urlscan.io logo urlscan.io
SecurityTrails logo

mediacyber.id Open in urlscan Pro
103.49.188.59  Public Scan

Go To Rescan Add Verdict Report
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Submission: On November 23 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 24 domains to perform 176 HTTP transactions. The main IP is 103.49.188.59, located in Indonesia and belongs to IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID. The main domain is mediacyber.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 24th 2021. Valid for: 3 months.
This is the only time mediacyber.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 103.49.188.59 63867 (IDNIC-DES...)
11 192.0.77.37 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
11 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
19 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
24 2a03:2880:f11... 32934 (FACEBOOK)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
22 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 14 142.250.186.98 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.173.22 29990 (ASN-APPNEX)
1 2620:116:800d... 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 3 35.227.252.103 15169 (GOOGLE)
3 3 198.47.127.19 3257 (GTT-BACKB...)
2 2 69.173.144.138 26667 (RUBICONPR...)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 1 52.89.234.250 16509 (AMAZON-02)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
176 26
20    103.49.188.59 (Indonesia)

ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID)
PTR: srv1.cybermedia.co.id
mediacyber.id
11    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
19    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
24    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2606:4700:3039::6815:c084 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
22    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.89.234.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-234-250.us-west-2.compute.amazonaws.com
pixel.everesttech.net
1    2a05:d01c:1d8:8102:9b42:ec:9152:470a (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
Domain Requested by
24 www.facebook.com mediacyber.id
www.facebook.com
22 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
20 mediacyber.id mediacyber.id
c0.wp.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
mediacyber.id
16 pagead2.googlesyndication.com mediacyber.id
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
11 c0.wp.com mediacyber.id
6 i0.wp.com mediacyber.id
c0.wp.com
5 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 i1.wp.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 ad4m.at googleads.g.doubleclick.net
ad4m.at
4 adservice.google.com pagead2.googlesyndication.com
4 adservice.google.co.uk pagead2.googlesyndication.com
3 image6.pubmatic.com 3 redirects
3 rtb.openx.net 3 redirects
3 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 as.ad4m.at ad4m.at
as.ad4m.at
2 pixel.rubiconproject.com 2 redirects
2 www.googletagmanager.com mediacyber.id
www.googletagmanager.com
2 fonts.googleapis.com mediacyber.id
tpc.googlesyndication.com
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 assets.ad4m.at as.ad4m.at
1 i2.wp.com
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 pixel.wp.com mediacyber.id
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.wp.com mediacyber.id
176 34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
api.whatsapp.com
i0.wp.com
www.advintel.io
Subject Issuer Validity Valid
mediacyber.id
cPanel, Inc. Certification Authority		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh

This page contains 23 frames:

Primary Page: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Frame ID: 8B47326584EE427739600D781FA8B8D9
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 5F2719B249109FA607D42186D459C035
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 454A0DCAEB8891BB6681CCC20707282D
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&adk=1812271804&adf=3025194257&lmt=1637648062&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062114&bpp=27&bdt=2687&idt=293&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6853722120038&frm=20&pv=2&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 4267BCE713E4C32A388B425D037D45A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=2863071536&adf=3526151506&pi=t.aa~a.2135245809~i.19~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1637648062&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3994875284&psa=0&ad_type=text_image&format=696x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=2&bdt=3237&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0&nras=2&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lbLomx4oot&p=https%3A//mediacyber.id&dtd=22
Frame ID: 752FF1295364B762B82855DBBC9EA1E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=2863071536&adf=2104961071&pi=t.aa~a.2135245809~i.27~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1637648062&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3994875284&psa=0&ad_type=text_image&format=696x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280&nras=3&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=o1upSmefLw&p=https%3A//mediacyber.id&dtd=53
Frame ID: 63675CFDF2FB193F1F7201A0095E5E4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Frame ID: 72A6DE39B7AAA357F51B59240E8F99AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=1200x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062669&bpp=1&bdt=3242&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=4585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=9PR1pIlmLj&p=https%3A//mediacyber.id&dtd=280
Frame ID: 8607013933A3934F0F3632D8FA8BEC4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGKHNhoABMAE&v=APEucNVBi6q_wffAr_AL6APRYEDIxGYogP6fdndykeuhR_WgIxNiY3VUJr5LkjGWCKWBS0Y3GBbXKtJtGYXwKVKGmQMnMYdpROIeoTK9thyxy8ieLs0fRnN_qN6bAUVCYfDs7lPR9d1VNPtmtvjN5eWaHvhcpFzwdfrvcB8CfOnxCchKaJZm3AU
Frame ID: 2548859D9D2A41004849AE8320B5318F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbL8LD_vwCFcCY3n3P3En2KeK4T1ft6lZ8ool5HHbFGOqj8IgwziwnnMLdqMQiP3ZId1HcEm7oNHASR6FGB1Cs6vqdzfWWOC6cmEqrFAkqGgZauGF07WxPaICa7XlS3ye0lJb__Vk3gc2VakTeaiJ620OwAg&cry=1&dbm_d=AKAmf-D4ABh5n4X2jaUsJS7aPBnvcQqg60bkM-OqXZ50UYYVwifUkkdD1_hYxTPQ-XT9F4W4xBfCxMbUOtgByIPGJRebRSY8Bacqq4kWds8dZak0oST-K5J-ODxTSzJeCWl7Kd-IoDDsrTmZvmuZid-FzTNtuKVxlXuNifBbIvqzAcq8gCnUrIpXKNIO5pqZhLCwtmpwYXEJFy6QyOiy3z2uTkpb8qIY3ta0RSySHmBGP0d_350W8R0GFSlY5P8Dsrf2-t0eUtnjXRiW-T36uxE__PfCsasgtUMtTYyJPw_wb7Sp6vFN_jcmRSpA5NJdB67m-k5K3dcCng5pcWCb0ntfPpSx99Dp8zCRPrQLolx53_6IA4Oo_-lGjRik8BPxrdjpigX-obYbjnzvLq4_mMzsRxqiWOG5gAyKW4Y6nhtjiJ7BQu-r_svsVKCBwnvormgcgTVdHOW_LwEnN_--bSNL47e1qB-nmCy8fDxZVZeUul6KWhKOY_NII_5DGtDWlvWqeWwnSOY50RykRNoCFo_eW8JUoLwNrFWsRV3FkI8qhFUiyLRf2TuZ6m_SNc8SwkBn--7Pvmp_6DYHwhJuVd_lN4r24YGYfMYZiCMDua0za88ZKMX-VGUyEcEGkjppj4OVEoXCoTKqWlqDCUoGg3WaJ7WZoejgR23BvVvcIwpY5zIOvlYID_sMaDKwxNu4nSuExNdgD3j2MJo0eivKubE3MSxiYSgpFAxp1EciNKLCMmN0ckvLhPXmvsQDXpqm4A-PxAS2zqX_LRmhx8YshUTL2vFiNHPlarGhNtVEsxB8u3VR4rZNZtTH8jyRMdeFNrqaQmG6HGv4R4bFLF8i7uG_3WSeD7LvXM1QQPf9iVMc9Ft3kXI01NnaLfCtEL6uI_kRnB-wonwXNyCBjEBaa_XkLta6JGgm6WyjnZJbDKklcYZJF9jr0PrbwJIdtFDryUfE1mnvHwCveBlPqFTJLcZ4DKmaWd2wT5mQrVggV1pgZbZA5CvPLlXsfcSF4_bqvgvAJSrRJKhryyU6sA8pRmmYGF1UDumaKFQjqbogJ7UD8W6eypr2GAQYMjztOdZLIBbSWY3IJWjjqmseS_Osc_Y5v5w80euumJ0U93vUHC5ZIa0qhuMT4x1tIxEgqJiN0KRq8LRhOLWocIE3Bd81brfMptosBrPHGwN22rYCLqrpwmoMdOIvqYSbDzBDZemWjOOG9F35vXgWf1JCjee5Tkjf58_xnRaJw6VqAdMpvvWIpmYB5nJ_aXgiswF8JhNLnsh7zD-MJdImsxmxRcPaZMCl22jqYFPXilvQXKAaYvzM7B-pIZp36Iqjilzq0l85C46p30cwgenFVZBA_6ijirWXH7vDBh5ZmkVd75nZEYlXhX9z2kt_7KDrOAN62tWK-YNLQc_q79vZZLsvmrA56LSbeINnF92DHr5m2d3zZh7Nf9kse72ayEpga-IdzD5p3QvokSps1N73uxecCIp4fpOsB3upfifiThxuz9hItvUamyMu9DBrYbkh62irF1IiVMIRBAWY9O_Nbh4IwcMQp8Y-2Zf5CH-5ddiDfLhqOEYdKsOrTz1Bt7pXh1krEhcY84jkFMVoVz8t9JEblMakKAT6dSHhihdJJVCLIbGQNbyr3UmO0RBv5PgA-uNwvDncyPnwG0aHZnJ3h0cbr86H2-TDrc4ZZblP0OXe8vxlrKEFEUGPavd5g6RUwYXpFHOmJjsQ_xmYggo9lvvtNFvMPkYPu9JiIKCFfDOFK3Iro3cnJrp822ulEHiIZt547RRSBLSPAo2ryb_LkVbyWJKwtR6s2VN_hml966hQYC5z9h2HcJMXspVGBAm-pRysK4Q-Jx8pluYwamVUEH91MZGrIo8DCBN2zduIrS0sQuCmD1ceX8Mf7ha3mX1khnzkBN81SE66oLuM_4_sfJs00VgGazbhxwsbBQQyFJ9NFuaBTD2-tOs3KY0l98rtcHJMs93h0x2tSuSmhBVortm-Yk2brBNzPuzSYo_ocyIrk5GLNxfo7T1RWkpgoEcoaQEm12GBcfuFR7ROedZWW29L9YBhVGEKKZ8XwP6zY2rI0N4aLn3B2yeUHjJ_ANEQWFCE6wwYhOKhGkH-1q1Wz_QVy_JUkBQ25cCz2q04eEXyYICrxN1cewOkeHstvMFxZPiHLnHmZd5VUHg5oHxhQ-8E8JOGI-xX0mJKeyUsWqk9SZ5US8T-snms6Ff1F9zGfOApOhbqRv5UmZyb_nZKum4vsSDE-VpAZKbyhI1p1edV6SyiWcFl_bdZOHnixO5WV9jFc9qN6KoskmuAgV4X3Zj-KFvzsXcuqk5OmdSkzjmXld76dt1DEO1z2xUKr1k3F5Xxgts9hu6d70cGrCi2MXHxsvmKmw-4J6KbfOuAk8OTlzb03qma1QGO7_nqYYBTjrtzGB5od3ocofWKP3Q3BTmfPZES933BNx8-Z9odyi88NH7ZjBdC6Evkj45AdIbbXiDFZij4MbASxHj60CbM_V6tOtLSKxBOVI2skuKDM9tajmsem28u7kH1-jsczVbRTw7u14rMgZ8l28d9FKSpuVecN78AlCMtmO7GfAOAitksbxif_S_WB7OalY_zo0ZBFOo2dNRUTaJg9Pfewyj_exBcS7cmEJBIyoEWx08W7wkvyQZ0Nm0NmN4QWZspZpqpIk3iCLYQy7vXNGLhL19bJEuRepFaEYGocUEAWUIPTpf4o8jifnrMOg5_2wmzb6XnSgKsrG0hbxYJjjk4gugfE_e2UrYcyjDVBazcRtdGOQZTe1jsK4tIlKC3XxdVNdpPWaqWt6Xdpa-V4BpWL2nwciNA-elgmL7kHlDxlEnzaCe6Osfm87xRj0Qd7lZ5pDHi_CJNo5gxT5FQ7CoTwEebo2AC4-5J_JMM3pz5RBzQFi2G6hUFcy_Aoz-GSq7gQwLrj5eElCtxOEBAC7QXQzu7Tyx0YjwFEe36fYb52JA91YnLEfgjJspx5pKaG7jWNk7F4zSc8mQq8y7VpvYPcGUQAc38naaIV7_wSvZJKeHdm8YthfpBnQefUUpolWu6HLq0LCMzyZ5wMy9Q5WlOdw32&cid=CAASEuRogHEgLX6X7-NiX6Lr9tlfdw&rfl=2%2Chttps%253A%252F%252Fmediacyber.id%252F%240
Frame ID: 9D5FE58E2A96FEC83552738208933C4A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF5FD74AC63F0EF28B375DB5FBE3D46A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA4E8B16DC5F707586D96AF9B2F5E8C8
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6B134C775922ADF46B48C639CCCA62AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Frame ID: 1633CA3B0E7528F0F57243674F522E51
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Frame ID: AA237D83AA6A78154164BE43A1B59B8F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C6C2EDDB0AA96926DBC828E6AEFF0E85
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B022216BAB646DC20A6A1DA6132B8AE5
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=36071&b=dEJtEfeKq6tkZ4hEHztRHEt3QWf3T4T6Baj&f=K19HRfRkQrakWKh5Hrt4HzCYGZt8TATXeCq&c=300&d=250&e=kGHmoxk-U43dQbzqFsFtL4HPw3mTVFyM&g=795ac9e3185f731f604b285ccc076872%2F16192509556157555411&i=27907&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1637648063932&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3DUavoacYfOeK5PFgAe--S7vrbPSZezOxY3UC8CNtwEQASC8m9VjYLu-roPQCqAB3KiQ5QLIAQmpAkhkDSZZ2rI-qAMBqgTxAU_QdMCTZ4TQaNc6YrNssY1iIUZLQ8ozsa43xNalJZ_6GHkgJHI_xsb0j3xIiJGMwPm2oZq9WDE8-JDqKNT9jC43JOfxaLzse1V5UqupDEAcWhQ8vAYTlu0dMvUOwB80MJJBNilUGHlVJbkDsaNnmkakyH4uNq5O94GNYOgUg5SYKbmJZNdihCmLBIYjgJOqezatc-5E9grIAzF3dD6pDuNZpTGMFk7UeVoO0dbNtNpMtAYtTMQP0Q7fDQvbJOqfYX2c-ZGR5g1_I0uAV_j6SrcidyrDeWnJ85rQvJtRpfcDtTUnAuCvwY2NkDdUWBoxDYDABOaq7J6gAuAEA5AGAaAGTYAHjNfvmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE7iSownQEwDYEw3YFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASEuRogHEgLX6X7-NiX6Lr9tlfdw%2526sig%253DAOD64_35zX5HUJe9oBgHT3qaPsVWsAGUQA%2526client%253Dca-pub-7307355418381929%2526dbm_c%253DAKAmf-BE-NLlKANSwe2YMAtZq-SKR4d0kY7afhcEjsXuS7iZre0zvFClzmnTpGjh86APtssg53AHmBRzWWAoC9q7mavWB1KO0Rg5C1ZKNW-LA84NnNYQDjet2rvhG_4GgfPpW7u1bgoI5dCFXEWiGa6hFAqkCg1rDg%2526cry%253D1%2526dbm_d%253DAKAmf-DIZI526grDTS09n1zLJs147HgEzcE3-lRb3udhfr796XQmqO4P5E2KMCWZ2E7ZbxLFpbSz_iArAZofEw2jWHz3qx6yYxwE2t_gAvUdzzOkOTZJzfSK7k4suq3pzD47W3u1GPHXEj5CDbHo1Q1YvJW1LuoRBcq18-ql7AozDBAY5YrUj8xN9rz3aZok7EnBYrqUvM95AJTJtH6HYpYWGTBaMWKA1E5370pRHIyMevobhSv3o1jQyGvlw1xkP9V9FTY_OMLcJ8LsrTa5-G4ix8E97ZYquP_IOxychpUoIOmfUmX2oKaFr4DBt7b4s_rfxUzMoFojfZ3MCO6YnuLASLyowxHzX07nWAENmWC_kBAUKWkz6M4I0YsKbwXXESCIm0anicVd8KHvExCW9-wmglR4tEcPL7AskUPQSAlq4uuJXNmkR7ardpAAKCKfg8GBqDv1DmpAlz4g4-gxsrp5Thcbwg316Ndy5-SrqbJ4mP86sKqnPHJEdEweAUWukdfWqEjPsCPqRXzctw4PJCKh6XTxyUt0Bg%2526adurl%253D&y=1&z=0
Frame ID: 9E95C794861ACE687F6BFD766179A523
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Frame ID: 1A6AB0FEAFDE0FE73EB3C9D74E8F9A23
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EAA39025470CE23D20335B607A826823
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 08E3CA2E51C07AB85422615631DD611C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15A0F36180F002F30F62B245D05CAA4F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 647EB3026F8558D9AEE1A72BA678D7C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Comeback botnet emotet didalangi oleh geng Conti ransomware - Media CyberComeback botnet emotet didalangi oleh geng Conti ransomware - Media Cyber

Page Statistics

176
Requests

92 %
HTTPS

52 %
IPv6

24
Domains

34
Subdomains

26
IPs

4
Countries

2951 kB
Transfer

4913 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
Request Chain 95
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZyGvy2v5OEZrNEtbWqYyAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBpfiWRsPocFb3WZOMmV2VY&google_cver=1
Request Chain 97
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MDU1OTQ2OTkzMDk0NzA4Mw%3D%3D
Request Chain 105
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJdi4F7uy8hal-EiJebAQ4-f5HQR0mhQtNIdYe_FdznPGpU1TtvZg3aUMKi7KYuYm2A5Ue34RpW8MEoEPU_aiNcf3jOa6kRcg&google_gid=CAESEPo5FpCKnMji9atNE8PpUV4&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCL-N8owGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBKZGk0Rjd1eThoYWwtRWlKZWJBUTQtZjVIUVIwbWhRdE5JZFllX0Zkem5QR3BVMVR0dlpnM2FVTUtpN0tZdVltMkE1VWUzNFJwVzhNRW9FUFVfYWlOY2Yzak9hNmtSY2c HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM20xMHJsck5YM2kwTlk5TDNhYTJ6VEdYMGszdWtmNjVWYUVOc0p2VURPQQ==&google_push
Request Chain 107
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMAAUfjVsMslZD6WcYgD-Sk&google_cver=1&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMAAUfjVsMslZD6WcYgD-Sk&google_cver=1&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
Request Chain 108
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED5DPRXj2rk6ye8IdYR-NWQ&google_cver=1&google_push=AYg5qPLcxiNbRtT_Sgweo7zD4a4vFyVXJ3TKtd49J9vy5kfiEUnM8OMhA-Q8vX8cQFljOHBXEBsEXOesWum3F7jspWYqcyWBxHjz2g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED5DPRXj2rk6ye8IdYR-NWQ&google_cver=1&google_push=AYg5qPLcxiNbRtT_Sgweo7zD4a4vFyVXJ3TKtd49J9vy5kfiEUnM8OMhA-Q8vX8cQFljOHBXEBsEXOesWum3F7jspWYqcyWBxHjz2g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcxiNbRtT_Sgweo7zD4a4vFyVXJ3TKtd49J9vy5kfiEUnM8OMhA-Q8vX8cQFljOHBXEBsEXOesWum3F7jspWYqcyWBxHjz2g
Request Chain 109
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENzk4-dIGr8dAIF0p0jZX-M&google_cver=1&google_push=AYg5qPIXDIigkGwLMn0kcD6zaFuw_TkCzHg9UTk5yYljdsmD3HScDoV4Ep_n5A51vLw3-T59Q5pxkb8Mao5w2ny1hhkKLC8Dvby9iQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERINE4tTS0zQ1My&google_push=AYg5qPIXDIigkGwLMn0kcD6zaFuw_TkCzHg9UTk5yYljdsmD3HScDoV4Ep_n5A51vLw3-T59Q5pxkb8Mao5w2ny1hhkKLC8Dvby9iQ
Request Chain 110
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_cver=1&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA
Request Chain 157
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 158
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL-zZPYz25ESQ0kJNsjg3IkCHpYsILpsXjjkWz5D6rQnhJYj4BjhuWpAlrhJ2PsTya3cPeyrIEYXh-9ElNo-TZO1HrC3CpM&google_gid=CAESEBhopyVYiGM7TtIYXo80CSU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp5R3dRQUFCVkN4YmpAZw&google_push=AYg5qPL-zZPYz25ESQ0kJNsjg3IkCHpYsILpsXjjkWz5D6rQnhJYj4BjhuWpAlrhJ2PsTya3cPeyrIEYXh-9ElNo-TZO1HrC3CpM
Request Chain 160
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMAAUfjVsMslZD6WcYgD-Sk&google_cver=1&google_push=AYg5qPLlYt5F9SgfO8xLRVvTVMHfvM6bU8ETB13H_8Yx4oK8Xz9-Ft1XZz_g1-Ahxl9qtI7UTb5jG83IP2AsdNQwKHvx-F3upP42 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLlYt5F9SgfO8xLRVvTVMHfvM6bU8ETB13H_8Yx4oK8Xz9-Ft1XZz_g1-Ahxl9qtI7UTb5jG83IP2AsdNQwKHvx-F3upP42&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
Request Chain 161
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED5DPRXj2rk6ye8IdYR-NWQ&google_cver=1&google_push=AYg5qPL8R0O98038nrD2Z_kK516MQ1ldZelBf-kxPglgCZPQgsOFRty0mPjqHNlzNCGmaqKqaXR0W3OhlS9VOd-2I70pqHVjioTa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL8R0O98038nrD2Z_kK516MQ1ldZelBf-kxPglgCZPQgsOFRty0mPjqHNlzNCGmaqKqaXR0W3OhlS9VOd-2I70pqHVjioTa
Request Chain 162
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENzk4-dIGr8dAIF0p0jZX-M&google_cver=1&google_push=AYg5qPJ0eZbylZDGSLVeutAnH3tkhl3ppAPZcZHgpyZSYBuhInZWqGIlmk5X2PY3mu8Tv_xdjNJ4KznDyIutCHZ2vxU_ZLpwrffH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERIVlQtMUEtNzBITw==&google_push=AYg5qPJ0eZbylZDGSLVeutAnH3tkhl3ppAPZcZHgpyZSYBuhInZWqGIlmk5X2PY3mu8Tv_xdjNJ4KznDyIutCHZ2vxU_ZLpwrffH
Request Chain 163
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_cver=1&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6
Request Chain 166
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

176 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/ 		151 KB
151 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
0f2315edcc40b62b66c9b98beee6da5ea190b8a4792c94f3013a62d54df5f05c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx/1.21.4
Date
Tue, 23 Nov 2021 06:14:17 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Pingback
https://mediacyber.id/xmlrpc.php
X-LiteSpeed-Tag
764_HTTP.200
Link
<https://mediacyber.id/wp-json/>; rel="https://api.w.org/", <https://mediacyber.id/wp-json/wp/v2/posts/10408>; rel="alternate"; type="application/json", <https://wp.me/pcs5cV-2HS>; rel=shortlink
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
wp-automatic.css
mediacyber.id/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Fri, 21 Sep 2018 09:06:42 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Content-Type
text/css
style.css
mediacyber.id/wp-content/plugins/td-newsletter/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-newsletter/style.css?ver=11.3.1
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Thu, 14 Oct 2021 10:26:48 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5831
Content-Type
text/css
style.css
mediacyber.id/wp-content/plugins/td-composer/td-multi-purpose/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Thu, 14 Oct 2021 10:24:44 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37284
Content-Type
text/css
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7cb333c1d23b4d034bc1f3cc7240773550ca144c57a4e6f706698a5bbd0747d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 04:41:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 06:14:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 06:14:19 GMT
front.min.css
mediacyber.id/wp-content/plugins/cookie-notice/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.8.2
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Tue, 05 Oct 2021 03:33:19 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5480
Content-Type
text/css
style.css
mediacyber.id/wp-content/themes/Newspaper/ 		146 KB
146 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/themes/Newspaper/style.css?ver=11.3.1
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
617885a3b0466844835e70fe3210c2ddeeff7f2d81706e366b5fa74ade330a14

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Thu, 14 Oct 2021 08:27:28 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
149061
Content-Type
text/css
td_legacy_main.css
mediacyber.id/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		155 KB
155 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
bf77065b0e4b52c6ee71566850b3e6a1ecdfd6331427c5063a1116e347b85203

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Thu, 14 Oct 2021 10:24:42 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
158679
Content-Type
text/css
td_standard_pack_main.css
mediacyber.id/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		715 KB
715 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Thu, 14 Oct 2021 10:27:02 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
732364
Content-Type
text/css
jetpack.css
c0.wp.com/p/jetpack/10.3/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/css/jetpack.css
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 19:34:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
related-posts.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/related-posts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/related-posts/related-posts.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2256c9e5605323f852f232fd6819a02cf2cac3e04c84299e19efe83037fd8cda
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Tue, 05 Oct 2021 16:47:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
jquery.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:19 GMT
main-front.js
mediacyber.id/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.8.2
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:18 GMT
Last-Modified
Thu, 09 Jan 2020 06:09:46 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Content-Type
application/javascript
front.min.js
mediacyber.id/wp-content/plugins/cookie-notice/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.5
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Tue, 05 Oct 2021 03:33:20 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8371
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-60148533-4
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa2c95c29f33c051d6cd6f39a83701983f675d876502251c793e8099976daa1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36143
x-xss-protection
0
expires
Tue, 23 Nov 2021 06:14:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7307355418381929
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
967d551ff201dd9ba2e0241a9a6480ad3cef7c95fefb945d12528ba1fcef95e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediacyber.id/
Origin
https://mediacyber.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51184
x-xss-protection
0
server
cafe
etag
8331580398840751779
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 06:14:19 GMT
wp-emoji-release.min.js
mediacyber.id/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Sat, 18 Sep 2021 07:34:58 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18181
Content-Type
application/javascript
logo-mediacyber-web-300x102.png
mediacyber.id/wp-content/uploads/2020/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacyber.id/wp-content/uploads/2020/09/logo-mediacyber-web-300x102.png
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
6209237f1d67867d7059cb7cf68b6a472148abdce6f465d362ba22ba00f022bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Sun, 24 Oct 2021 17:56:51 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7319
Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcae826eac25832ddf7a00c1687d28515d81b9f3118779ad50fde6fd63eb0f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51205
x-xss-protection
0
server
cafe
etag
11808501933474508633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 06:14:22 GMT
Emotet-map.jpg
i0.wp.com/mediacyber.id/wp-content/uploads/2021/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mediacyber.id/wp-content/uploads/2021/01/Emotet-map.jpg?resize=696%2C348&ssl=1
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
08a2081137e3d70ca13aa8cdf0099a64ca42de1e9c2fe97c825435cb11c12bff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 6
date
Tue, 23 Nov 2021 06:14:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:22 GMT
server
nginx
etag
"d2e94bde67b2d6bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/01/Emotet-map.jpg>; rel="canonical"
content-length
14260
expires
Thu, 23 Nov 2023 18:14:22 GMT
logo-mediacyber-square.png
i0.wp.com/mediacyber.id/wp-content/uploads/2020/09/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mediacyber.id/wp-content/uploads/2020/09/logo-mediacyber-square.png?fit=96%2C96&ssl=1
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9f7cd62356d4bf4585c4e1df4e6c26ba1b6bb8922670f952655b81c77e85bf5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 3
date
Tue, 23 Nov 2021 06:14:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Oct 2021 02:50:27 GMT
server
nginx
etag
"184056f9fe9d05ee"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2020/09/logo-mediacyber-square.png>; rel="canonical"
content-length
1374
expires
Wed, 25 Oct 2023 14:50:27 GMT
logo-mediacyber-web-snall-stick.png
mediacyber.id/wp-content/uploads/2020/09/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacyber.id/wp-content/uploads/2020/09/logo-mediacyber-web-snall-stick.png
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
8370700527ff5e209a0c966ce745625e28b787da5f25880d0a3d3ec11878219d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:21 GMT
Last-Modified
Thu, 03 Sep 2020 08:22:56 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3394
Content-Type
image/png
photon.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/photon/ 		758 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/photon/photon.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:21 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:21 GMT
underscore.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/underscore.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:21 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:21 GMT
tdsLeads.js
mediacyber.id/wp-content/plugins/td-subscription/assets/js/frontend/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-subscription/assets/js/frontend/tdsLeads.js?ver=18da952bde8fab1875ba66b9c5072e53
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
0dca9aebd44a0d703986efe180554294687479465a34250979df778be1597350

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:19 GMT
Last-Modified
Thu, 29 Jul 2021 09:12:56 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5045
Content-Type
application/javascript
js_posts_autoload.min.js
mediacyber.id/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=2713a088559ff26084e8003394764364
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Sun, 24 Oct 2021 17:11:07 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5280
Content-Type
application/javascript
tagdiv_theme.min.js
mediacyber.id/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		258 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.3.1
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Thu, 14 Oct 2021 10:24:44 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
263832
Content-Type
application/javascript
comment-reply.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/comment-reply.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:22 GMT
js_files_for_front.min.js
mediacyber.id/wp-content/plugins/td-cloud-library/assets/js/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=2713a088559ff26084e8003394764364
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Sun, 24 Oct 2021 17:11:07 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37582
Content-Type
application/javascript
wp-embed.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/wp-embed.min.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:14:22 GMT
image.js
mediacyber.id/wp-content/plugins/featured-image-from-url/includes/html/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.7.8
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:20 GMT
Last-Modified
Wed, 27 Oct 2021 08:15:29 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2271
Content-Type
application/javascript
e-202147.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202147.js
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
br
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 14 Nov 2022 00:13:52 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7307355418381929
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98e4838db7bc472fe23d1973c34fc42eba931c13febceb4ef849e683d6f9b6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99574
x-xss-protection
0
server
cafe
etag
4690200522950356603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 06:14:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 5F27 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7307355418381929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 22 Nov 2021 06:55:30 GMT
expires
Mon, 06 Dec 2021 06:55:30 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
83932
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
newspaper.woff
mediacyber.id/wp-content/themes/Newspaper/images/icons/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/wp-content/themes/Newspaper/style.css?ver=11.3.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Referer
https://mediacyber.id/wp-content/themes/Newspaper/style.css?ver=11.3.1
Origin
https://mediacyber.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:21 GMT
Last-Modified
Thu, 14 Oct 2021 08:27:28 GMT
Server
nginx/1.21.4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24864
Content-Type
font/woff
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mediacyber.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:57:38 GMT
x-content-type-options
nosniff
age
483404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:57:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mediacyber.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:07:55 GMT
x-content-type-options
nosniff
age
554787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mediacyber.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:45:42 GMT
x-content-type-options
nosniff
age
484120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:45:42 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mediacyber.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 05:33:18 GMT
x-content-type-options
nosniff
age
520864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 05:33:18 GMT
like.php
www.facebook.com/plugins/ Frame 454A 		45 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb0ebba0a0650f33afb9c6fd46ff42a4476b8fb07d4210879e0aa8fa553a8eb1
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
GTdUFqgEicXU5+Tmtcxq0h0Tjiq8j6WoZ3NU9X6RVYzmTtzu/Ch5HSBGnb7htzzMku1ks9FJvx+iW3JqaWk0hw==
date
Tue, 23 Nov 2021 06:14:22 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
truncated
/ 		111 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ 		203 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mediacyber.id&callback=_gfp_s_&client=ca-pub-7307355418381929
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e0b14965f79ea8e3d8c041a1d07053da72481ac025ee33354d517e94db127f08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4267 		32 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&adk=1812271804&adf=3025194257&lmt=1637648062&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062114&bpp=27&bdt=2687&idt=293&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6853722120038&frm=20&pv=2&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d2765af9e166261bb8463f1e5e8f03a8f31f90a5bb4751573a544e3a47af7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:22 GMT
server
cafe
content-length
6124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 23 Nov 2021 06:14:22 GMT
cache-control
private
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60148533-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4395
date
Tue, 23 Nov 2021 05:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Nov 2021 07:01:07 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WJM17ZNQST&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60148533-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d5d7b67889049d494817458fb2ce25077d0e7e019c90d045fe1d3c35935cbd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61667
x-xss-protection
0
expires
Tue, 23 Nov 2021 06:14:22 GMT
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
If8nW+Okd911YyuDY+n79GYGC/uNGV8ARavKhIi7SCypNapCuSJCRvbSNxjU4qjJS+D2EbGqSBYtJpPe8WkP4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
+PX2vsCWGVoiSQHVbiW4/+URKfCB8X9rmPjE/Ul5xEXEreFmcBKIyLiVYFbh1X0Up4EYFQv+e4vYV+DvPO6TOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
pqeuhsRS8dfs1GfflKVsRnQgC1WagNZxr9kRjl62aLQpEC3ayJUAdkvjfKphkfkQSRdoKjOpDJG8FuajpZuEEg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
O7M95NPQIeAu/4WnQVdcikX+SnP4wofWSh8zUyWMECoDNToKac9nxMzxPCLnV0Bl8mc2WMSEgB60qhN6p+woOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
3FRStOT1A+0rdMdIFxwDDgWqzgYBa0QxCTjIW42l8YU9W38U7DMf2IOXgPOqXdmixz+bGPmh6R2sAAZLWLyc+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
oQuD7GD/OgCMGP1mQlWMhjWBwZRehjkmee/2n8b6kRTJhFOc0Y+XGNWCaELV8xt4Kvpmk+wLGmdjPklfmEcJIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
szGJjd5/gmtEm1LyvcHtsD/FMDBWwZ+f/6lOELcALzseob4UgDMzaTdtBOoRxGbI1O/qq+sCRLc3cAr0e/r0LQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
XNIyDa6+hP62KEhs/NpL0jTJXAjsaNqsUuQO3jl+50W7VtoT8lsJRt6PiDzjOcboavELVoYBoUZ57xfSRlgdug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
HckFinD1rejkGmTcGpSIaipsALXRi9woGj/ZgnWT3IPdwXnqRzbQ71DxgRC59V3QLzHyYZhHaHFG2Am4gX4WHA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
CFD4EgoZhz+DssVrC50y4XvjyT8SNpevl0wN0Z6/IdeLic7zcbDbAA3Te36dtcFXwv5O2EgGymXTrM58u9ySag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
DM8TSSrNtvkoCTEvygNYxvSzdKWCQB1wK5bGSszsrr0zYVklvkYHkFLU7B/pRgXk0ibrGlcUanjMEcrh7IFvFQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
32 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
Xc1ncy0PVNfEbLEH/k9BdbyaaDuXpoVZiDMM+MiQbkR3yViIj00wW2bDgKYmubbH8rN+do3oMMWl0Ls6p7GFNQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
ZwwK/6uxOMoGu3gr7WrR6YXAbVy3vP7xMsVKEgxzj545Cb7wWeKJgGyOeybMxUJm8oA5y6TFGVtO+mVfC6lNzQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
jA9ucsH17TOoMzuuKjFjLLbBm6qU9Y93/faF8Iqo5nl7ME7MT2ZthquJQ7BEQ0rEms7tODHrCESamOYWMRgVTg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
kqt3+KvXZUv8czVyIS0i2hdcmrySAGwnF5anFYU6QraXG8ILvM3TBRDvIKnIhiVUkzo84o4Lk1QlJcwrFtDAbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
KPU+vabb+NfLCLu3i4D28cVIO/duQG02lS1u0QFzLQPRfQmCrxB/4SL1VBrkoKMf8UFpF10F6J8pHWfY4Vdnmw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
1GsQGGytQNV9biEnHcur6btOPSIlG//DMHB61mrQJwFwg3RjgWBcltviMuCFZGJmdFLMHJV63NT6EyyGq19ujQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
A9MgXvsOpfbYvE7KoFgtGthWNVUJHdoAZPEbkigoyi83EGy07syzOzr28h82y3UD48p5h4CrEAs4wUiD5KA8Nw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
mUMCY62J4tZFQ2XOiQvfa5wOiviPEmihgQempYDfl+1bX8cyaEl2T+3tIVQBzyODGOLpxVghlZmZL03WxaksSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
RDILl+bb5SkWtEWW/pM5LYAxn58PaxdY0RA4+OAEDO5GjXCI8YMMybJ9eLvVjy/VvohYH3WWtIEgrCk9JiMAgg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 454A 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
137VJGEbytMu+zOV1AJvERkoG4NgMSDgH8qq7TmpepnsLSeJ5/Dvu70r/PWqoQnS+5pMfmkOCo+yFqhuW7VN6A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 23 Nov 2021 06:14:22 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 454A 		400 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fb-debug
jYGIaHh8OqMAorjbyX6pZ6BUepT/ZbYWp9+GyKTnSbxgYx8VJ5yTbQaZ64Js+yysEWFsCh0xCa6BijXjc6xkJg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Thu, 11 Nov 2021 02:53:10 GMT
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Fri, 11 Nov 2022 02:53:09 GMT
RZAsbT6fr_E.js
www.facebook.com/rsrc.php/v3i7244/yv/l/en_GB/ Frame 454A 		518 KB
136 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3i7244/yv/l/en_GB/RZAsbT6fr_E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
718af566df0b3fa0322ee84163e1e204df07d8f53c7f76a6fffd45b70b1789e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.facebook.com/plugins/like.php?href=https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 23:50:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mLiBQPyCwOV9bSt9WZl7fw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
138774
x-fb-rlafr
0
x-fb-debug
C6WObNRYa+8n4HvB7KQSI4QC0VkGtA1v9L0gv8sa7yXRgqLZYg3/9/GoVb1pTiTAlbQs65ua3mh2zrIOKpQoug==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 19 Nov 2022 23:50:53 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=121174941&t=pageview&_s=1&dl=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&ul=en-us&de=UTF-8&dt=Comeback%20botnet%20emotet%20didalangi%20oleh%20geng%20Conti%20ransomware%20-%20Media%20Cyber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAAC~&jid=178042205&gjid=2113187281&cid=677717467.1637648062&tid=UA-60148533-4&_gid=356608468.1637648063&_r=1&gtm=2ouba1&did=dZTNiMT&gdid=dZTNiMT&z=1425507758
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mediacyber.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mediacyber.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WJM17ZNQST&gtm=2oeba1&_p=121174941&sr=1600x1200&gdid=dZTNiMT&ul=en-us&cid=677717467.1637648062&_s=1&dl=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&dt=Comeback%20botnet%20emotet%20didalangi%20oleh%20geng%20Conti%20ransomware%20-%20Media%20Cyber&sid=1637648062&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WJM17ZNQST&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediacyber.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mediacyber.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 752F 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=2863071536&adf=3526151506&pi=t.aa~a.2135245809~i.19~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1637648062&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3994875284&psa=0&ad_type=text_image&format=696x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=2&bdt=3237&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0&nras=2&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lbLomx4oot&p=https%3A//mediacyber.id&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7186118a8701455c29d757d2719e6594222f7e1473c32b69c4ea7e8e9897d02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:22 GMT
server
cafe
content-length
213
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 23 Nov 2021 06:14:22 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6367 		436 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=2863071536&adf=2104961071&pi=t.aa~a.2135245809~i.27~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1637648062&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3994875284&psa=0&ad_type=text_image&format=696x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280&nras=3&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=o1upSmefLw&p=https%3A//mediacyber.id&dtd=53
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7bf25f790001fcd4a580ecbc6076f01eadeb3a74d3a57c2443e72b2c14f5b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:22 GMT
server
cafe
content-length
214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 23 Nov 2021 06:14:22 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 72A6 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a69e94487cf61a3461e708bf49f45ddb193b580d9b97988821f7f5f5d2a1d629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:23 GMT
server
cafe
content-length
10395
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 23 Nov 2021 06:14:23 GMT
cache-control
private
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=184009237&post=10408&tz=7&srv=mediacyber.id&host=mediacyber.id&ref=&fcp=6598&rand=0.048495649955052844
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/?relatedposts=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/related-posts/related-posts.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.188.59 , Indonesia, ASN63867 (IDNIC-DESIBLE-AS-ID PT Tirta Karya Buana, ID),
Reverse DNS
srv1.cybermedia.co.id
Software
nginx/1.21.4 /
Resource Hash
8083f8a4ce63c882122d761b1ed44c41a65d0b063dc5dafcf6dacaa21e38a64e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
x-requested-with
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 06:14:23 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.21.4
X-Pingback
https://mediacyber.id/xmlrpc.php
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
X-LiteSpeed-Tag
764_HTTP.200
Connection
keep-alive
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8607 		436 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=326101615&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=1200x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062669&bpp=1&bdt=3242&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=4585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=9PR1pIlmLj&p=https%3A//mediacyber.id&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9a45224a39a2505404fea083cbcbe3f746d3094c697be106c2d425f5ffa690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:23 GMT
server
cafe
content-length
213
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2548 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGKHNhoABMAE&v=APEucNVBi6q_wffAr_AL6APRYEDIxGYogP6fdndykeuhR_WgIxNiY3VUJr5LkjGWCKWBS0Y3GBbXKtJtGYXwKVKGmQMnMYdpROIeoTK9thyxy8ieLs0fRnN_qN6bAUVCYfDs7lPR9d1VNPtmtvjN5eWaHvhcpFzwdfrvcB8CfOnxCchKaJZm3AU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 23 Nov 2021 06:14:23 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9D5F 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbL8LD_vwCFcCY3n3P3En2KeK4T1ft6lZ8ool5HHbFGOqj8IgwziwnnMLdqMQiP3ZId1HcEm7oNHASR6FGB1Cs6vqdzfWWOC6cmEqrFAkqGgZauGF07WxPaICa7XlS3ye0lJb__Vk3gc2VakTeaiJ620OwAg&cry=1&dbm_d=AKAmf-D4ABh5n4X2jaUsJS7aPBnvcQqg60bkM-OqXZ50UYYVwifUkkdD1_hYxTPQ-XT9F4W4xBfCxMbUOtgByIPGJRebRSY8Bacqq4kWds8dZak0oST-K5J-ODxTSzJeCWl7Kd-IoDDsrTmZvmuZid-FzTNtuKVxlXuNifBbIvqzAcq8gCnUrIpXKNIO5pqZhLCwtmpwYXEJFy6QyOiy3z2uTkpb8qIY3ta0RSySHmBGP0d_350W8R0GFSlY5P8Dsrf2-t0eUtnjXRiW-T36uxE__PfCsasgtUMtTYyJPw_wb7Sp6vFN_jcmRSpA5NJdB67m-k5K3dcCng5pcWCb0ntfPpSx99Dp8zCRPrQLolx53_6IA4Oo_-lGjRik8BPxrdjpigX-obYbjnzvLq4_mMzsRxqiWOG5gAyKW4Y6nhtjiJ7BQu-r_svsVKCBwnvormgcgTVdHOW_LwEnN_--bSNL47e1qB-nmCy8fDxZVZeUul6KWhKOY_NII_5DGtDWlvWqeWwnSOY50RykRNoCFo_eW8JUoLwNrFWsRV3FkI8qhFUiyLRf2TuZ6m_SNc8SwkBn--7Pvmp_6DYHwhJuVd_lN4r24YGYfMYZiCMDua0za88ZKMX-VGUyEcEGkjppj4OVEoXCoTKqWlqDCUoGg3WaJ7WZoejgR23BvVvcIwpY5zIOvlYID_sMaDKwxNu4nSuExNdgD3j2MJo0eivKubE3MSxiYSgpFAxp1EciNKLCMmN0ckvLhPXmvsQDXpqm4A-PxAS2zqX_LRmhx8YshUTL2vFiNHPlarGhNtVEsxB8u3VR4rZNZtTH8jyRMdeFNrqaQmG6HGv4R4bFLF8i7uG_3WSeD7LvXM1QQPf9iVMc9Ft3kXI01NnaLfCtEL6uI_kRnB-wonwXNyCBjEBaa_XkLta6JGgm6WyjnZJbDKklcYZJF9jr0PrbwJIdtFDryUfE1mnvHwCveBlPqFTJLcZ4DKmaWd2wT5mQrVggV1pgZbZA5CvPLlXsfcSF4_bqvgvAJSrRJKhryyU6sA8pRmmYGF1UDumaKFQjqbogJ7UD8W6eypr2GAQYMjztOdZLIBbSWY3IJWjjqmseS_Osc_Y5v5w80euumJ0U93vUHC5ZIa0qhuMT4x1tIxEgqJiN0KRq8LRhOLWocIE3Bd81brfMptosBrPHGwN22rYCLqrpwmoMdOIvqYSbDzBDZemWjOOG9F35vXgWf1JCjee5Tkjf58_xnRaJw6VqAdMpvvWIpmYB5nJ_aXgiswF8JhNLnsh7zD-MJdImsxmxRcPaZMCl22jqYFPXilvQXKAaYvzM7B-pIZp36Iqjilzq0l85C46p30cwgenFVZBA_6ijirWXH7vDBh5ZmkVd75nZEYlXhX9z2kt_7KDrOAN62tWK-YNLQc_q79vZZLsvmrA56LSbeINnF92DHr5m2d3zZh7Nf9kse72ayEpga-IdzD5p3QvokSps1N73uxecCIp4fpOsB3upfifiThxuz9hItvUamyMu9DBrYbkh62irF1IiVMIRBAWY9O_Nbh4IwcMQp8Y-2Zf5CH-5ddiDfLhqOEYdKsOrTz1Bt7pXh1krEhcY84jkFMVoVz8t9JEblMakKAT6dSHhihdJJVCLIbGQNbyr3UmO0RBv5PgA-uNwvDncyPnwG0aHZnJ3h0cbr86H2-TDrc4ZZblP0OXe8vxlrKEFEUGPavd5g6RUwYXpFHOmJjsQ_xmYggo9lvvtNFvMPkYPu9JiIKCFfDOFK3Iro3cnJrp822ulEHiIZt547RRSBLSPAo2ryb_LkVbyWJKwtR6s2VN_hml966hQYC5z9h2HcJMXspVGBAm-pRysK4Q-Jx8pluYwamVUEH91MZGrIo8DCBN2zduIrS0sQuCmD1ceX8Mf7ha3mX1khnzkBN81SE66oLuM_4_sfJs00VgGazbhxwsbBQQyFJ9NFuaBTD2-tOs3KY0l98rtcHJMs93h0x2tSuSmhBVortm-Yk2brBNzPuzSYo_ocyIrk5GLNxfo7T1RWkpgoEcoaQEm12GBcfuFR7ROedZWW29L9YBhVGEKKZ8XwP6zY2rI0N4aLn3B2yeUHjJ_ANEQWFCE6wwYhOKhGkH-1q1Wz_QVy_JUkBQ25cCz2q04eEXyYICrxN1cewOkeHstvMFxZPiHLnHmZd5VUHg5oHxhQ-8E8JOGI-xX0mJKeyUsWqk9SZ5US8T-snms6Ff1F9zGfOApOhbqRv5UmZyb_nZKum4vsSDE-VpAZKbyhI1p1edV6SyiWcFl_bdZOHnixO5WV9jFc9qN6KoskmuAgV4X3Zj-KFvzsXcuqk5OmdSkzjmXld76dt1DEO1z2xUKr1k3F5Xxgts9hu6d70cGrCi2MXHxsvmKmw-4J6KbfOuAk8OTlzb03qma1QGO7_nqYYBTjrtzGB5od3ocofWKP3Q3BTmfPZES933BNx8-Z9odyi88NH7ZjBdC6Evkj45AdIbbXiDFZij4MbASxHj60CbM_V6tOtLSKxBOVI2skuKDM9tajmsem28u7kH1-jsczVbRTw7u14rMgZ8l28d9FKSpuVecN78AlCMtmO7GfAOAitksbxif_S_WB7OalY_zo0ZBFOo2dNRUTaJg9Pfewyj_exBcS7cmEJBIyoEWx08W7wkvyQZ0Nm0NmN4QWZspZpqpIk3iCLYQy7vXNGLhL19bJEuRepFaEYGocUEAWUIPTpf4o8jifnrMOg5_2wmzb6XnSgKsrG0hbxYJjjk4gugfE_e2UrYcyjDVBazcRtdGOQZTe1jsK4tIlKC3XxdVNdpPWaqWt6Xdpa-V4BpWL2nwciNA-elgmL7kHlDxlEnzaCe6Osfm87xRj0Qd7lZ5pDHi_CJNo5gxT5FQ7CoTwEebo2AC4-5J_JMM3pz5RBzQFi2G6hUFcy_Aoz-GSq7gQwLrj5eElCtxOEBAC7QXQzu7Tyx0YjwFEe36fYb52JA91YnLEfgjJspx5pKaG7jWNk7F4zSc8mQq8y7VpvYPcGUQAc38naaIV7_wSvZJKeHdm8YthfpBnQefUUpolWu6HLq0LCMzyZ5wMy9Q5WlOdw32&cid=CAASEuRogHEgLX6X7-NiX6Lr9tlfdw&rfl=2%2Chttps%253A%252F%252Fmediacyber.id%252F%240
Requested by
Host: mediacyber.id
URL: https://mediacyber.id/comeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9976a1396a8a3bba197b71566d2b282973a961fb1ccba5169ee6f660c5885640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14899
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame 9D5F 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55147
x-guploader-uploadid
ADPycdvct9lgBjn65AsNThnNOmywsZURvzdGcx1Yfei2yedHXlIa7dRt2-EjUUkon85Ifqq449wHNtW_AtkeW1PPqad3whXyvg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLwUH8SxXdgykUf9x0lZjDtjE08b%2FLL%2FCRVGdRZofH7%2B66RhjeLOHdg8%2B7yG%2Fw1132CMnl4DhA5QR6I%2Bz7LKdPNbNTtZ8PXcYD5RPIyZkI5tTmz4v1xrtsYwlsWsHw524%2BcZE4g%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6b2841cccc9b0f66-MXP
expires
Mon, 22 Nov 2021 14:55:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9D5F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 06:08:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D5F 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Nov 2021 06:14:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9D5F 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 06:08:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D5F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPBzbkd7N5ta98uHYnPPXKG_iwhPIylO_z0L3WZN6hxpmvvj8j73A3O8nRpML-XX9-KVMKJxTOASteXWMp-t8F4C2wR8NixyJyW4nx8ShWGIPwgHs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2548
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGKHNhoABMAE&v=APEucNVBi6q_wffAr_AL6APRYEDIxGYogP6fdndykeuhR_WgIxNiY3VUJr5LkjGWCKWBS0Y3GBbXKtJtGYXwKVKGmQMnMYdpROIeoTK9thyxy8ieLs0fRnN_qN6bAUVCYfDs7lPR9d1VNPtmtvjN5eWaHvhcpFzwdfrvcB8CfOnxCchKaJZm3AU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Nov 2021 06:14:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 23 Nov 2021 06:14:23 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2548
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZyGvy2v5OEZrNEtbWqYyAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGKHNhoABMAE&v=APEucNVBi6q_wffAr_AL6APRYEDIxGYogP6fdndykeuhR_WgIxNiY3VUJr5LkjGWCKWBS0Y3GBbXKtJtGYXwKVKGmQMnMYdpROIeoTK9thyxy8ieLs0fRnN_qN6bAUVCYfDs7lPR9d1VNPtmtvjN5eWaHvhcpFzwdfrvcB8CfOnxCchKaJZm3AU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Nov 2021 06:14:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 23 Nov 2021 06:14:23 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELqBoMb5TDYH2x_ON8yfgr8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2548
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBpfiWRsPocFb3WZOMmV2VY&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBpfiWRsPocFb3WZOMmV2VY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGKHNhoABMAE&v=APEucNVBi6q_wffAr_AL6APRYEDIxGYogP6fdndykeuhR_WgIxNiY3VUJr5LkjGWCKWBS0Y3GBbXKtJtGYXwKVKGmQMnMYdpROIeoTK9thyxy8ieLs0fRnN_qN6bAUVCYfDs7lPR9d1VNPtmtvjN5eWaHvhcpFzwdfrvcB8CfOnxCchKaJZm3AU
Protocol
HTTP/1.1
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Nov 2021 06:14:23 GMT
X-Proxy-Origin
194.36.110.171; 194.36.110.171; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
33c229e7-3514-4107-9c52-fa672e26a15d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBpfiWRsPocFb3WZOMmV2VY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2548
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MDU1OTQ2OTkzMDk0NzA4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MDU1OTQ2OTkzMDk0NzA4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGKHNhoABMAE&v=APEucNVBi6q_wffAr_AL6APRYEDIxGYogP6fdndykeuhR_WgIxNiY3VUJr5LkjGWCKWBS0Y3GBbXKtJtGYXwKVKGmQMnMYdpROIeoTK9thyxy8ieLs0fRnN_qN6bAUVCYfDs7lPR9d1VNPtmtvjN5eWaHvhcpFzwdfrvcB8CfOnxCchKaJZm3AU
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Nov 2021 06:14:23 GMT
X-Proxy-Origin
194.36.110.171; 194.36.110.171; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9c4cca15-bf57-4f23-bc49-75336ef14d92
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3MDU1OTQ2OTkzMDk0NzA4Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 9D5F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbL8LD_vwCFcCY3n3P3En2KeK4T1ft6lZ8ool5HHbFGOqj8IgwziwnnMLdqMQiP3ZId1HcEm7oNHASR6FGB1Cs6vqdzfWWOC6cmEqrFAkqGgZauGF07WxPaICa7XlS3ye0lJb__Vk3gc2VakTeaiJ620OwAg&cry=1&dbm_d=AKAmf-D4ABh5n4X2jaUsJS7aPBnvcQqg60bkM-OqXZ50UYYVwifUkkdD1_hYxTPQ-XT9F4W4xBfCxMbUOtgByIPGJRebRSY8Bacqq4kWds8dZak0oST-K5J-ODxTSzJeCWl7Kd-IoDDsrTmZvmuZid-FzTNtuKVxlXuNifBbIvqzAcq8gCnUrIpXKNIO5pqZhLCwtmpwYXEJFy6QyOiy3z2uTkpb8qIY3ta0RSySHmBGP0d_350W8R0GFSlY5P8Dsrf2-t0eUtnjXRiW-T36uxE__PfCsasgtUMtTYyJPw_wb7Sp6vFN_jcmRSpA5NJdB67m-k5K3dcCng5pcWCb0ntfPpSx99Dp8zCRPrQLolx53_6IA4Oo_-lGjRik8BPxrdjpigX-obYbjnzvLq4_mMzsRxqiWOG5gAyKW4Y6nhtjiJ7BQu-r_svsVKCBwnvormgcgTVdHOW_LwEnN_--bSNL47e1qB-nmCy8fDxZVZeUul6KWhKOY_NII_5DGtDWlvWqeWwnSOY50RykRNoCFo_eW8JUoLwNrFWsRV3FkI8qhFUiyLRf2TuZ6m_SNc8SwkBn--7Pvmp_6DYHwhJuVd_lN4r24YGYfMYZiCMDua0za88ZKMX-VGUyEcEGkjppj4OVEoXCoTKqWlqDCUoGg3WaJ7WZoejgR23BvVvcIwpY5zIOvlYID_sMaDKwxNu4nSuExNdgD3j2MJo0eivKubE3MSxiYSgpFAxp1EciNKLCMmN0ckvLhPXmvsQDXpqm4A-PxAS2zqX_LRmhx8YshUTL2vFiNHPlarGhNtVEsxB8u3VR4rZNZtTH8jyRMdeFNrqaQmG6HGv4R4bFLF8i7uG_3WSeD7LvXM1QQPf9iVMc9Ft3kXI01NnaLfCtEL6uI_kRnB-wonwXNyCBjEBaa_XkLta6JGgm6WyjnZJbDKklcYZJF9jr0PrbwJIdtFDryUfE1mnvHwCveBlPqFTJLcZ4DKmaWd2wT5mQrVggV1pgZbZA5CvPLlXsfcSF4_bqvgvAJSrRJKhryyU6sA8pRmmYGF1UDumaKFQjqbogJ7UD8W6eypr2GAQYMjztOdZLIBbSWY3IJWjjqmseS_Osc_Y5v5w80euumJ0U93vUHC5ZIa0qhuMT4x1tIxEgqJiN0KRq8LRhOLWocIE3Bd81brfMptosBrPHGwN22rYCLqrpwmoMdOIvqYSbDzBDZemWjOOG9F35vXgWf1JCjee5Tkjf58_xnRaJw6VqAdMpvvWIpmYB5nJ_aXgiswF8JhNLnsh7zD-MJdImsxmxRcPaZMCl22jqYFPXilvQXKAaYvzM7B-pIZp36Iqjilzq0l85C46p30cwgenFVZBA_6ijirWXH7vDBh5ZmkVd75nZEYlXhX9z2kt_7KDrOAN62tWK-YNLQc_q79vZZLsvmrA56LSbeINnF92DHr5m2d3zZh7Nf9kse72ayEpga-IdzD5p3QvokSps1N73uxecCIp4fpOsB3upfifiThxuz9hItvUamyMu9DBrYbkh62irF1IiVMIRBAWY9O_Nbh4IwcMQp8Y-2Zf5CH-5ddiDfLhqOEYdKsOrTz1Bt7pXh1krEhcY84jkFMVoVz8t9JEblMakKAT6dSHhihdJJVCLIbGQNbyr3UmO0RBv5PgA-uNwvDncyPnwG0aHZnJ3h0cbr86H2-TDrc4ZZblP0OXe8vxlrKEFEUGPavd5g6RUwYXpFHOmJjsQ_xmYggo9lvvtNFvMPkYPu9JiIKCFfDOFK3Iro3cnJrp822ulEHiIZt547RRSBLSPAo2ryb_LkVbyWJKwtR6s2VN_hml966hQYC5z9h2HcJMXspVGBAm-pRysK4Q-Jx8pluYwamVUEH91MZGrIo8DCBN2zduIrS0sQuCmD1ceX8Mf7ha3mX1khnzkBN81SE66oLuM_4_sfJs00VgGazbhxwsbBQQyFJ9NFuaBTD2-tOs3KY0l98rtcHJMs93h0x2tSuSmhBVortm-Yk2brBNzPuzSYo_ocyIrk5GLNxfo7T1RWkpgoEcoaQEm12GBcfuFR7ROedZWW29L9YBhVGEKKZ8XwP6zY2rI0N4aLn3B2yeUHjJ_ANEQWFCE6wwYhOKhGkH-1q1Wz_QVy_JUkBQ25cCz2q04eEXyYICrxN1cewOkeHstvMFxZPiHLnHmZd5VUHg5oHxhQ-8E8JOGI-xX0mJKeyUsWqk9SZ5US8T-snms6Ff1F9zGfOApOhbqRv5UmZyb_nZKum4vsSDE-VpAZKbyhI1p1edV6SyiWcFl_bdZOHnixO5WV9jFc9qN6KoskmuAgV4X3Zj-KFvzsXcuqk5OmdSkzjmXld76dt1DEO1z2xUKr1k3F5Xxgts9hu6d70cGrCi2MXHxsvmKmw-4J6KbfOuAk8OTlzb03qma1QGO7_nqYYBTjrtzGB5od3ocofWKP3Q3BTmfPZES933BNx8-Z9odyi88NH7ZjBdC6Evkj45AdIbbXiDFZij4MbASxHj60CbM_V6tOtLSKxBOVI2skuKDM9tajmsem28u7kH1-jsczVbRTw7u14rMgZ8l28d9FKSpuVecN78AlCMtmO7GfAOAitksbxif_S_WB7OalY_zo0ZBFOo2dNRUTaJg9Pfewyj_exBcS7cmEJBIyoEWx08W7wkvyQZ0Nm0NmN4QWZspZpqpIk3iCLYQy7vXNGLhL19bJEuRepFaEYGocUEAWUIPTpf4o8jifnrMOg5_2wmzb6XnSgKsrG0hbxYJjjk4gugfE_e2UrYcyjDVBazcRtdGOQZTe1jsK4tIlKC3XxdVNdpPWaqWt6Xdpa-V4BpWL2nwciNA-elgmL7kHlDxlEnzaCe6Osfm87xRj0Qd7lZ5pDHi_CJNo5gxT5FQ7CoTwEebo2AC4-5J_JMM3pz5RBzQFi2G6hUFcy_Aoz-GSq7gQwLrj5eElCtxOEBAC7QXQzu7Tyx0YjwFEe36fYb52JA91YnLEfgjJspx5pKaG7jWNk7F4zSc8mQq8y7VpvYPcGUQAc38naaIV7_wSvZJKeHdm8YthfpBnQefUUpolWu6HLq0LCMzyZ5wMy9Q5WlOdw32&cid=CAASEuRogHEgLX6X7-NiX6Lr9tlfdw&rfl=2%2Chttps%253A%252F%252Fmediacyber.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 06:07:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9D5F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbL8LD_vwCFcCY3n3P3En2KeK4T1ft6lZ8ool5HHbFGOqj8IgwziwnnMLdqMQiP3ZId1HcEm7oNHASR6FGB1Cs6vqdzfWWOC6cmEqrFAkqGgZauGF07WxPaICa7XlS3ye0lJb__Vk3gc2VakTeaiJ620OwAg&cry=1&dbm_d=AKAmf-D4ABh5n4X2jaUsJS7aPBnvcQqg60bkM-OqXZ50UYYVwifUkkdD1_hYxTPQ-XT9F4W4xBfCxMbUOtgByIPGJRebRSY8Bacqq4kWds8dZak0oST-K5J-ODxTSzJeCWl7Kd-IoDDsrTmZvmuZid-FzTNtuKVxlXuNifBbIvqzAcq8gCnUrIpXKNIO5pqZhLCwtmpwYXEJFy6QyOiy3z2uTkpb8qIY3ta0RSySHmBGP0d_350W8R0GFSlY5P8Dsrf2-t0eUtnjXRiW-T36uxE__PfCsasgtUMtTYyJPw_wb7Sp6vFN_jcmRSpA5NJdB67m-k5K3dcCng5pcWCb0ntfPpSx99Dp8zCRPrQLolx53_6IA4Oo_-lGjRik8BPxrdjpigX-obYbjnzvLq4_mMzsRxqiWOG5gAyKW4Y6nhtjiJ7BQu-r_svsVKCBwnvormgcgTVdHOW_LwEnN_--bSNL47e1qB-nmCy8fDxZVZeUul6KWhKOY_NII_5DGtDWlvWqeWwnSOY50RykRNoCFo_eW8JUoLwNrFWsRV3FkI8qhFUiyLRf2TuZ6m_SNc8SwkBn--7Pvmp_6DYHwhJuVd_lN4r24YGYfMYZiCMDua0za88ZKMX-VGUyEcEGkjppj4OVEoXCoTKqWlqDCUoGg3WaJ7WZoejgR23BvVvcIwpY5zIOvlYID_sMaDKwxNu4nSuExNdgD3j2MJo0eivKubE3MSxiYSgpFAxp1EciNKLCMmN0ckvLhPXmvsQDXpqm4A-PxAS2zqX_LRmhx8YshUTL2vFiNHPlarGhNtVEsxB8u3VR4rZNZtTH8jyRMdeFNrqaQmG6HGv4R4bFLF8i7uG_3WSeD7LvXM1QQPf9iVMc9Ft3kXI01NnaLfCtEL6uI_kRnB-wonwXNyCBjEBaa_XkLta6JGgm6WyjnZJbDKklcYZJF9jr0PrbwJIdtFDryUfE1mnvHwCveBlPqFTJLcZ4DKmaWd2wT5mQrVggV1pgZbZA5CvPLlXsfcSF4_bqvgvAJSrRJKhryyU6sA8pRmmYGF1UDumaKFQjqbogJ7UD8W6eypr2GAQYMjztOdZLIBbSWY3IJWjjqmseS_Osc_Y5v5w80euumJ0U93vUHC5ZIa0qhuMT4x1tIxEgqJiN0KRq8LRhOLWocIE3Bd81brfMptosBrPHGwN22rYCLqrpwmoMdOIvqYSbDzBDZemWjOOG9F35vXgWf1JCjee5Tkjf58_xnRaJw6VqAdMpvvWIpmYB5nJ_aXgiswF8JhNLnsh7zD-MJdImsxmxRcPaZMCl22jqYFPXilvQXKAaYvzM7B-pIZp36Iqjilzq0l85C46p30cwgenFVZBA_6ijirWXH7vDBh5ZmkVd75nZEYlXhX9z2kt_7KDrOAN62tWK-YNLQc_q79vZZLsvmrA56LSbeINnF92DHr5m2d3zZh7Nf9kse72ayEpga-IdzD5p3QvokSps1N73uxecCIp4fpOsB3upfifiThxuz9hItvUamyMu9DBrYbkh62irF1IiVMIRBAWY9O_Nbh4IwcMQp8Y-2Zf5CH-5ddiDfLhqOEYdKsOrTz1Bt7pXh1krEhcY84jkFMVoVz8t9JEblMakKAT6dSHhihdJJVCLIbGQNbyr3UmO0RBv5PgA-uNwvDncyPnwG0aHZnJ3h0cbr86H2-TDrc4ZZblP0OXe8vxlrKEFEUGPavd5g6RUwYXpFHOmJjsQ_xmYggo9lvvtNFvMPkYPu9JiIKCFfDOFK3Iro3cnJrp822ulEHiIZt547RRSBLSPAo2ryb_LkVbyWJKwtR6s2VN_hml966hQYC5z9h2HcJMXspVGBAm-pRysK4Q-Jx8pluYwamVUEH91MZGrIo8DCBN2zduIrS0sQuCmD1ceX8Mf7ha3mX1khnzkBN81SE66oLuM_4_sfJs00VgGazbhxwsbBQQyFJ9NFuaBTD2-tOs3KY0l98rtcHJMs93h0x2tSuSmhBVortm-Yk2brBNzPuzSYo_ocyIrk5GLNxfo7T1RWkpgoEcoaQEm12GBcfuFR7ROedZWW29L9YBhVGEKKZ8XwP6zY2rI0N4aLn3B2yeUHjJ_ANEQWFCE6wwYhOKhGkH-1q1Wz_QVy_JUkBQ25cCz2q04eEXyYICrxN1cewOkeHstvMFxZPiHLnHmZd5VUHg5oHxhQ-8E8JOGI-xX0mJKeyUsWqk9SZ5US8T-snms6Ff1F9zGfOApOhbqRv5UmZyb_nZKum4vsSDE-VpAZKbyhI1p1edV6SyiWcFl_bdZOHnixO5WV9jFc9qN6KoskmuAgV4X3Zj-KFvzsXcuqk5OmdSkzjmXld76dt1DEO1z2xUKr1k3F5Xxgts9hu6d70cGrCi2MXHxsvmKmw-4J6KbfOuAk8OTlzb03qma1QGO7_nqYYBTjrtzGB5od3ocofWKP3Q3BTmfPZES933BNx8-Z9odyi88NH7ZjBdC6Evkj45AdIbbXiDFZij4MbASxHj60CbM_V6tOtLSKxBOVI2skuKDM9tajmsem28u7kH1-jsczVbRTw7u14rMgZ8l28d9FKSpuVecN78AlCMtmO7GfAOAitksbxif_S_WB7OalY_zo0ZBFOo2dNRUTaJg9Pfewyj_exBcS7cmEJBIyoEWx08W7wkvyQZ0Nm0NmN4QWZspZpqpIk3iCLYQy7vXNGLhL19bJEuRepFaEYGocUEAWUIPTpf4o8jifnrMOg5_2wmzb6XnSgKsrG0hbxYJjjk4gugfE_e2UrYcyjDVBazcRtdGOQZTe1jsK4tIlKC3XxdVNdpPWaqWt6Xdpa-V4BpWL2nwciNA-elgmL7kHlDxlEnzaCe6Osfm87xRj0Qd7lZ5pDHi_CJNo5gxT5FQ7CoTwEebo2AC4-5J_JMM3pz5RBzQFi2G6hUFcy_Aoz-GSq7gQwLrj5eElCtxOEBAC7QXQzu7Tyx0YjwFEe36fYb52JA91YnLEfgjJspx5pKaG7jWNk7F4zSc8mQq8y7VpvYPcGUQAc38naaIV7_wSvZJKeHdm8YthfpBnQefUUpolWu6HLq0LCMzyZ5wMy9Q5WlOdw32&cid=CAASEuRogHEgLX6X7-NiX6Lr9tlfdw&rfl=2%2Chttps%253A%252F%252Fmediacyber.id%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 17 Nov 2022 17:49:55 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AF5F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sun, 21 Nov 2021 14:25:07 GMT
expires
Mon, 21 Nov 2022 14:25:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
143356
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA4E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 23 Nov 2021 05:53:44 GMT
expires
Wed, 24 Nov 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1239
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9D5F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76f95c89d670bf4d3318efb90a2155fc8b56104b0f17761277db9609f61cd7c0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 6B13 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 23 Nov 2021 06:14:23 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunb5fYC1m9dNhoGuLTimCjdDaVqkoUDGHrVfXuZTyYr3a8CcMkqhbUjJyyjLrzIb6bHKjqGO5shRDOMqSBEM1ez9YqVQ
expires
Tue, 23 Nov 2021 07:14:23 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
303574
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLP7c%2B%2BE7lZxXfTumKgdIevrqfNXc77z58sdRbyKLt4qPMSXS76sLMxrQbkKoKWY%2FhCmi9TIjUsTw5ERvQ2S1ZdiMhBmWCuPiplj8YsKrd69Ka%2FtHe4Ce1nlWpQPgJx90xVouRA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b2841cdeac3374f-MXP
content-encoding
br
dpixel
cms.quantserve.com/ Frame DA4E 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHOUJO5YYN1dLZReyJAiIPw&google_cver=1&google_push=AYg5qPJY5uZfP-peZYkH9cATJx7cx4fsvKl7s69DttBufRNsEeB_NM4FezLM8rLFM4wJ0PSwYfQH0tPa4Q5gI4gytqDOY-yGrICB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA4E
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJdi4F7uy8hal-EiJebAQ4-f5HQR0mhQtNIdYe_FdznPGpU1TtvZg3aUMKi7KYuYm2A5Ue34RpW8MEoEPU_aiNcf3jOa6kRcg&google_gid=CAESEPo5FpCKnMji9atNE8PpUV4&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCL-N8owGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBKZGk0Rjd1eThoYWwtRWlKZWJBUTQtZjVIUVIwbWhRdE5JZFllX0Zkem5QR3BVMVR0dlpnM2FVTUtpN0tZdVltMkE1VWUzNFJwVzhNRW9FUF...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM20xMHJsck5YM2kwTlk5TDNhYTJ6VEdYMGszdWtmNjVWYUVOc0p2VURPQQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM20xMHJsck5YM2kwTlk5TDNhYTJ6VEdYMGszdWtmNjVWYUVOc0p2VURPQQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Nov 2021 06:14:23 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM20xMHJsck5YM2kwTlk5TDNhYTJ6VEdYMGszdWtmNjVWYUVOc0p2VURPQQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame DA4E 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA7e-bROh1NqJUCr8xbv6Jk&google_push=AYg5qPLLC1x1YVeeXx3NkwSgwO8o9Ec-EykXVav25uOaWG37msNrM8iJ5PdX8gIlm2hTOsHmiRkyGcXe2B2vMlXooCqs2Y2JjxNI9w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA4E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMAAUfjVsMslZD6WcYgD-Sk&google_cver=1&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMAAUfjVsMslZD6WcYgD-Sk&google_cver=1&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrs...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU7vgCZwIZAryd3czW6K3jzVFMBytPjiULSp53cLuzSDC2OkaziRg1afi-SeFF3JPomrf-R0Dxe3nt-0jJaDQ0UgwhxCcrsA&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
ov4ngmj5u3j9a564a1cvsk7j26i3kfu7
pixel
cm.g.doubleclick.net/ Frame DA4E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcxiNbRtT_Sgweo7zD4a4vFyVXJ3TKtd49J9vy5kfiEUnM8OMhA-Q8vX8cQFljOHBXEBsEXOesWum3F7jspWYqcyWBxHjz2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcxiNbRtT_Sgweo7zD4a4vFyVXJ3TKtd49J9vy5kfiEUnM8OMhA-Q8vX8cQFljOHBXEBsEXOesWum3F7jspWYqcyWBxHjz2g
date
Tue, 23 Nov 2021 06:14:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DA4E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENzk4-dIGr8dAIF0p0jZX-M&google_cver=1&google_push=AYg5qPIXDIigkGwLMn0kcD6zaFuw_TkCzHg9UTk5yYljdsmD3HScDoV4Ep_n5A51vLw3-T59Q5p...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERINE4tTS0zQ1My&google_push=AYg5qPIXDIigkGwLMn0kcD6zaFuw_TkCzHg9UTk5yYljdsmD3HScDoV4Ep_n5A51vLw3-T59Q5pxkb8Mao5w2ny1hhkKLC8Dvby9iQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERINE4tTS0zQ1My&google_push=AYg5qPIXDIigkGwLMn0kcD6zaFuw_TkCzHg9UTk5yYljdsmD3HScDoV4Ep_n5A51vLw3-T59Q5pxkb8Mao5w2ny1hhkKLC8Dvby9iQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERINE4tTS0zQ1My&google_push=AYg5qPIXDIigkGwLMn0kcD6zaFuw_TkCzHg9UTk5yYljdsmD3HScDoV4Ep_n5A51vLw3-T59Q5pxkb8Mao5w2ny1hhkKLC8Dvby9iQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame DA4E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sg...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame DA4E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0h8YLRBADlxyo2_ukzqPAFYTXpavVcW0n0t8mJKNCZZtVUDSLzpcXLUcckTbRxTem81TX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame AF5F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:29:24 GMT
rs
ad4m.at/ Frame 9D5F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c3a7505dd5bf9537a9fb57750bc174fd929545d753ec8136de33759d44f626

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6b2841cf6acdf917-MXP
date
Tue, 23 Nov 2021 06:14:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uY8%2FiAUdpKsWUNgUieQNROp7K6Yl07uWHdvRc97Misee3RFLPJLPkxMRkImV%2BdEXdFuANnVffAOTcKepJvcm0FT284ffAbVBk66YKYwEOmbVRsiOxSFiJxgweo3a%2FK07dNBB8d4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-bd8c
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 23 Nov 2021 06:14:23 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-bd8c
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUY0RFe2jImFJfktPgHuYN64zxfm8MW%2BR8gYMtQ9%2Btpe0L0TgbN5C0tpZ9O%2B9zNkbTJOvjWWh9c05vPp6%2FLiXvPzurQYhtNh6%2BTJPD5AIEhDfxiGlgDMkBWw1PhFMTxRlqXmT5E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b2841ceea11f917-MXP
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjhrwv4acYdSIGISOrAToupKYAgAAAAA4AeAEAg&bg=!g4ClgMTNAAZQLpa_UC47ACkAdvg8WoJ-BrJQCgyvxtn04Qj_1nE4vNiAJmFZwnsG2b6V6EDRwPHNUgIAAABqUgAAAAdoAQcKANQ6TuWh2ycd302zrSsL36oRcNtzOm6REyffmAczNOsDn2VQV7SIAp_2dItAE70XUcLcj7O5kRyz_bEHpeCiX98o8TN7MU7qe800AUenPkBvgCI3VwULgwWco-x3NBraUvxcBHogAD5imnpgP0mF6QF1OqgR8OjSRnxU49bUIhQmNCw9JmivD8ArIdrO4IvDzqnJl9O3FL4ENwSNa1QxLVOvh-mDnkQchRZyiB7tGY3AmB7hEfSOyYj9b42UkQvB42QjsAA8CW1glzWUNznm8LHv87tQbJkCw4Udmx9dpSYPr4q-LQnnpVdpIYRRiBorPV6leOsGQDDWWrED--IcIA0N7ZhcLwmDTLFK2AAjw-_TcV-eurN3BEBpbHEu1WhURdnCjJc_2t3uPy9j4d04wswTuvMXU0r7mLMTPbVlA0E0bGWw94Br5gnU-noZd7yToMCdMnYhkyw1dUW39Ip8g6I4UyzKPDfd71X-wtlg44_1h4V174C29wcnGRbEMeLev2TJZVc_OaDI_M0HEAv9L2mxDX4v6YMlnsaYPe5dDT3Q8R4ejSqZmWXGfqJXfOxAfis0LOGKpWXq1l-1Zu4KFmmWTqyR_JThP1oAUmPQXSlpHBaxVQhi_gRLt5R9RwZpUJ2fo88AhKtmGs-IdcI2qnmNgZn4krxFzc_nxKALvArvJyQh--q5lBpwJzs4ckvqbThUx0ZhPlPXP3SR3NuUeJM4TJIb6mO-Sus_hfTz2rN8MzHMTCkM-qp5p_cZmBgwrcd94i7VAxejbHffwVeKgo-cW_Tg7Mrt_2Oz9dSR3Y2HDFc93quDh_AbqwUxqxWaV0INsH0AWSP0AYHZXrXh-t3bcj9fqh0w3rtD8Xx3zQHl5fr1zYCXjnWrJe87auajyFDaJpxswATqtdd5MWWeMBOYnpKMEX7lFC__12BgBRjuRSZqPm7djcVIMNUcpR5wcXFdRqhCdNI2Fl7xOO0LLa-oJ25tH18nzyT16HNPHYFtb4g-mNBRCcSJpBa3mEuJgfenX7zjSuWPxMEslDO-lBBpiCGZM3aY0AemnFhFxlMUXUTmZrtu_9cjJ1jbs4YuS2INnXP4DL22B6Un33sat3gPQUwWbNc4iYqaqFUG4Vf1mxY9AZPB4RXTF6HYwXmCXdNYNBHhoP5w4uJMedQRW1GQbZ-eAcfA2XftG9BdaBhrUdiEkeG84fe0g1lHegQBXnrq5HpcxBSWUs9F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=280&adk=1091561853&adf=1955204960&pi=t.aa~a.1965313108~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1637648062&rafmt=1&to=qs&pwprc=3994875284&psa=0&format=535x280&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648062665&bpp=1&bdt=3238&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280&nras=4&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=405&ady=3791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=pi6vug7tKy&p=https%3A//mediacyber.id&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mediacyber.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1633 		77 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1089db2bde695e0782ce23b4e28bbd698d691035f0497011330a2a8b77cfe8c8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COfy8bjqrfQCFZZX4AodwJMDwA&gqi=v4acYYPKMYeP7_UPpqioyAs&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COfy8bjqrfQCFZZX4AodwJMDwA&gqi=v4acYYPKMYeP7_UPpqioyAs&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:24 GMT
server
cafe
content-length
26849
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame AA23 		78 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c10e91874623433a455666a7720bc90a0717d84c88824491d8f06a35b6dd173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 23 Nov 2021 06:14:24 GMT
server
cafe
content-length
31122
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c748868cf6f4a9ae35afe4791eb253b6fb260231243aef2e3b43488579c8568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9387
x-xss-protection
0
1637333700_MediaTek-Mengumumkan-Chipset-Dimensity-9000-Tingkat-Unggulan-Untuk-Perangkat-Seluler.jpg
i2.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/mediacyber.id/wp-content/uploads/2021/11/1637333700_MediaTek-Mengumumkan-Chipset-Dimensity-9000-Tingkat-Unggulan-Untuk-Perangkat-Seluler.jpg?resize=150%2C150&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
46cfe92ee266a546c11137257a418acd51de6ce0f62900920cc0a69cf66312ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 5
date
Tue, 23 Nov 2021 06:14:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:23 GMT
server
nginx
etag
"713fdfacf50463cd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/1637333700_MediaTek-Mengumumkan-Chipset-Dimensity-9000-Tingkat-Unggulan-Untuk-Perangkat-Seluler.jpg>; rel="canonical"
content-length
5198
expires
Thu, 23 Nov 2023 18:14:23 GMT
1637094449_Microsoft-Memblokir-EdgeDeflector-Aplikasi-yang-Memungkinkan-Pengguna-Menghindari-Menggunakan-Browser.jpg
i0.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mediacyber.id/wp-content/uploads/2021/11/1637094449_Microsoft-Memblokir-EdgeDeflector-Aplikasi-yang-Memungkinkan-Pengguna-Menghindari-Menggunakan-Browser.jpg?resize=150%2C150&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
06352f1024c625b8a78fa9859081a1317c4bdfe6483d144d21bb7562c96cf5b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 3
date
Tue, 23 Nov 2021 06:14:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Nov 2021 04:25:18 GMT
server
nginx
etag
"a29dd04a17b9945a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/1637094449_Microsoft-Memblokir-EdgeDeflector-Aplikasi-yang-Memungkinkan-Pengguna-Menghindari-Menggunakan-Browser.jpg>; rel="canonical"
content-length
1786
expires
Sat, 18 Nov 2023 16:25:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7307355418381929&plah=mediacyber.id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 23 Nov 2021 06:14:23 GMT
1637094449_Microsoft-Memblokir-EdgeDeflector-Aplikasi-yang-Memungkinkan-Pengguna-Menghindari-Menggunakan-Browser.jpg
i0.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mediacyber.id/wp-content/uploads/2021/11/1637094449_Microsoft-Memblokir-EdgeDeflector-Aplikasi-yang-Memungkinkan-Pengguna-Menghindari-Menggunakan-Browser.jpg?resize=150%2C150&ssl=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
06352f1024c625b8a78fa9859081a1317c4bdfe6483d144d21bb7562c96cf5b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 3
date
Tue, 23 Nov 2021 06:14:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Nov 2021 04:25:18 GMT
server
nginx
etag
"a29dd04a17b9945a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/1637094449_Microsoft-Memblokir-EdgeDeflector-Aplikasi-yang-Memungkinkan-Pengguna-Menghindari-Menggunakan-Browser.jpg>; rel="canonical"
content-length
1786
expires
Sat, 18 Nov 2023 16:25:18 GMT
1637203253_TikTok-dapat-menghitung-lebih-dari-15-miliar-pengguna-pada-tahun.jpg
i0.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mediacyber.id/wp-content/uploads/2021/11/1637203253_TikTok-dapat-menghitung-lebih-dari-15-miliar-pengguna-pada-tahun.jpg?resize=150%2C150&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3c4633a360584c243ad0b4279eb0ba8b222d11f7dbd7cd7d14656d8ed99d9422
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 3
date
Tue, 23 Nov 2021 06:14:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:23 GMT
server
nginx
etag
"5f4d7a07ed0764dc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/1637203253_TikTok-dapat-menghitung-lebih-dari-15-miliar-pengguna-pada-tahun.jpg>; rel="canonical"
content-length
2058
expires
Thu, 23 Nov 2023 18:14:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C6C2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 22 Nov 2021 23:13:14 GMT
expires
Tue, 22 Nov 2022 23:13:14 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B022 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c46073b8b873a8876c404041a73c446e7799de86e48f2174056d83248628029b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nDrVE17SW4pcOmaOxbhHNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 23 Nov 2021 06:14:24 GMT
date
Tue, 23 Nov 2021 06:14:24 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nDrVE17SW4pcOmaOxbhHNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1637137900_Roblox-menggunakan-platform-permainan-populer-untuk-mendukung-proyek-anak-anak-baru.jpeg
i1.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/mediacyber.id/wp-content/uploads/2021/11/1637137900_Roblox-menggunakan-platform-permainan-populer-untuk-mendukung-proyek-anak-anak-baru.jpeg?resize=150%2C150&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0c8aa3a0c383950863af48cc4f1c87b060611e1f2e35f1b1b7d80bc14ee47b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 5
date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:24 GMT
server
nginx
etag
"0dc84ddb56a7d044"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/1637137900_Roblox-menggunakan-platform-permainan-populer-untuk-mendukung-proyek-anak-anak-baru.jpeg>; rel="canonical"
content-length
3360
expires
Thu, 23 Nov 2023 18:14:24 GMT
rar
as.ad4m.at/ad/ Frame 9E95 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=36071&b=dEJtEfeKq6tkZ4hEHztRHEt3QWf3T4T6Baj&f=K19HRfRkQrakWKh5Hrt4HzCYGZt8TATXeCq&c=300&d=250&e=kGHmoxk-U43dQbzqFsFtL4HPw3mTVFyM&g=795ac9e3185f731f604b285ccc076872%2F16192509556157555411&i=27907&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1637648063932&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3DUavoacYfOeK5PFgAe--S7vrbPSZezOxY3UC8CNtwEQASC8m9VjYLu-roPQCqAB3KiQ5QLIAQmpAkhkDSZZ2rI-qAMBqgTxAU_QdMCTZ4TQaNc6YrNssY1iIUZLQ8ozsa43xNalJZ_6GHkgJHI_xsb0j3xIiJGMwPm2oZq9WDE8-JDqKNT9jC43JOfxaLzse1V5UqupDEAcWhQ8vAYTlu0dMvUOwB80MJJBNilUGHlVJbkDsaNnmkakyH4uNq5O94GNYOgUg5SYKbmJZNdihCmLBIYjgJOqezatc-5E9grIAzF3dD6pDuNZpTGMFk7UeVoO0dbNtNpMtAYtTMQP0Q7fDQvbJOqfYX2c-ZGR5g1_I0uAV_j6SrcidyrDeWnJ85rQvJtRpfcDtTUnAuCvwY2NkDdUWBoxDYDABOaq7J6gAuAEA5AGAaAGTYAHjNfvmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE7iSownQEwDYEw3YFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASEuRogHEgLX6X7-NiX6Lr9tlfdw%2526sig%253DAOD64_35zX5HUJe9oBgHT3qaPsVWsAGUQA%2526client%253Dca-pub-7307355418381929%2526dbm_c%253DAKAmf-BE-NLlKANSwe2YMAtZq-SKR4d0kY7afhcEjsXuS7iZre0zvFClzmnTpGjh86APtssg53AHmBRzWWAoC9q7mavWB1KO0Rg5C1ZKNW-LA84NnNYQDjet2rvhG_4GgfPpW7u1bgoI5dCFXEWiGa6hFAqkCg1rDg%2526cry%253D1%2526dbm_d%253DAKAmf-DIZI526grDTS09n1zLJs147HgEzcE3-lRb3udhfr796XQmqO4P5E2KMCWZ2E7ZbxLFpbSz_iArAZofEw2jWHz3qx6yYxwE2t_gAvUdzzOkOTZJzfSK7k4suq3pzD47W3u1GPHXEj5CDbHo1Q1YvJW1LuoRBcq18-ql7AozDBAY5YrUj8xN9rz3aZok7EnBYrqUvM95AJTJtH6HYpYWGTBaMWKA1E5370pRHIyMevobhSv3o1jQyGvlw1xkP9V9FTY_OMLcJ8LsrTa5-G4ix8E97ZYquP_IOxychpUoIOmfUmX2oKaFr4DBt7b4s_rfxUzMoFojfZ3MCO6YnuLASLyowxHzX07nWAENmWC_kBAUKWkz6M4I0YsKbwXXESCIm0anicVd8KHvExCW9-wmglR4tEcPL7AskUPQSAlq4uuJXNmkR7ardpAAKCKfg8GBqDv1DmpAlz4g4-gxsrp5Thcbwg316Ndy5-SrqbJ4mP86sKqnPHJEdEweAUWukdfWqEjPsCPqRXzctw4PJCKh6XTxyUt0Bg%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d8725853ee217c5822a405953769e8412d1e942f5627697e0ef9b87b51464f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 23 Nov 2021 06:14:24 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b2841d00fb00f66-MXP
content-encoding
br
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame C6C2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:29:24 GMT
1637542252_Render-Google-Pixel-6a-yang-diklaim-memperlihatkan-tampilan-punch-hole-dan.jpg
i1.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/mediacyber.id/wp-content/uploads/2021/11/1637542252_Render-Google-Pixel-6a-yang-diklaim-memperlihatkan-tampilan-punch-hole-dan.jpg?resize=150%2C150&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
dfde452299a9c3b6170e77552a53a26a08b8da76b4832bb7bdc3c0eb5d18382b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 4
date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:24 GMT
server
nginx
etag
"f33320b4c82a0918"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/1637542252_Render-Google-Pixel-6a-yang-diklaim-memperlihatkan-tampilan-punch-hole-dan.jpg>; rel="canonical"
content-length
1730
expires
Thu, 23 Nov 2023 18:14:24 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 9E95 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36071&b=dEJtEfeKq6tkZ4hEHztRHEt3QWf3T4T6Baj&f=K19HRfRkQrakWKh5Hrt4HzCYGZt8TATXeCq&c=300&d=250&e=kGHmoxk-U43dQbzqFsFtL4HPw3mTVFyM&g=795ac9e3185f731f604b285ccc076872%2F16192509556157555411&i=27907&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1637648063932&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3DUavoacYfOeK5PFgAe--S7vrbPSZezOxY3UC8CNtwEQASC8m9VjYLu-roPQCqAB3KiQ5QLIAQmpAkhkDSZZ2rI-qAMBqgTxAU_QdMCTZ4TQaNc6YrNssY1iIUZLQ8ozsa43xNalJZ_6GHkgJHI_xsb0j3xIiJGMwPm2oZq9WDE8-JDqKNT9jC43JOfxaLzse1V5UqupDEAcWhQ8vAYTlu0dMvUOwB80MJJBNilUGHlVJbkDsaNnmkakyH4uNq5O94GNYOgUg5SYKbmJZNdihCmLBIYjgJOqezatc-5E9grIAzF3dD6pDuNZpTGMFk7UeVoO0dbNtNpMtAYtTMQP0Q7fDQvbJOqfYX2c-ZGR5g1_I0uAV_j6SrcidyrDeWnJ85rQvJtRpfcDtTUnAuCvwY2NkDdUWBoxDYDABOaq7J6gAuAEA5AGAaAGTYAHjNfvmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE7iSownQEwDYEw3YFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASEuRogHEgLX6X7-NiX6Lr9tlfdw%2526sig%253DAOD64_35zX5HUJe9oBgHT3qaPsVWsAGUQA%2526client%253Dca-pub-7307355418381929%2526dbm_c%253DAKAmf-BE-NLlKANSwe2YMAtZq-SKR4d0kY7afhcEjsXuS7iZre0zvFClzmnTpGjh86APtssg53AHmBRzWWAoC9q7mavWB1KO0Rg5C1ZKNW-LA84NnNYQDjet2rvhG_4GgfPpW7u1bgoI5dCFXEWiGa6hFAqkCg1rDg%2526cry%253D1%2526dbm_d%253DAKAmf-DIZI526grDTS09n1zLJs147HgEzcE3-lRb3udhfr796XQmqO4P5E2KMCWZ2E7ZbxLFpbSz_iArAZofEw2jWHz3qx6yYxwE2t_gAvUdzzOkOTZJzfSK7k4suq3pzD47W3u1GPHXEj5CDbHo1Q1YvJW1LuoRBcq18-ql7AozDBAY5YrUj8xN9rz3aZok7EnBYrqUvM95AJTJtH6HYpYWGTBaMWKA1E5370pRHIyMevobhSv3o1jQyGvlw1xkP9V9FTY_OMLcJ8LsrTa5-G4ix8E97ZYquP_IOxychpUoIOmfUmX2oKaFr4DBt7b4s_rfxUzMoFojfZ3MCO6YnuLASLyowxHzX07nWAENmWC_kBAUKWkz6M4I0YsKbwXXESCIm0anicVd8KHvExCW9-wmglR4tEcPL7AskUPQSAlq4uuJXNmkR7ardpAAKCKfg8GBqDv1DmpAlz4g4-gxsrp5Thcbwg316Ndy5-SrqbJ4mP86sKqnPHJEdEweAUWukdfWqEjPsCPqRXzctw4PJCKh6XTxyUt0Bg%2526adurl%253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e6e8345c518a9f3dbf16a1691468b9869edb4591cae616cd221dc98a0b3f70
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=36071&b=dEJtEfeKq6tkZ4hEHztRHEt3QWf3T4T6Baj&f=K19HRfRkQrakWKh5Hrt4HzCYGZt8TATXeCq&c=300&d=250&e=kGHmoxk-U43dQbzqFsFtL4HPw3mTVFyM&g=795ac9e3185f731f604b285ccc076872%2F16192509556157555411&i=27907&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1637648063932&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3DUavoacYfOeK5PFgAe--S7vrbPSZezOxY3UC8CNtwEQASC8m9VjYLu-roPQCqAB3KiQ5QLIAQmpAkhkDSZZ2rI-qAMBqgTxAU_QdMCTZ4TQaNc6YrNssY1iIUZLQ8ozsa43xNalJZ_6GHkgJHI_xsb0j3xIiJGMwPm2oZq9WDE8-JDqKNT9jC43JOfxaLzse1V5UqupDEAcWhQ8vAYTlu0dMvUOwB80MJJBNilUGHlVJbkDsaNnmkakyH4uNq5O94GNYOgUg5SYKbmJZNdihCmLBIYjgJOqezatc-5E9grIAzF3dD6pDuNZpTGMFk7UeVoO0dbNtNpMtAYtTMQP0Q7fDQvbJOqfYX2c-ZGR5g1_I0uAV_j6SrcidyrDeWnJ85rQvJtRpfcDtTUnAuCvwY2NkDdUWBoxDYDABOaq7J6gAuAEA5AGAaAGTYAHjNfvmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE7iSownQEwDYEw3YFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASEuRogHEgLX6X7-NiX6Lr9tlfdw%2526sig%253DAOD64_35zX5HUJe9oBgHT3qaPsVWsAGUQA%2526client%253Dca-pub-7307355418381929%2526dbm_c%253DAKAmf-BE-NLlKANSwe2YMAtZq-SKR4d0kY7afhcEjsXuS7iZre0zvFClzmnTpGjh86APtssg53AHmBRzWWAoC9q7mavWB1KO0Rg5C1ZKNW-LA84NnNYQDjet2rvhG_4GgfPpW7u1bgoI5dCFXEWiGa6hFAqkCg1rDg%2526cry%253D1%2526dbm_d%253DAKAmf-DIZI526grDTS09n1zLJs147HgEzcE3-lRb3udhfr796XQmqO4P5E2KMCWZ2E7ZbxLFpbSz_iArAZofEw2jWHz3qx6yYxwE2t_gAvUdzzOkOTZJzfSK7k4suq3pzD47W3u1GPHXEj5CDbHo1Q1YvJW1LuoRBcq18-ql7AozDBAY5YrUj8xN9rz3aZok7EnBYrqUvM95AJTJtH6HYpYWGTBaMWKA1E5370pRHIyMevobhSv3o1jQyGvlw1xkP9V9FTY_OMLcJ8LsrTa5-G4ix8E97ZYquP_IOxychpUoIOmfUmX2oKaFr4DBt7b4s_rfxUzMoFojfZ3MCO6YnuLASLyowxHzX07nWAENmWC_kBAUKWkz6M4I0YsKbwXXESCIm0anicVd8KHvExCW9-wmglR4tEcPL7AskUPQSAlq4uuJXNmkR7ardpAAKCKfg8GBqDv1DmpAlz4g4-gxsrp5Thcbwg316Ndy5-SrqbJ4mP86sKqnPHJEdEweAUWukdfWqEjPsCPqRXzctw4PJCKh6XTxyUt0Bg%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:24 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy
unsafe-none
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Tue, 23 Nov 2021 06:14:24 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6b2841d0ae0a374f-MXP
expires
0
E6902775E951775A22E2E6752E15342F180883528A7ABC06AC70646E0FB19B72761F9EB949E3CE9A286E4FB9330A058E2DF24948613215D72305169BFE1C1711
assets.ad4m.at/product_image/ Frame 9E95 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E6902775E951775A22E2E6752E15342F180883528A7ABC06AC70646E0FB19B72761F9EB949E3CE9A286E4FB9330A058E2DF24948613215D72305169BFE1C1711
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36071&b=dEJtEfeKq6tkZ4hEHztRHEt3QWf3T4T6Baj&f=K19HRfRkQrakWKh5Hrt4HzCYGZt8TATXeCq&c=300&d=250&e=kGHmoxk-U43dQbzqFsFtL4HPw3mTVFyM&g=795ac9e3185f731f604b285ccc076872%2F16192509556157555411&i=27907&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1637648063932&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3DUavoacYfOeK5PFgAe--S7vrbPSZezOxY3UC8CNtwEQASC8m9VjYLu-roPQCqAB3KiQ5QLIAQmpAkhkDSZZ2rI-qAMBqgTxAU_QdMCTZ4TQaNc6YrNssY1iIUZLQ8ozsa43xNalJZ_6GHkgJHI_xsb0j3xIiJGMwPm2oZq9WDE8-JDqKNT9jC43JOfxaLzse1V5UqupDEAcWhQ8vAYTlu0dMvUOwB80MJJBNilUGHlVJbkDsaNnmkakyH4uNq5O94GNYOgUg5SYKbmJZNdihCmLBIYjgJOqezatc-5E9grIAzF3dD6pDuNZpTGMFk7UeVoO0dbNtNpMtAYtTMQP0Q7fDQvbJOqfYX2c-ZGR5g1_I0uAV_j6SrcidyrDeWnJ85rQvJtRpfcDtTUnAuCvwY2NkDdUWBoxDYDABOaq7J6gAuAEA5AGAaAGTYAHjNfvmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE7iSownQEwDYEw3YFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASEuRogHEgLX6X7-NiX6Lr9tlfdw%2526sig%253DAOD64_35zX5HUJe9oBgHT3qaPsVWsAGUQA%2526client%253Dca-pub-7307355418381929%2526dbm_c%253DAKAmf-BE-NLlKANSwe2YMAtZq-SKR4d0kY7afhcEjsXuS7iZre0zvFClzmnTpGjh86APtssg53AHmBRzWWAoC9q7mavWB1KO0Rg5C1ZKNW-LA84NnNYQDjet2rvhG_4GgfPpW7u1bgoI5dCFXEWiGa6hFAqkCg1rDg%2526cry%253D1%2526dbm_d%253DAKAmf-DIZI526grDTS09n1zLJs147HgEzcE3-lRb3udhfr796XQmqO4P5E2KMCWZ2E7ZbxLFpbSz_iArAZofEw2jWHz3qx6yYxwE2t_gAvUdzzOkOTZJzfSK7k4suq3pzD47W3u1GPHXEj5CDbHo1Q1YvJW1LuoRBcq18-ql7AozDBAY5YrUj8xN9rz3aZok7EnBYrqUvM95AJTJtH6HYpYWGTBaMWKA1E5370pRHIyMevobhSv3o1jQyGvlw1xkP9V9FTY_OMLcJ8LsrTa5-G4ix8E97ZYquP_IOxychpUoIOmfUmX2oKaFr4DBt7b4s_rfxUzMoFojfZ3MCO6YnuLASLyowxHzX07nWAENmWC_kBAUKWkz6M4I0YsKbwXXESCIm0anicVd8KHvExCW9-wmglR4tEcPL7AskUPQSAlq4uuJXNmkR7ardpAAKCKfg8GBqDv1DmpAlz4g4-gxsrp5Thcbwg316Ndy5-SrqbJ4mP86sKqnPHJEdEweAUWukdfWqEjPsCPqRXzctw4PJCKh6XTxyUt0Bg%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d72227469469148a5dd27f866700705446d0a328c63b2d33c413c72eeb3abb0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=uLuk4w==, md5=I0mcPkVD3AaInbbs4fztvQ==
date
Tue, 23 Nov 2021 06:14:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38056
cf-polished
qual=85, origFmt=jpeg, origSize=74970
x-guploader-uploadid
ADPycduLqPRlALOAcydjkyg5fv8A6yTgsUeIbVjiEaUuVDK-lPd1q8_OXq7EvbXxvbNGtNCIWEE07Cin1c1ZOnkOuPls14_ULQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17126
last-modified
Mon, 15 Nov 2021 10:23:58 GMT
server
cloudflare
etag
"23499c3e4543dc06889db6ece1fcedbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiCrUx%2Fez7zVaPOJ8MsD22XsIhF2VDZjGgIUdVIC0tn8IQ8luUKHYyzY3DS%2Fq0SqxL4KmrfjnES0ldP5%2BjXVmsGZxfCa%2BW6X0jkk5sxUNACUnHEIHKxyaxAIPYNQNs2a%2FfmYAsEag7FgRhJW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636971838729327
content-type
image/webp
expires
Wed, 24 Nov 2021 06:14:24 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74970
accept-ranges
bytes
cf-ray
6b2841d0b8800f66-MXP
cf-bgj
imgq:85,h2pri
sodar
pagead2.googlesyndication.com/pagead/ Frame B022 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1834331248052199&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1834331248052199&bg=!KCulK2_NAAZQLpa_UC47ACkAdvg8Wt3UcEnBM4GHaYdDV38tbPd8UlhcCjTWNLFajMVDX2AM7JUnlQIAAABzUgAAAAtoAQcKALD8HgO3xvnyGrimx58uJqZZMQIqcojO9eYfTSyUV5BNXmY7sFzZpmXtEoqV6T184l1xA_cvevYQLILve7WMLA-n95kGdeJxmn6NLLDWyjYLpZLZ8B1q-NWVWVsT4_lodR-CkfDSDQXPaeHug3nrp3oBOI-KJCte7Pkg2o4KMejz9CXZEi_GCgAivAybHtHOVtZuf2csioYXuhjslyMNSMI_WnMbtLcO6VkosQ_5aEWchpkCfBL-QfazfQx9yTK9rJBgyksUwj2mNjuYNcAyQ-R531pAtq7lPEdor8gJn_C8QICgWixqah9wJ8jIkW3YR4LcHoCpYCDjFFJr9AOtez_BlSDVWmzku9LUUwm4jh3lfsgM43mtwHMXL8sZC46JaBsIh1AtH-NYICW-4Qsz8w5Ao5NqKuzAkFdznjz3SFOQpFxHpCtCpNIWCfCP-IolkXQQEb6ijdk03SYxsKKvBjKlH4IdUUCC6z4DT2Y3JL6TuPDhe7IHbtc_PHVy7UwDDmsjWYfQZ2yL5ez4BmZ4lQlUcx2nOuLrSAQvT2IUQtMKSGDLQqGrJR8uqIWpcNL8W4fbO6Q5Y7kbMOpwPm8e78zs1Jki7RtElr-a9PMpafRyMsOJdb32l4fyXWUDFjxoYPCMWBHloz9WPQBW7UnIsigX2LNZU84MpfJRwSuQCMY9TuJzVbwkkYLU6cVgl1N2rKURIK7hJTRRbzTIZluoQXKKCQO3fYHjO5l8isBvD6gLn4HGF386TwNBD2fWr62Q64hPO0BiHXsnMKloAk0Jl-zfsBtKWJN3f-KUEsS5cfCOdk4C8wztSMqaLluLd430-TrGQoo9FpBjnVG5dy4JrmEdH6VHv1G8BhwUVO2-dHRQ9q9h862tS_d_oTZ21Wm9tS9SCkgcRZYjU9_EvjAy9_OXE8eR6qS1hLXDJjpxU9rSmlOcOtabIDQqz5zLZyLoMyd10a-MTSkCDpC-8XxzcgnytC_7NHb_d3SbMPDI77hJOX75SBbqpn5hKgyuyfj3BK7N9rHK0Acz4vhxf1heVr8mGXMMZ2fua4GTFUpZP_IXrO96pk1Y-UjShzxJ8nCgfA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14128963883710659553
tpc.googlesyndication.com/simgad/ Frame AA23 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14128963883710659553?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkXSw9KfbK6auIwwyOou-VNbPI0nQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7786ffffd2d5c1bb9effc0a8d5073676e1303c55da58c48983b44a49fc817bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37542
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 00:30:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Nov 2022 06:14:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame AA23 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 06:06:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AA23 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 05:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 05:59:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AA23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIs7av4acYb7IMqWTx_APoquj6ATH-4axZpav0teDD63RveDkCRABILyb1WNgu76ug9AKoAGmieuMA8gBAqgDAcgDyQSqBJMCT9C2mcR-S2PrS11PRcc2vAfWX8episKF1FuKiOMCXOn2mjLpOe1ibHzmNDZu0UYGqCqoVBz3wZg9PXd8SorqW9-5qmNJC7I8x-ULVJHclVxuJqAbnkQbeT1ewQVWTiAksuAjNjTb72FtJ1feFMY-hI6Oao6ixsm1ooTc9PKwjPUMeYVMkOCNwQRRKxHQpksRbk4BMtr1T8LF2TsK8B_I0UtLxDjynjVVeSl9pK_lmj0masegKIaxe4lSrp3TAKQo3zuDjqXxjTW0jG2eVNFqj6In6OIFBXv4DMjWiQMBjrqXsvaa8yDQVspQdePriZziSJukE1wr8Rdnz8zyg74M3vVTdnT-FnxNvPQC9uQ40KsfMMbABJzV-ZzjA5IFBAgEGAGSBQQIBRgEoAYCgAf7887hAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOGCCtIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03MzA3MzU1NDE4MzgxOTI5GAA&sigh=mufCSjMpdbc&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 23 Nov 2021 06:14:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA23 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Nov 2021 06:14:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AA23 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 06:08:25 GMT
l
www.google.com/ads/measurement/ Frame AA23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_FN8wZLniQIMNKM4nTqmR3Q63O7euYN_ldieYfJFgF8APnMa5o8iYQ1Z6JvS132goZeubRv5WXT9OupQPHxr1OL-5xw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AA23 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 18:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11327
x-xss-protection
0
server
cafe
etag
10656063359522146397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 18:55:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1633 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 05:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 05:59:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1633 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Nov 2021 06:14:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1633 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Dec 2021 06:08:25 GMT
l
www.google.com/ads/measurement/ Frame 1633 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQU8O3zxOUgNuPipwZL6Vd8AXjSOv06Yuu3zmswA9y4y28o642KXdh3jNYWrJlf9jIpqDSjuHLer4F1gmbITETh6QQzXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		93 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a038e29db220dc6ff8c7b2ff7242bd2a3407f4b818cd5203a5dd5bbf6c3acc4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Sat, 20 Nov 2021 00:39:54 GMT
expires
Sun, 20 Nov 2022 00:39:54 GMT
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
22363
age
279270
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 1633 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvTwCv4acYaeXMpavgQfAp46ADPmmkMJV8YWc7MIOv-EeEAEgvJvVY2C7vq6D0AqgAa3XgZsDyAEJqQK1VpLkbtuyPqgDAcgDAqoEpgJP0Neh3LjJH8lAd9U1ClOkAiibV7KJJb8OuMnchTjkz4cHSZgkCn7GnMeHU0XxFNidlNwMtU5f_VaBP_7U9BJ0TdoiC-bUK_7Vbt_j4pbTgYt9gUv64wgWYcF0tsJ2mXmrl2dG1L2FKBLgiGHLD_AyEFulVdjFflpuaZRosxQggpce1jHYMK65qCyBwe-9Ix8TZyV2IJiGgpkMJu9owOMMS1qFBR1tct4yUeed_C8l39ZFJ-W3Y_hvCDJ6mkjBD2sSYwPR9oQIuS50jGplEEDeJ_oXJM9VTFXtvieTDchQhaPR0-Bo_jHHrwjxzHAFuvsQkj4nUT_uvNJSubC98Y1uicFZn7COJ-vJMAOJstPAGXnzOK_OhGtKAACJYQakCUzZYSmlBIXABI7zmPrOA5IFBAgEGAGSBQQIBRgEoAZdgAe7qP5kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQsIUc0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTczMDczNTU0MTgzODE5MjkYAA&sigh=RewGchZzWdg&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 23 Nov 2021 06:14:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame EAA3 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 23 Nov 2021 06:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 1633 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COfy8bjqrfQCFZZX4AodwJMDwA&gqi=v4acYYPKMYeP7_UPpqioyAs&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 08E3 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 23 Nov 2021 06:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15A0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 23 Nov 2021 05:53:44 GMT
expires
Wed, 24 Nov 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1240
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 1A6A 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 06:09:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 06:14:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 06:14:24 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1A6A 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 04:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Nov 2021 04:22:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1A6A 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 23 Nov 2021 14:22:06 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EAA3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 23 Nov 2021 06:14:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 23 Nov 2021 06:14:24 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 23 Nov 2021 06:14:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 15A0
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL-zZPYz25ESQ0kJNsjg3IkCHpYsILpsXjjkWz...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp5R3dRQUFCVkN4YmpAZw&google_push=AYg5qPL-zZPYz25ESQ0kJNsjg3IkCHpYsILpsXjjkWz5D6rQnhJYj4BjhuWpAlrhJ2PsTya3cPeyrIEYXh-9ElNo-TZO1HrC3CpM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp5R3dRQUFCVkN4YmpAZw&google_push=AYg5qPL-zZPYz25ESQ0kJNsjg3IkCHpYsILpsXjjkWz5D6rQnhJYj4BjhuWpAlrhJ2PsTya3cPeyrIEYXh-9ElNo-TZO1HrC3CpM
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp5R3dRQUFCVkN4YmpAZw&google_push=AYg5qPL-zZPYz25ESQ0kJNsjg3IkCHpYsILpsXjjkWz5D6rQnhJYj4BjhuWpAlrhJ2PsTya3cPeyrIEYXh-9ElNo-TZO1HrC3CpM
Date
Tue, 23 Nov 2021 06:14:25 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
466606.gif
id.rlcdn.com/ Frame 15A0 		42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIib2zsyL1WWntDx813U9UFadAjhORUTxPl6AG_GmQil2qFQImmN8I1H_jPFReI__U9HhoiF6VZijwQyf6lqMtGHv8XYzc&google_gid=CAESEPo5FpCKnMji9atNE8PpUV4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Nov 2021 06:14:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 15A0
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMAAUfjVsMslZD6WcYgD-Sk&google_cver=1&google_push=AYg5qPLlYt5F9SgfO8xLRVvTVMHfvM6bU8ETB13H_8Yx4oK8Xz9-Ft1XZz_g1-Ahxl9qtI7UTb5jG83IP2AsdNQwKHvx-F3upP42
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLlYt5F9SgfO8xLRVvTVMHfvM6bU8ETB13H_8Yx4oK8Xz9-Ft1XZz_g1-Ahxl9qtI7UTb5jG83IP2AsdNQwKHvx-F3upP42&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLlYt5F9SgfO8xLRVvTVMHfvM6bU8ETB13H_8Yx4oK8Xz9-Ft1XZz_g1-Ahxl9qtI7UTb5jG83IP2AsdNQwKHvx-F3upP42&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:23 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLlYt5F9SgfO8xLRVvTVMHfvM6bU8ETB13H_8Yx4oK8Xz9-Ft1XZz_g1-Ahxl9qtI7UTb5jG83IP2AsdNQwKHvx-F3upP42&google_hm=tmKzcL-OzfsMzL1nL0gb8Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
n0ropppvsqe45ababgdnmqnn86b67dnt
pixel
cm.g.doubleclick.net/ Frame 15A0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL8R0O98038nrD2Z_kK516MQ1ldZelBf-kxPglgCZPQgsOFRty0mPjqHNlzNCGmaqKqaXR0W3OhlS9VOd-2I70pqHVjioTa
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=S4moPxEWS6meIx-JeBeGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL8R0O98038nrD2Z_kK516MQ1ldZelBf-kxPglgCZPQgsOFRty0mPjqHNlzNCGmaqKqaXR0W3OhlS9VOd-2I70pqHVjioTa
date
Tue, 23 Nov 2021 06:14:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 15A0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENzk4-dIGr8dAIF0p0jZX-M&google_cver=1&google_push=AYg5qPJ0eZbylZDGSLVeutAnH3tkhl3ppAPZcZHgpyZSYBuhInZWqGIlmk5X2PY3mu8Tv_xdjNJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERIVlQtMUEtNzBITw==&google_push=AYg5qPJ0eZbylZDGSLVeutAnH3tkhl3ppAPZcZHgpyZSYBuhInZWqGIlmk5X2PY3mu8Tv_xdjNJ4KznDyIutCHZ2vxU_ZLpwrffH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERIVlQtMUEtNzBITw==&google_push=AYg5qPJ0eZbylZDGSLVeutAnH3tkhl3ppAPZcZHgpyZSYBuhInZWqGIlmk5X2PY3mu8Tv_xdjNJ4KznDyIutCHZ2vxU_ZLpwrffH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCUERIVlQtMUEtNzBITw==&google_push=AYg5qPJ0eZbylZDGSLVeutAnH3tkhl3ppAPZcZHgpyZSYBuhInZWqGIlmk5X2PY3mu8Tv_xdjNJ4KznDyIutCHZ2vxU_ZLpwrffH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 15A0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAE...
0
0
trk
ag.innovid.com/ Frame 15A0 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPoKnF6sR_LX1vSRgF1yMmM&google_cver=1&google_push=AYg5qPI8pwNrrJO9SJyNKEIlTWe8LjKnSXuYROIYN0IUUGfFNlmJxNMLXZXvzJwvqQN1GHz8xkAQ8dmSJkIut0K-qjpy4JhO1i_I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:9b42:ec:9152:470a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:24 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 15A0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LeepIT3D7iRT1WSFUc7zI9mRi50yOuNoUJbZffWLhbXQPk9Ij0bCRACAILkbya4440bNqo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:14:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 08E3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 23 Nov 2021 06:14:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 23 Nov 2021 06:14:24 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 23 Nov 2021 06:14:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1633 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d97fff25c2ff284b3d84079abc3b36aeb8d0aab2125d2ddd4c9ffa2d0a9115f9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AA23 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f06c29317cacaf74d42e96730f6ddcb0d23e17448d8f36346f4135bf1002aeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1A6A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:45:42 GMT
x-content-type-options
nosniff
age
484122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:45:42 GMT
Goalify_Modernized_Badge_no_border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/Goalify_Modernized_Badge_no_border.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
576233
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25925
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
server
sffe
date
Tue, 16 Nov 2021 14:10:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 16 Nov 2022 14:10:31 GMT
learn-more-button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/learn-more-button.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
285053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3852
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
server
sffe
date
Fri, 19 Nov 2021 23:03:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Nov 2022 23:03:31 GMT
goalify-professional-desktop-phone-mockup_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/goalify-professional-desktop-phone-mockup_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
530377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61664
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
server
sffe
date
Wed, 17 Nov 2021 02:54:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Nov 2022 02:54:47 GMT
truncated
/ Frame 1A6A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
learn-more-button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/learn-more-button.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
285053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3852
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
server
sffe
date
Fri, 19 Nov 2021 23:03:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Nov 2022 23:03:31 GMT
Goalify_Modernized_Badge_no_border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/Goalify_Modernized_Badge_no_border.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
576233
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25925
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
server
sffe
date
Tue, 16 Nov 2021 14:10:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 16 Nov 2022 14:10:31 GMT
goalify-professional-desktop-phone-mockup_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 1A6A 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/goalify-professional-desktop-phone-mockup_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
530377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61664
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 10:22:28 GMT
server
sffe
date
Wed, 17 Nov 2021 02:54:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Nov 2022 02:54:47 GMT
Emotet-map.jpg
i1.wp.com/mediacyber.id/wp-content/uploads/2021/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/mediacyber.id/wp-content/uploads/2021/11/Emotet-map.jpg?fit=1200%2C600&ssl=1&resize=350%2C200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a8759daf40dbd928d0ec22f7b6650d003b71eb619b0219130f81ff422b448be0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 5
date
Tue, 23 Nov 2021 06:14:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:26 GMT
server
nginx
etag
"35e8736abc6520b3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/11/Emotet-map.jpg>; rel="canonical"
content-length
7464
expires
Thu, 23 Nov 2023 18:14:26 GMT
Emotet.jpg
i1.wp.com/mediacyber.id/wp-content/uploads/2021/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/mediacyber.id/wp-content/uploads/2021/01/Emotet.jpg?fit=1200%2C469&ssl=1&resize=350%2C200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ccb443a4ad73ccce6d21f3ed018dbc2f8f65889ff217ac68850d99f602768d4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 3
date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:24 GMT
server
nginx
etag
"ebbb4402de1138d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/01/Emotet.jpg>; rel="canonical"
content-length
10224
expires
Thu, 23 Nov 2023 18:14:24 GMT
Emotet-map.jpg
i0.wp.com/mediacyber.id/wp-content/uploads/2021/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mediacyber.id/wp-content/uploads/2021/01/Emotet-map.jpg?fit=1200%2C600&ssl=1&resize=350%2C200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
d657f71582a4d01813828e3d7bd6925497e604e57355eca30c3c9ca49a393062
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mediacyber.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
MISS lhr 6
date
Tue, 23 Nov 2021 06:14:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Nov 2021 06:14:24 GMT
server
nginx
etag
"9e575d600453f207"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mediacyber.id/wp-content/uploads/2021/01/Emotet-map.jpg>; rel="canonical"
content-length
7460
expires
Thu, 23 Nov 2023 18:14:24 GMT
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 647E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=60&slotname=5930711040&adk=2026082355&adf=1737328691&pi=t.ma~as.5930711040&w=468&lmt=1637648063&psa=1&format=468x60&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063839&bpp=1&bdt=4412&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280%2C728x90&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=380&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=i7NP6RIbUK&p=https%3A//mediacyber.id&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:29:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1633 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpxXn4gf7JGwotb96Q8wj3tqw5s6eFtaF1Q8KyLt-RKwQYtSl3rPWWUY6bhfeLFV-jifaT3x_9Xc5-GUr4Gn8YXj2cu-_fEAxkasuQP1h_Kk0AXWY1LPN-Dza_EJwH4JGqZAY8zNgNvh2C&sai=AMfl-YRZVYfJCuEZsyrJaPSBLQjXmh3UwUxFksqG4tNEYgfooC-8M5OcPZzF47si4iPiSzA9n2EeM_MFHnL_n1vn9i9w1rJrPeSgz4BB4_NVG3LTEmzrMWcD5J4mjKw&sig=Cg0ArKJSzBVFqngKrVvvEAE&cid=CAASF-Ro4S3tvVwlfHofobcREGVR7wEfrCJ6&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=457726996&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637648063838&rpt=940&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 06:14:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings object| related_posts_js_options undefined| $ function| jQuery object| cnArgs function| gtag object| dataLayer object| tdb_globals object| tdwGlobal object| tdaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| td_screen_width object| block_tdi_3 object| block_tdi_7 object| block_tdi_9 object| google_tag_manager function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| _ object| tdsLeads object| tdbAutoload object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData number| google_lpabyc object| twemoji object| wp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| fifuImageVars function| disableClick function| disableLink function| fifu_fix_gallery_height object| _stq function| st_go function| linktracker_init object| wpcom object| googletag object| GoogleGcLKhOms object| google_image_requests

22 Cookies

Domain/Path Name / Value
.mediacyber.id/ Name: __gads
Value: ID=1187c1772951feb7-220ef1ebeccb00e0:T=1637648062:RT=1637648062:S=ALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw
.mediacyber.id/ Name: _gid
Value: GA1.2.356608468.1637648063
.mediacyber.id/ Name: _gat_gtag_UA_60148533_4
Value: 1
.mediacyber.id/ Name: _ga_WJM17ZNQST
Value: GS1.1.1637648062.1.0.1637648062.0
.mediacyber.id/ Name: _ga
Value: GA1.1.677717467.1637648062
.doubleclick.net/ Name: IDE
Value: AHWqTUnA5SCCLFSeqx4yYlxnrSqVmKwZ9Vsn2n8FvOyxj2J6SRR-e67nW9wyap9X4vw
.adnxs.com/ Name: uuid2
Value: 1970559469930947083
.casalemedia.com/ Name: CMID
Value: YZyGvy2v5OEZrNEtbWqYyAAA
.casalemedia.com/ Name: CMPS
Value: 1853
.casalemedia.com/ Name: CMPRO
Value: 667
.openx.net/ Name: i
Value: ba980615-bf8f-4b22-b06e-3938987612b6|1637648063
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlljwzPf!]tbPl1M>e)ZlrFUfJ+tGXxo@9!DqJ>nWfP_@RO6Kf/xbHSA>)Yvqzi>LeQ/%nugO%v4VB%noDo*:gJ-
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.rlcdn.com/ Name: pxrc
Value: CL+N8owGEgUI6AcQABIGCOndKhAA
.quantserve.com/ Name: d
Value: EFkBCQHlJIEA
.quantserve.com/ Name: mc
Value: 619c86bf-a8015-fd000-98d7b
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4B89A83F-1116-4BA9-9E23-1F89781786BE
.casalemedia.com/ Name: CMRUM3
Value: 2d619c86bf2760CAESELqBoMb5TDYH2x_ON8yfgr8
.rlcdn.com/ Name: rlas3
Value: 23ESUJp1DzheV/D2ZA/iSCHiKiayS1eFdBrtlehI78w=
.casalemedia.com/ Name: CMST
Value: YZyGv2GchsAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.innovid.com/ Name: uuid
Value: aad969db-9100-4ecf-81f8-1649b22e64e5-20211123 01:14:24

208 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPLU7D7gZ6wmoSzjSUtJJsabT3JwIT4sgN2qwqu2C3kUSnRbp3tsyXzXris8iVHcoEKrN-V6wGn29AK-OcyaE3-sx4bEyWzHjA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17368370350617788416/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7307355418381929&output=html&h=90&slotname=4937810024&adk=457726996&adf=1183505835&pi=t.ma~as.4937810024&w=728&lmt=1637648063&psa=1&format=728x90&url=https%3A%2F%2Fmediacyber.id%2Fcomeback-botnet-emotet-didalangi-oleh-geng-conti-ransomware%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637648063832&bpp=1&bdt=4404&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1187c1772951feb7-220ef1ebeccb00e0%3AT%3D1637648062%3ART%3D1637648062%3AS%3DALNI_MYUDL-VVqjvow6ZeW90ZUSQAbWBmw&prev_fmts=0x0%2C696x280%2C696x280%2C535x280%2C1200x280&nras=5&correlator=6853722120038&frm=20&pv=1&ga_vid=677717467.1637648062&ga_sid=1637648062&ga_hid=121174941&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31062937%2C31063735%2C31063792&oid=2&pvsid=1834331248052199&pem=573&tmod=147617734&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xi7xtnQN3C&p=https%3A//mediacyber.id&dtd=5
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17368370350617788416/index.html".
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZyGvy2v5OEZrNEtbWqYyAAAApsAAAAB&google_cver=1&google_gid=CAESEMNzHb4tJRR5dwOwEasz--0&google_push=AYg5qPL39tVVy_EGLOvKI4vchntos0_jCuzAEhFrm_kZ58LKiaSyO2ebjA8KESXTJrzJewY0eH17wG1p3XYnV8gh8vCC8-rKT9T6
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.co.uk
adservice.google.com
ag.innovid.com
as.ad4m.at
assets.ad4m.at
c0.wp.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
mediacyber.id
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
rtb.openx.net
stats.wp.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
103.49.188.59
142.250.186.66
142.250.186.98
192.0.76.3
192.0.77.2
192.0.77.37
198.47.127.19
2.18.234.21
2606:4700:3039::6815:c084
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d01c:1d8:8102:9b42:ec:9152:470a
34.98.67.61
35.227.252.103
35.244.174.68
37.252.173.22
52.89.234.250
69.173.144.138
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06352f1024c625b8a78fa9859081a1317c4bdfe6483d144d21bb7562c96cf5b0
08a2081137e3d70ca13aa8cdf0099a64ca42de1e9c2fe97c825435cb11c12bff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8aa3a0c383950863af48cc4f1c87b060611e1f2e35f1b1b7d80bc14ee47b7f
0dca9aebd44a0d703986efe180554294687479465a34250979df778be1597350
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f2315edcc40b62b66c9b98beee6da5ea190b8a4792c94f3013a62d54df5f05c
1089db2bde695e0782ce23b4e28bbd698d691035f0497011330a2a8b77cfe8c8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1f06c29317cacaf74d42e96730f6ddcb0d23e17448d8f36346f4135bf1002aeb
209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6
2256c9e5605323f852f232fd6819a02cf2cac3e04c84299e19efe83037fd8cda
2c748868cf6f4a9ae35afe4791eb253b6fb260231243aef2e3b43488579c8568
2d5d7b67889049d494817458fb2ce25077d0e7e019c90d045fe1d3c35935cbd9
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
31d8725853ee217c5822a405953769e8412d1e942f5627697e0ef9b87b51464f
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3c4633a360584c243ad0b4279eb0ba8b222d11f7dbd7cd7d14656d8ed99d9422
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
46cfe92ee266a546c11137257a418acd51de6ce0f62900920cc0a69cf66312ce
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c10e91874623433a455666a7720bc90a0717d84c88824491d8f06a35b6dd173
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d2765af9e166261bb8463f1e5e8f03a8f31f90a5bb4751573a544e3a47af7e1
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
617885a3b0466844835e70fe3210c2ddeeff7f2d81706e366b5fa74ade330a14
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
6209237f1d67867d7059cb7cf68b6a472148abdce6f465d362ba22ba00f022bc
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7186118a8701455c29d757d2719e6594222f7e1473c32b69c4ea7e8e9897d02a
718af566df0b3fa0322ee84163e1e204df07d8f53c7f76a6fffd45b70b1789e8
73e6e8345c518a9f3dbf16a1691468b9869edb4591cae616cd221dc98a0b3f70
76f95c89d670bf4d3318efb90a2155fc8b56104b0f17761277db9609f61cd7c0
7786ffffd2d5c1bb9effc0a8d5073676e1303c55da58c48983b44a49fc817bb1
77c3a7505dd5bf9537a9fb57750bc174fd929545d753ec8136de33759d44f626
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
8083f8a4ce63c882122d761b1ed44c41a65d0b063dc5dafcf6dacaa21e38a64e
8370700527ff5e209a0c966ce745625e28b787da5f25880d0a3d3ec11878219d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd
8d72227469469148a5dd27f866700705446d0a328c63b2d33c413c72eeb3abb0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52
967d551ff201dd9ba2e0241a9a6480ad3cef7c95fefb945d12528ba1fcef95e0
98e4838db7bc472fe23d1973c34fc42eba931c13febceb4ef849e683d6f9b6f3
9976a1396a8a3bba197b71566d2b282973a961fb1ccba5169ee6f660c5885640
9a038e29db220dc6ff8c7b2ff7242bd2a3407f4b818cd5203a5dd5bbf6c3acc4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9f7cd62356d4bf4585c4e1df4e6c26ba1b6bb8922670f952655b81c77e85bf5b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a69e94487cf61a3461e708bf49f45ddb193b580d9b97988821f7f5f5d2a1d629
a7cb333c1d23b4d034bc1f3cc7240773550ca144c57a4e6f706698a5bbd0747d
a8759daf40dbd928d0ec22f7b6650d003b71eb619b0219130f81ff422b448be0
aa2c95c29f33c051d6cd6f39a83701983f675d876502251c793e8099976daa1a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7bf25f790001fcd4a580ecbc6076f01eadeb3a74d3a57c2443e72b2c14f5b53
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bb0ebba0a0650f33afb9c6fd46ff42a4476b8fb07d4210879e0aa8fa553a8eb1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcae826eac25832ddf7a00c1687d28515d81b9f3118779ad50fde6fd63eb0f6b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
bf77065b0e4b52c6ee71566850b3e6a1ecdfd6331427c5063a1116e347b85203
c46073b8b873a8876c404041a73c446e7799de86e48f2174056d83248628029b
c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb443a4ad73ccce6d21f3ed018dbc2f8f65889ff217ac68850d99f602768d4a
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d657f71582a4d01813828e3d7bd6925497e604e57355eca30c3c9ca49a393062
d97fff25c2ff284b3d84079abc3b36aeb8d0aab2125d2ddd4c9ffa2d0a9115f9
de9a45224a39a2505404fea083cbcbe3f746d3094c697be106c2d425f5ffa690
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfde452299a9c3b6170e77552a53a26a08b8da76b4832bb7bdc3c0eb5d18382b
e0b14965f79ea8e3d8c041a1d07053da72481ac025ee33354d517e94db127f08
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a