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_5&aiixl=30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719965222012&bpp=3&bdt=262&idt=385&shv=r20240626&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250%2C300x250&nras=1&correlator=4699216085441&frm=20&pv=1&ga_vid=702820373.1719965222&ga_sid=1719965222&ga_hid=4003296&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795922%2C95329722%2C95331696%2C95334508%2C95334524%2C95334564%2C95334572%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3733743954976216&tmod=1043767055&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fald.my.id%2F&fc=896&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://ald.my.id/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1184
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 00:07:02 GMT
expires
Wed, 03 Jul 2024 00:07:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: ald7verify.blogspot.com
URL: https://ald7verify.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 10:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 10:09:38 GMT
/
e.dtscout.com/e/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fald.my.id%2F&j=https%3A%2F%2Fald.my.id%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4785196&@f16&@g1&@h1&@i1&@j1719965221890&@k0&@l1&@mAld%20Verify%20...&@n0&@ohttps%3A%2F%2Fald.my.id%2F&@q0&@r0&@s0&@ten-AU&@u1600&@b1:-177638463&@b3:1719965222&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fald.my.id%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9cb1e0de8ea23f4ce6bd6008efebca1c0eef066f3ccf48d9f50a99e757eefc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:03 GMT
x-t
0.271
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fg961sEM1xx5bAjK08Vfh1Q906HY6iRrCszL2vrL%2B54CrE7n7iWUBClrJ4J0KZlsGCmbKWfDWVoz2OrCKyiM5eUuFtJM6Clofos5OF8hZHx5zq1hfO3k5UkNvMO5xE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl1
cf-ray
89d2a2129faf6a72-SYD
expires
Wed, 03 Jul 2024 00:07:02 GMT
ca-pub-2542884292174911
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2542884292174911?href=https%3A%2F%2Fald.my.id&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
7c74d27cc8d00bdda708055501071adc0cd50988762cbecceee6ae73b52f0a82
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ch49XNloiTblQKLtbvhqjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ch49XNloiTblQKLtbvhqjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLmWL5m0hY2gRtTrwoqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGxjqGZjHFxgAAKAjOQo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWG_xJ0P9RkZRh99WGeXYI24MquJu6O37nKNEFDmdq_EdzWunccglsZCCUIdFBkiSnVY4T2VQwUb5omIqCeQebxbkGE2_SVV0feK0RZCX20CCwf6ece_1W_25vBTT6FANI4LNw7FQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWG_xJ0P9RkZRh99WGeXYI24MquJu6O37nKNEFDmdq_EdzWunccglsZCCUIdFBkiSnVY4T2VQwUb5omIqCeQebxbkGE2_SVV0feK0RZCX20CCwf6ece_1W_25vBTT6FANI4LNw7FQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5OTY1MjIzLDMyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbGQubXkuaWQvIixudWxsLFtbOCwiS3B3VzhCVDV4Q0kiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
dc1903161e1688289aaf7590b38691efe45fc9833fdebd14775e2b1a7bfa9b39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7LhfQ0p_9peajfKqju8OCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-7LhfQ0p_9peajfKqju8OCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhWL5m0hY2gQM_vu9jVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDcw1DMwjy8wAAD6xzoj"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
t.dtscout.com/idg/ Frame 4186 		0
0
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fald.my.id%2F&j=https%3A%2F%2Fald.my.id%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.7 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c8ce49ea0bca4a25c06125706d379cd2786025153ced2d4ddcf7a1a9f8a2972

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Pe6GIZEM6dgqeqUvm6LottgOapPgk7ue
content-encoding
gzip
via
1.1 899497b8fe71995dd517601bf8d5f77a.cloudfront.net (CloudFront)
date
Tue, 02 Jul 2024 10:46:47 GMT
last-modified
Tue, 27 Feb 2024 18:38:56 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
48017
x-amz-server-side-encryption
AES256
etag
W/"20ad935553b73dd8a08c669492e0a0a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
VNPcAtVUqhQQ7xQyfyfrfgn7F1noq_FhKpGZwT1ehhi2fYywd284xA==
dtscout
pd.sharethis.com/pd/ 		0
0
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fald.my.id%2F&j=https%3A%2F%2Fald.my.id%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
age
243824
etag
W/"651ed188-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89d2a2161e3c54f1-SYD
expires
Sat, 06 Jul 2024 00:07:03 GMT
/
t.dtscout.com/pv/ 		0
0
/
onetag-geo.s-onetag.com/ 		535 B
950 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 05:58:02 GMT
via
1.1 a6b70b5c031397eba9646ba0eedbdb86.cloudfront.net (CloudFront), 1.1 1061288c3b70629c909a1e67ad3bde84.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1, SYD62-P2
age
65341
x-amzn-requestid
97ecef35-3245-45f4-947b-109405a8dd60
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
aRSEnFH0iYcER4Q=
content-length
535
x-amz-cf-id
Qd5Us2ZjfgLjreVUXtfJhBIp6y4xwalUbVUwFqtKIR0S0l5I_UC9VA==
/
onetag-geo.s-onetag.com/ 		535 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 05:58:02 GMT
via
1.1 a6b70b5c031397eba9646ba0eedbdb86.cloudfront.net (CloudFront), 1.1 1061288c3b70629c909a1e67ad3bde84.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1, SYD62-P2
age
65341
x-amzn-requestid
97ecef35-3245-45f4-947b-109405a8dd60
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
aRSEnFH0iYcER4Q=
content-length
535
x-amz-cf-id
Qd5Us2ZjfgLjreVUXtfJhBIp6y4xwalUbVUwFqtKIR0S0l5I_UC9VA==
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.29 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e163818928211f02c67e6e681d6eaa2836d0b76bf6f7d788d2ac8b3559006cd1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qPB_DsY9PcNoqTcQmlYVavIgcqbEMkpN
content-encoding
gzip
via
1.1 ece2a231e09716eb97b51099bf5928fe.cloudfront.net (CloudFront)
date
Tue, 02 Jul 2024 23:33:19 GMT
last-modified
Mon, 26 Feb 2024 21:11:41 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
age
2025
etag
W/"55d68040e85314adc43d0fc5d17f0b10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
hevlae7eZgnsOb700ROQJ8ojawyb8LG5ZaHCTfs_9rSxn6x23ro-_A==
p
ic.tynt.com/b/ 		0
0
AGSKWxUKaAg3F7AdpRJ6YAaZuOodZPEflmaa0AWqKluTAYY__35i7dMpA8eschpDMDOxJxawGL4q6TczWgUZ8HbQCv7FdTbwrxrOY5a2jQP4zIgCN-0x-nc6YdfCA5d5-W4kUiznSJ5Q6g==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUKaAg3F7AdpRJ6YAaZuOodZPEflmaa0AWqKluTAYY__35i7dMpA8eschpDMDOxJxawGL4q6TczWgUZ8HbQCv7FdTbwrxrOY5a2jQP4zIgCN-0x-nc6YdfCA5d5-W4kUiznSJ5Q6g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5OTY1MjIzLDQ1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYWxkLm15LmlkLyIsbnVsbCxbWzgsIktwd1c4QlQ1eENJIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMxPhv_KcZsq0hM9qsuIgnukbk96Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
cd997e3b1d5ff9142a2079de53413049c566d9967ee7286a4912724a91ae8c36
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ry_vT9KQnbFfrAJNoEwE_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ald.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 00:07:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ry_vT9KQnbFfrAJNoEwE_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1ZBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYg_Pz7H-huIk_6dZy0A4iURF1kPJF5kPfj4IutJIBbi4Vi-ZtIWNoGGeX--MyppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGJgbGOoZmMcXGAAAljk-2g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2
ap.lijit.com/readerinfo/ 		0
0
v2
de.tynt.com/deb/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.dtscout.com
URL
https://t.dtscout.com/idg/?su=6D00171996522319D6810BC4FD0C3BB0
Domain
pd.sharethis.com
URL
https://pd.sharethis.com/pd/dtscout
Domain
t.dtscout.com
URL
https://t.dtscout.com/pv/?_a=v&_h=ald.my.id&_ss=4s3pjjfsag&_pv=1&_ls=0&_u1=1&_u3=1&_cc=au&_pl=d&_cbid=1kgm&_cb=_dtspv.c
Domain
ic.tynt.com
URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1719965223439&dn=AFWU&iso=0&pu=https%3A%2F%2Fald.my.id%2F&r=https%3A%2F%2Fald.my.id%2F&t=Ald%20Verify%20...&chpv=10.0.0&chuav=Not%2FA)Brand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D126.0.6478.126%2C%20Google%20Chrome%3Bv%3D126.0.6478.126&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D126%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D126
Domain
ap.lijit.com
URL
https://ap.lijit.com/readerinfo/v2
Domain
de.tynt.com
URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chpv=10.0.0&chuav=Not%2FA)Brand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D126.0.6478.126%2C%20Google%20Chrome%3Bv%3D126.0.6478.126&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D126%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D126&r=https%3A%2F%2Fald.my.id%2F&pu=https%3A%2F%2Fald.my.id%2F

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 undefined| event object| fence object| sharedStorage string| ars object| adsbygoogle function| $ function| jQuery object| _Hasync object| config object| _0x6c73 function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _0x273d object| rain object| _HistatsCounterGraphics_0_setValues object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MWIzY2JlNTg5OGY2ZmJlNmxvYWRlcl9qcw== string| MWIzY2JlNTg5OGY2ZmJlNmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| a object| cv object| Tynt object| _dtspv

15 Cookies

Domain/Path Name / Value
ald.my.id/ Name: PHPSESSID
Value: 7b7ce7d4de683bf63fbe1011738af8d7
ald.my.id/ Name: HstCfa4785196
Value: 1719965221890
ald.my.id/ Name: HstCla4785196
Value: 1719965221890
ald.my.id/ Name: HstCmu4785196
Value: 1719965221890
ald.my.id/ Name: HstPn4785196
Value: 1
ald.my.id/ Name: HstPt4785196
Value: 1
ald.my.id/ Name: HstCnv4785196
Value: 1
ald.my.id/ Name: HstCns4785196
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlcEiSBhoCmm7kf00pJSDXvCN0lHWxawGRRrvdkcfKof9BtvglSy-ReQDmfrs4
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1719965223
.dtscout.com/ Name: l
Value: 6D00171996522319D6810BC4FD0C3BB0

1 Console Messages

Source Level URL
Text
network error URL: https://ald.my.id/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ald.my.id
ald7verify.blogspot.com
ap.lijit.com
blogger.googleusercontent.com
cdn.jsdelivr.net
cdn.rawgit.com
cdn.tynt.com
cdnjs.cloudflare.com
data-beacons.s-onetag.com
de.tynt.com
e.dtscout.com
fundingchoicesmessages.google.com
get.s-onetag.com
googleads.g.doubleclick.net
ic.tynt.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pd.sharethis.com
s10.histats.com
s4.histats.com
t.dtscout.com
ap.lijit.com
de.tynt.com
ic.tynt.com
pd.sharethis.com
t.dtscout.com
103.180.114.1
104.17.25.14
104.18.34.83
104.20.18.71
108.158.20.29
141.101.120.10
142.250.204.14
142.250.204.2
142.250.66.193
142.250.66.225
142.251.221.74
142.4.219.198
151.101.129.229
172.217.167.98
18.67.110.109
18.67.110.7
198.252.106.147
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
0f7e0cfb6d530c55022148ddcdb56488b7555c33ba634aace1248a64aeefc917
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
6074fe16b152b8c4462ace1f5815c76f88a327a1a843206d41fe1d194a0f81fa
6278b778324719e367c0750110781b6743351b33b4d0838ee4f82c2d7efd00ab
69365d5f6f6d88b0f03911a6c7170dddb08d0c102620d18e4436e232fa6c0d43
7aa28ef8ec612938c2bcca609f21ac3e3c6e114d14835cc225af4cf2c5681f55
7c2894035a97e01d6b6bbea2528887d30e1766e50b0a22cdd10f68131e924cfd
7c74d27cc8d00bdda708055501071adc0cd50988762cbecceee6ae73b52f0a82
8c8ce49ea0bca4a25c06125706d379cd2786025153ced2d4ddcf7a1a9f8a2972
a617f87f40a0c8019f056c2fc35f7cad19ed751a82d307374604fd170960794a
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
cd997e3b1d5ff9142a2079de53413049c566d9967ee7286a4912724a91ae8c36
cfac6379159622c5669df9729c10cd6a801886ad458533283d9e19ba84107ebe
dc1903161e1688289aaf7590b38691efe45fc9833fdebd14775e2b1a7bfa9b39
dc9cb1e0de8ea23f4ce6bd6008efebca1c0eef066f3ccf48d9f50a99e757eefc
e163818928211f02c67e6e681d6eaa2836d0b76bf6f7d788d2ac8b3559006cd1
f5ee653f2f00f3635eb6e9f8a06e14f3e1d7eae5d3f764ea040f620e469d3f9c