mkomsel.com Open in urlscan Pro
2606:4700:e4::ac40:a423 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/Vidioviraldycu7ozwghqxhxK
Effective URL:
https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Submission: On January 18 via manual (January 18th 2022, 1:06:33 am UTC) from ID — Scanned from DE

Summary HTTP 144 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 20 domains to perform 144 HTTP transactions. The main IP is 2606:4700:e4::ac40:a423, located in United States and belongs to CLOUDFLARENET, US. The main domain is mkomsel.com. The Cisco Umbrella rank of the primary domain is 559165.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2021. Valid for: a year.

This is the only time mkomsel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:5384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.212.202.252 13.212.202.252	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:e4:... 2606:4700:e4::ac40:a423	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 7	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2 4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:ca00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a03:2880:f00... 2a03:2880:f00a:11c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f00... 2a03:2880:f00a:e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
144	29

1 2606:4700:20::ac43:5384 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.212.202.252 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com

safefileku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e4::ac40:a423 (United States)

ASN13335 (CLOUDFLARENET, US)

mkomsel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ca00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00a:11c:face:b00c:0:3 (Kista, Sweden)

ASN32934 (FACEBOOK, US)

scontent-arn2-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00a:e:face:b00c:0:3 (Kista, Sweden)

ASN32934 (FACEBOOK, US)

scontent-arn2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	444 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 pix.eu.criteo.net — Cisco Umbrella Rank: 7730 csm.eu.criteo.net — Cisco Umbrella Rank: 7881	53 KB
16	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 639 scontent-arn2-2.xx.fbcdn.net — Cisco Umbrella Rank: 90965 scontent-arn2-1.xx.fbcdn.net — Cisco Umbrella Rank: 58927	762 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	133 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	539 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	24 KB
7	mkomsel.com mkomsel.com — Cisco Umbrella Rank: 559165	89 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	186 KB
4	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 98	32 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10834	58 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
3	safefileku.com 1 redirects safefileku.com — Cisco Umbrella Rank: 765344	14 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	172 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1576	462 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	642 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	344 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	62 KB
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 71326	492 B
144	20

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net mkomsel.com tpc.googlesyndication.com pagead2.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	mkomsel.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	pix.eu.criteo.net	ads.eu.criteo.com
10	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	static.criteo.net	ads.eu.criteo.com
7	www.google.com	2 redirects mkomsel.com www.gstatic.com www.google.com tpc.googlesyndication.com
7	mkomsel.com	mkomsel.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	scontent-arn2-2.xx.fbcdn.net	www.facebook.com
4	www.facebook.com	2 redirects mkomsel.com connect.facebook.net
3	scontent-arn2-1.xx.fbcdn.net	www.facebook.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	www.google.com fonts.googleapis.com
3	safefileku.com	1 redirects mkomsel.com
2	s0.2mdn.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	mkomsel.com connect.facebook.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	googleads4.g.doubleclick.net	mkomsel.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mkomsel.com
1	is.gd	1 redirects
144	30

This site contains links to these domains. Also see Links.

Domain
safefileku.com
www.facebook.com
twitter.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-03` - `2022-04-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
safefileku.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-27` - `2022-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Frame ID: 85A51293FB1424F85B5E22AF416FB459
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 87AA99B031321D21E2A47826A8EC6E41
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=a9p8wqgdkp14
Frame ID: 5E31DF8E894AC80288ADF5A16C00D649
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&adk=1812271804&adf=3025194257&lmt=1642467987&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987699&bpp=2&bdt=362&idt=197&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1153041639742&frm=20&pv=2&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213
Frame ID: 4FC12B2D34DB58BC47458D35C18F1569
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1642467987&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987701&bpp=1&bdt=364&idt=215&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IoLysd7Zdu&p=https%3A//mkomsel.com&dtd=218
Frame ID: 3E7AEAEFC2899D38E79A08B939AC08C4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221
Frame ID: C2031997519D12BE1559110529D7865C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987704&bpp=1&bdt=368&idt=222&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HLVVQ1O6ZV&p=https%3A//mkomsel.com&dtd=223
Frame ID: 14B67C6C11435AAD9C6024417585306D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Frame ID: 93698F1547FA8A395DA1D9713A4F6E0F
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YeYSkwAPAqgIu8XFAA9y19vXsVGaTLnC-Erk6g&u=%7C%2BnNam1pS%2FNyTaZJxqcLPQ1HNA5M4z73vqmzm9OiKVGg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy0Duxw-twqt7vJGG2MF_oAqC3U4f0EZktacoe_GbXFg_j71UnsRc29DlxW0ug0lYy4PH5fx0wfVIKXXISip7Sf-Oo-NvdvfLcZyuQgB7ZMKpWjFxK2EEK13acNPNIK70vBItCzEiFawAlTGyxrAAvu1EX-lY45A94QRb-I5wvGJKV7YyhF3w80TW04_Zwz3nLx2WV93L1HdsM7y0H_1jhqe4RqtxL0re2bgfnbyd8nSn4b54PqYSI-Qid2imw_lhIUp4g95WTaD1MGTnIVmpQKSOJ7HCoBuTxMB_trgPNkRoo-nTzjiSUqz5Ho5EVhWlZuYUYr937GickZ4gNzQH4RNrAbDXbgqILYyy19EnuZLxnIYZj0UeGHhlf6wMXg6GWWyCQbSdsj1v&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOoCOkxLmYaiFPMWL7_UP1-W9UMme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTkzMzM2MjM0Njg4NjU2NqAB1bbS6gPIAQmpAs7gd5C8IrM-qAMBqgT0AU_QeUCbR5SvXeRSMhjU_pcLlV-o3tdRz828v1uZYto7A5DnRLXzXYkB7jhDbxh3Wm-uUzjyA-e8xUCCWyyRNBYKU36SAVNd2OFfaPTta4BkGY9GaZM_eEBY06_RAHxzAOrNpiLfrPk32EyXfnXZRxoizsi20_T5OMmlXfA23xw7l_NrJKnFdR21i4_pIfB3ENEqCa1IYfNKFLKWqncRnpp2SzGzVKGksPEgbDnypBC52IcAIKZ5_pnmfxRAiBnS5-YZJ2VAOcEYO1YG3ftEqN4fGzsKCNtpa58_dIDFr6VhRZWzytld7zqylme1aQjcKUIh-K2ABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hEKwVsB4vrMtdBvoMiuJbjNyaRQ%26client%3Dca-pub-5933362346886566%26adurl%3D
Frame ID: 84D62807EB17F888808F1DC408F40059
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5881F19BD820E3B917FB2744AF3452A1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2A211FC0EC5597252CFCC255E3A4B1A8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06F9389430C4A54B10365E960208A99E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F94DCE81E5B416B50BA8EE994E10347A
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 81714EB25C103944A5D7DC5191BA79F8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D718BC23A98677D6573689F0B5073A55
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 7A64714DA88C0E50A7407CB1223B9FF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 7ADB5960C7F2D722C82A716646B08576
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Frame ID: 17572504ED8BF4645F7429A4C4198F92
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC1997784BE5CCB1A449BDFA84524B8A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44337C82B38FE7E94387F1A1A01BF652
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vidiomesiafire0101.mp4 - SafefilekU

Page URL History Show full URLs

https://is.gd/Vidioviraldycu7ozwghqxhxK HTTP 301
https://safefileku.com/download/Ol1kFRlUjNlLeAs HTTP 302
https://mkomsel.com/download/Ol1kFRlUjNlLeAs Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

144
Requests

99 %
HTTPS

79 %
IPv6

20
Domains

30
Subdomains

29
IPs

5
Countries

2655 kB
Transfer

7222 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://safefileku.com/

Search URL Search Domain Scan URL

URL: https://safefileku.com/register
Title: Join us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs
Title: Tweet

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&description=Download+Vidiomesiafire0101.mp4
Title: Pin

Search URL Search Domain Scan URL

URL: https://safefileku.com/report?fid=Ol1kFRlUjNlLeAs
Title: Report file

Search URL Search Domain Scan URL

URL: https://safefileku.com/page/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://safefileku.com/page/dmca
Title: DMCA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/Vidioviraldycu7ozwghqxhxK HTTP 301
https://safefileku.com/download/Ol1kFRlUjNlLeAs HTTP 302
https://mkomsel.com/download/Ol1kFRlUjNlLeAs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

144 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Ol1kFRlUjNlLeAs Show response
mkomsel.com/download/
Redirect Chain

https://is.gd/Vidioviraldycu7ozwghqxhxK
https://safefileku.com/download/Ol1kFRlUjNlLeAs
https://mkomsel.com/download/Ol1kFRlUjNlLeAs

17 KB
6 KB

831ms
799ms

Document
text/html

2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: ce6fab7309badc173e5d937b70d67b0f2fb7263e75db65e73fd3256784177714

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.27
cache-control: max-age=31536000, public
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2B7RjZ6lw6S8saynjAF75KXhjtlO4iwWAF9sonK1pOLd13Hz66rdAHUu%2FtKYQBe8na2ehGnaYLz%2FGzib%2FOaH%2FkdbIFDNbA9iAB%2F5LR04sNEk%2FaYCG0l0pr%2FdtHtJRVxBq4YoQxYdry5Wmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf3ebb3df7d4401-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Tue, 18 Jan 2022 01:06:26 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.27
Cache-Control: no-cache, private
Location: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
mkomsel.com/download/assets/libs/bootstrap/css/ 158 KB
25 KB 19ms
18ms Stylesheet
text/css 2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/libs/bootstrap/css/bootstrap.min.css
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 771973
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Sep 2021 04:48:00 GMT
server: cloudflare
etag: W/"61402980-27681"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWfiHwKUpF3nrM%2BwVrp1yGLWDJnwzCZ5lkJdvjxjY20wJM2udU6lVksYUXBzyAT3g92gPnXVN24FJsO91d0HBfnpJB%2Bs9jPnNNrPmhzCmbHgcQDLerw3RvhPkxhRyDktlgfmgTFHEkRGVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7776000
cf-ray: 6cf3ebb90f564401-FRA
expires: Sat, 09 Apr 2022 02:40:14 GMT

GET
H2 200 app.min.css
mkomsel.com/download/assets/css/ 10 KB
3 KB 15ms
14ms Stylesheet
text/css 2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/css/app.min.css?v=0.2
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cea5297eef92504dac741d537e93a4d1271607be29bdfdd9aa23258d1ef2e8aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7107049
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Sep 2021 04:48:00 GMT
server: cloudflare
etag: W/"61402980-290a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiLb1vA0rHgREKpRKge6dAX4pcOfu6mXbK8A7I1lfs9r3a92WVyMHKvKorEXgGzEffDhC9337TGrkEw0cFn9NXHDawmC6%2Br5p4IuSaVOJMgPADOXvc898Y194i6qsR6NEkkbtPnXKP2JqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7776000
cf-ray: 6cf3ebb90f574401-FRA
expires: Tue, 25 Jan 2022 18:55:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 158ms
77ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d99150881703fc83ba5c3b2b65fde3184d93b33e81bfe8fa6c2177cdbc122a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51979
x-xss-protection: 0
server: cafe
etag: 16056205043463195823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 01:06:27 GMT

GET
H2 200 invisible.js Show response
mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/ 40 KB
15 KB 49ms
47ms Script
text/javascript 2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6109228bb361aa5d317df98355de600d6da2cf7995da9f5c335481e97a664f4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuQ48fJpiwR8cScdoro5RmrK2MZze8DuQEy%2FKALbQZ7vH4mk22qPl7BYnMsV%2FUlA5pjQw0AlQVycteuk9nwzdy6iKvkssa52uCstPwxG%2FiWYDbh%2FA4vxHOvnI8y%2FcT6C1zQcHSZ1b5TGzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6cf3ebb92f854401-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK logo.svg
safefileku.com/images/main/ 11 KB
11 KB 166ms
165ms Image
image/svg+xml 13.212.202.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safefileku.com/images/main/logo.svg
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.212.202.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 01:06:27 GMT
Last-Modified: Sun, 16 Jan 2022 06:20:06 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
ETag: "2ad6-5d5ad06fcb362"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10966

GET
H/1.1 200
OK mp4
safefileku.com/icon/ 1 KB
2 KB 184ms
183ms Image
image/svg+xml 13.212.202.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safefileku.com/icon/mp4
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.212.202.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1d / PHP/7.4.27
Resource Hash: 00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 01:06:27 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.27
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d87c7104899de0c27acfcebd6c1c8dd0ea4592e009adebc652d58018b77571f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vyF+YQa7ZbCyhxBjCX+3pA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: kWDteGa13610uA4pOYaqwMcK5lyt2lseKbcWrr/x6ftQB9IA+CDLGr5qKDKyfueLavt8lM6e4tM/4iMioPSonQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 630b285073f3a8df32a4d4631202d0e8
x-frame-options: DENY
date: Tue, 18 Jan 2022 01:06:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4d83bedc50c3125ef7d5b3c7da0cb6bd"
timing-allow-origin: *
expires: Tue, 18 Jan 2022 01:18:00 GMT

GET
H2 200 jquery.min.js Show response
mkomsel.com/download/assets/libs/jquery/dist/ 87 KB
32 KB 19ms
19ms Script
application/javascript 2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/libs/jquery/dist/jquery.min.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7666629
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Sep 2021 04:48:00 GMT
server: cloudflare
etag: W/"61402980-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE%2B%2FBDiZ8ORYkhpWST7X1Nb69E5pQK29ebRDtpBKQ16HzHzrnP8%2Fwaqz79EONNOl4j4L6I4YDkyXpNMnTAvBa1dNj20IdSqLycE%2FcA%2FInd7fykFa7ldvy6TUuPq0%2BLzTa6WlpHqjEdMVMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7776000
cf-ray: 6cf3ebb91f6d4401-FRA
expires: Wed, 19 Jan 2022 07:29:18 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 134ms
49ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47d6a05d6ad84b1c213f47647d1fb89523cf96bf0611728d5fc453fb89c83e23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Tue, 18 Jan 2022 01:06:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
62 KB 356ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J72KJ758XE

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

148bca24aad00019c6b2be273d63157d6e292007d16c542dff2fb676d6853ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62536
x-xss-protection: 0
expires: Tue, 18 Jan 2022 01:06:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fb438dbf705a78bbd6ee4457ef20ce19

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e6bc8999b8d3a5c7911737f7dfb127326a149a6f57196b2c7ca559b992de872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AyLv0ROOHZyepMQxdgbMxw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
expires: Wed, 18 Jan 2023 00:02:45 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82070
x-fb-rlafr: 0
x-fb-debug: MmPx2Jj8cbmU9Z2sKGhsX95pEIvA2WngGt67Lca8d0jyuIEfJ5qo5PSNw7WLFiKCL4hYmsM2dd2+DtV30FkNdw==
x-fb-trip-id: 917726464
x-fb-content-md5: 6eb03747a3b8183ad50342964e26e5ef
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 18 Jan 2022 01:06:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c6d14946d4289ea0fcf8285be836b53c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pica.js
mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/ 24 KB
9 KB 18ms
18ms Other
text/javascript 2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e03a1d78851f102c9fce8dafe2cd91c8c695ef149e705e793a742db43d84a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DGxVG%2FjQn49oO1zyHvjdJJ9unwWBbz5DfW4vwS7bCYPoQ6W%2BEFaYNuUnZFNMtlb2F5tZy%2FkWgkuag%2F4DzstBBCwAckaaxr%2BWbnyd3INvVY4sLyYBL2eEqgbDLEmSrwocacO0bxn%2BGLZZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6cf3ebb998064401-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 210ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1026262167543273&ev=fb_page_view&dl=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&rl=&if=false&ts=1642467987485&sw=1600&sh=1200&at=

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 18 Jan 2022 01:06:27 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 354 KB
140 KB 207ms
36ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 19:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 19:00:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/ 284 KB
102 KB 115ms
71ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5933362346886566&plah=mkomsel.com&bust=31064093

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a8a61c0ae283ffa3409ca9ab2319283568f49e2f58be536699b087741639f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104506
x-xss-protection: 0
server: cafe
etag: 479520575480754272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 01:06:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 87AA 11 KB
5 KB 125ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Mon, 17 Jan 2022 02:05:13 GMT
expires: Mon, 31 Jan 2022 02:05:13 GMT
cache-control: public, max-age=1209600
age: 82874
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 132ms
45ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J72KJ758XE&gtm=2oe1c0&_p=1753114849&sr=1600x1200&ul=en-us&cid=802485236.1642467988&_s=1&dl=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&dt=Vidiomesiafire0101.mp4%20-%20SafefilekU&sid=1642467987&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J72KJ758XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mkomsel.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mkomsel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5E31 40 KB
21 KB 106ms
58ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=a9p8wqgdkp14

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51b322c24470da6d14f47e3d8b7cc2fdaa83f755d18007366025b870f7a4874f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TpiJ+QOasfg/jizXlUrxqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Jan 2022 01:06:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-TpiJ+QOasfg/jizXlUrxqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21095
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
642 B 131ms
47ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mkomsel.com&callback=_gfp_s_&client=ca-pub-5933362346886566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5933362346886566&plah=mkomsel.com&bust=31064093

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d6bfeb6e147f4bc5795c0088b84ca30381bba6366744d5627254dbdac57f26fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 139ms
46ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FC1 225 KB
60 KB 459ms
416ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&adk=1812271804&adf=3025194257&lmt=1642467987&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987699&bpp=2&bdt=362&idt=197&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1153041639742&frm=20&pv=2&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a55de880d6a7f3948ec6287dde281107f7b81db2b05e856a1c79a624ba928e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 Jan 2022 01:06:28 GMT
server: cafe
content-length: 60952
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 01:06:28 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E7A 66 KB
22 KB 393ms
355ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1642467987&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987701&bpp=1&bdt=364&idt=215&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IoLysd7Zdu&p=https%3A//mkomsel.com&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44f4c6080f3888195b895a8e4083808d50dc927941e7240b02d4b4abba224583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 Jan 2022 01:06:28 GMT
server: cafe
content-length: 22717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 01:06:28 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C203 70 KB
27 KB 737ms
703ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87516bc146d3c25b656c67a640cde4bc183c97de27bca9ee11eef02d28c6f796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 Jan 2022 01:06:28 GMT
server: cafe
content-length: 27623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 01:06:28 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14B6 22 KB
9 KB 516ms
485ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987704&bpp=1&bdt=368&idt=222&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HLVVQ1O6ZV&p=https%3A//mkomsel.com&dtd=223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c428b0c62a59fd1d7e081a5ce956c099472b7287507ba455423780e9666910e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 Jan 2022 01:06:28 GMT
server: cafe
content-length: 9423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 01:06:28 GMT
cache-control: private

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 5E31 51 KB
24 KB 81ms
37ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=a9p8wqgdkp14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 16:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 16:58:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 5E31 354 KB
140 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 19:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 19:00:50 GMT

GET
DATA 200
OK truncated
/ Frame 5E31 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5E31 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5E31 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:03:19 GMT
x-content-type-options: nosniff
age: 324189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 21 Jan 2022 07:03:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E31 15 KB
16 KB 124ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 568103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 11:18:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5E31 102 B
133 B 47ms
47ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=a9p8wqgdkp14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9369 7 KB
1 KB 53ms
52ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c489de434fde67ccb8c3978dc224f3e87e1dde31135a93e5f741a44c73b2954c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gJixlFYsPn+mZI3zLGZAKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Jan 2022 01:06:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-gJixlFYsPn+mZI3zLGZAKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 3E7A 4 KB
1 KB 133ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1642467987&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987701&bpp=1&bdt=364&idt=215&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IoLysd7Zdu&p=https%3A//mkomsel.com&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 00:52:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 01:06:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3E7A 1 KB
955 B 135ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:30:15 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 3E7A 19 KB
8 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:52:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3E7A 2 KB
1 KB 134ms
50ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 01:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E7A 121 KB
38 KB 141ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3E7A 15 KB
6 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:59:34 GMT

GET
H3 200 b08052bb948632636d2eb594b39baf17.js Show response
www.gstatic.com/mysidia/ Frame 3E7A 27 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11476
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 08:34:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 15:07:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E7A 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce28RkxLmYaz3O5aI7_UP0qaOoALeyoOvZ4rXo4ugDvAuEAEg7KqaRGCV4pCCoAegAdub1M4ByAEGqQLO4HeQvCKzPqgDAaoE-QFP0KFVs2M8XhJe4D889EWyW8vZ3SnW4acTW2E13ZDtHuVcNa2CXE_VxOwtL7gxR-xNSV384qhTi1vNAeiOV-qbc1ZQV7TPbKfnD5TWq1_MwE26_WdiR0UZQmZ_3dnu1skcdKe02wdpC1Wkn5vPAxLMzmLODvQVIly5NMikyjwcjf96m7sJE42Ij7StTPPOYWHW2BLrIM3kPAFgLGuEI7ExrBUF4y-ZWBPlflhz5_CjSjxop3IVgRYmT4hPBob_0ScGeSBjy1hjiwVb53slXWR6v8eLHAmmVlWY56msAGTC-2IupG77-Qc41AI3cUzmu9j5I_wCCMnewxXABO3GsqPQA-AEA4gFlqD2_DOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB43kq7ECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwoQh8EIGKPkh7AB0ggJCIDhgBAQARgfgAoByAsBsBPY79oNyBPPitvdA9gTCogUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi01OTMzMzYyMzQ2ODg2NTY2GAA&sigh=CcfImlZKfwQ&uach_m=[UACH]&cid=CAQSGwCNIrLMXaLSP_gIyXVETLQ2znJRL954P-YH8Q&template_id=509&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1642467987&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987701&bpp=1&bdt=364&idt=215&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IoLysd7Zdu&p=https%3A//mkomsel.com&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 18 Jan 2022 01:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E7A 42 B
65 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALsv4Gz8YscDFFa9OTK3nfV82jwzZYB-kxSy38n3YTMJthNEUPU7lVf2Rd-DTld92XtCWvV6raCtCGSNxDAbeI4ESVEQcCO8ajPSEadTgPXY_h9fAdkj701QRShbQz_IXwLD8LpiAD9oxphFKT6lsdipazxw&dbm_d=AKAmf-AaOy4J5V6MBlVCTKIuo_o4RVwVXdAfnysUzX2GaQx7MQ4w72J-O4-0UhqvuiWncFo4AA58CuXoyExM2AO6dctbf5EIlOikDHnHkdqpDYaQ69DbxjPMnOucqjgNAu9cth6I7Gl5jz645-18tN9CM1m4Yf2kaB6I1xYOQXGGy7vf1ub8jIT4J7NxAvb-Ns8qxUI00qnh0Al6JPBBKx74eDNdW-aqvlpz1X2MWIpRdPM_59KaAivjxnrFrg8buBq5wFrxmR8KUAO_AUE689PV3fq3C8BL8MVTjhxSDYbx8N6jnfG0b7aT8Uw36ebr6oJV7C3ZMCHgE7mjRDoniM4cqVcr3O-KEuuQ3pxIt6ZHtJogFWpV-Rbw3PchWxGiAoTpn5KJ14vaKcu47Pi_OromcvTpmYpTkLquTKuiwBoHaYQ16T7xpQG211PN916Ft06lNMEOqtwyy7hYaTQS3jsivwgNoORPRJLydOB27Xc4TygfCTMymlIU-8gt4BXIU_E4bTzZ9Tkc77maf091jcWyKFkhdRuwYjVqFdKHU3gM9dIpPXuI1ydE9vtpWKU5rZRHqtkcwnKrhEmacCpgifS_QcwZiY2sCkzkWLyGt17N2TaLOFIJRlzVnv5N4qkgelDuyMfwX_7lMPSAu0URW_ka0FgzTph7MLiy6MZnKBf9mE4ZdXifz9Az4jBt-wy-nqlmQ-Rf1-srduqT9PzpzwYis1JvAPyUfVNV91fsDlZeC3-U-no--YYeuDiD43aUUDUmyaNu8-sukIQOYC-gGQ--KC4Vk2pBGjUtFYGN9B_eYO5oZap3_XNzntgwDV5VzMWHHK63j8-TTpR2E69RYANVb6rnlt7T6wXUXPREFn6qs_Ij2b0bJdZz4WNQaJTHI1WTG1oTO17rzm6fUvwfJg-eD4aG8nyBy3dVIqRry42dlw8fpPynPonROMIFJUBNIcuaBjc9nIYF1oQGOtwnLPP47WvoOiHRYLnmIfXuicxJtMLZLelHuB4pUsjahTAMvEZQ5sgRt9Tao-rPO036zsPW6tgmHnmb89xZYcRd87fmAcQCfSPxa6NO7AT0WnbDYcTZN3aOrLF_4Rco7JKQQ_ntsh8iZbiDKrvQN0e_ESAPF7HI2dUUTcf6vEz9QCsW5kUBEF6bGYzihPYGcL5fm_ygw4OG1BLD8_RRWkgLQiqeZM1SnbbB6MJemB_1Fr3P1xr-JPoiV3Tdm-bjdzdmfds5EgOsfR-loX487tF1a_lRpEBjcyDH9esoFNxldMpJWndcFuSHY7Trf6-s7gStLEUW4Bakg6FcwWD6WCnwSyu0W4v8SABv_WKpiTd8lUIHGRZmRK4xRgyZCCeBhKhMA0dvbayt6eexi4gSLFumShDB6d2NCjTY4oPIJCFSYSxzgvg0e2RlEk8Sep-2RvkOC9RXVSWTLoZ6MUjSM0arL77Twqxi5cRCFc-OZxGPY3uczav6gO6hLh7qXEfFHLH-5Jd-utshkwDbpoP2peFRQtVpzW-B97QlBVmMUSsfgPNytLbSrest80_hGTTzNjY3DEt8WGgcc_bz-Uy8Ht76UfBZbWlfCjSXQ6yGvkDGr68_3u3smc5QB9wBYmsu8eXfGXI_UL1qxUNF4kTKBldcf4UgcFvqZM9B0PhUUxyugNpDDwkRLOgFKFZBFPwFB7NZ0rX-kxUa4-1GchtCkw5UX1-BwcSwGTN2gG6VsXVaXjzaAHnEwQhzoJ4IsXv8-qOnKGcRTNlv6TrOct5bI0JKHTOwvt8SdS5S3ZEoAKo4XRiPVHcRdFDg6vQEFv6MYdiGYzPCrE87CAG1dzBPgljuPIuo7UGuUJ152KJxgOgs-Rq4ediO5Ogj6ZEEFU3RRpGVxBMmqw8RKs9NBgul0KOA5uc7oUA92OBX8sBiR4syuhRtzCCl-j0PWYSB1U941gbWjzg4JfcxPy1EX9Pjt9zubAAtBSQKu5oX8SZds-XfLJ744cuiap6v957UTT92ljGXlk_Ik03X6dq3H-tvvMkfb6E26O9EsqzbWiTYmh3MYAhswPTpbxxxsjZKv3EdZRqURU1weiG9kHhxy6Y16yckJhdKaIPIhQGileSRsuTvIi3lzVvX9ZmsRGjBoTJjeDsGfslvtZvjEpDf5Fzpw6ipaM6frOL69fcKqqrQLcUwdqCcCU33BA2-1K9Ve1c_tsX9UGg6Kjk_frXaetQwZD_a7O2SIpJrB7EC9bMOaJLYdxW4GNr7_6tS-ZPjXj6_j7bwaKQcDIlkPbzD8Ldb2smAFfRqfdJgukYnh06afxIz50Xv30o8eazw5XNhs_V5N9Av8nTCFDZ0Gy9-OK65LbAfu4G75EV6YOTavlew3w7j20Krl_iBjBR8uBIh-5BvypPWvP7O7nmPXZ0hqrYi0hDLHvJpiwLzL3fJ1BFRMyPlXEPT9anPMAMUqcCfgaDhitL4lIGM0tLAAq_zvZw3AKWnYuA7XeB9KMijFCIm-cvrv_1UQXRefNE6GukMVSd9Koqy-Gj2DYQpY5FsFceVr_KDQI13kXDRFGSEmanGw75xZjmbhjgqbEmBFsH2kCrNwxzpQcmHrGEnWPK6e0R9lLYFCSZ7ZSfsDq3tEeIkK-mIir3qcXAD5CXYTkKBZOv12dpcvm8zOtc9NVgErF987R7EvRwCOwX9FTr9yQoze4hlYVKb1OxWDruidITfge_dQJRvio6vpmDNukvkRIC9uEf2mItq8uNn5g5N-x36FvVXAfNRYBlghHuFR5OTRcnxucBdhjfigJRWgHzg-bv2wc9lN4eAuPZWk84uKeerEt82vvKdoufM9LECnrgzDUWl1jMqc-VVbLfnPLkvlUaipHT-h5IBYDJMqeQzk_Nubkdm9rpJMP7rWWx8YK3pSLzmVFwOI2y0EjUX_6tnmu_wwOOB6gXrz2tC1hOL2nO5xVp_YyKbhk6raRUT0FRuDU5nNyHmkE0Cs40LNm6sqZwkydzgVzbHw-uaOiynD5VD5Nk4D7D861QIOoerqiNPaASGtbfANXnXVLvn3Q4xpb9cPNjOi2RW6YVICVVm4Dpdr0N6wg07VptxPY3OAEPjvtIwTREBHAAUYqFLimT_Yuatr2GqU6c7UQOby1z1cbSeBT-Ah3wcyXcFgzyw411SED1yO8pdIH-CPvxrDJ0_5wpoUbGVMAqpQO2vCoq5nBo7u1BFwnXc5v3ukByV-Q0YV2N_yrAr6q64t36z2Yjucj92TaYPCn8MU3aM66fzX_f9msy0C31OyYA8KJx3XOdNIjrxkNgp_VaQni43aMG0qg&cid=CAASBORoGE0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1642467987&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987701&bpp=1&bdt=364&idt=215&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IoLysd7Zdu&p=https%3A//mkomsel.com&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4418348262364977053
s0.2mdn.net/simgad/ Frame 3E7A 151 KB
152 KB 146ms
41ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4418348262364977053?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a408a35cfa91cc9bed25af220d0747ba8a9e2733cda06ee2bcf2a4643f8f5dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 12:44:43 GMT
x-content-type-options: nosniff
age: 390105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154932
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 12:41:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Jan 2023 12:44:43 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 9369 51 KB
24 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 16:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 16:58:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 9369 354 KB
140 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 19:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143013
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 19:00:50 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/ 149 KB
53 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/reactive_library_fy2019.js?bust=31064093

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d93dcbfa68020b4988db45230a47d97b4ece90bb404733829f66224851ca6b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54129
x-xss-protection: 0
server: cafe
etag: 14273201631983859536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 14B6 2 KB
1 KB 92ms
42ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987704&bpp=1&bdt=368&idt=222&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HLVVQ1O6ZV&p=https%3A//mkomsel.com&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 01:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14B6 121 KB
37 KB 103ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 14B6 15 KB
6 KB 88ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:59:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14B6 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO2t4kxLmYaiFPMWL7_UP1-W9UMme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTkzMzM2MjM0Njg4NjU2NqAB1bbS6gPIAQmpAs7gd5C8IrM-qAMBqgTxAU_QeUCbR5SvXeRSMhjU_pcLlV-o3tdRz828v1uZYto7A5DnRLXzXYkB7jhDbxh3Wm-uUzjyA-e8xUCCWyyRNBYKU36SAVNd2OFfaPTta4BkGY9GaZM_eEBY06_RAHxzAOrNpiLfrPk32EyXfnXZRxoizsi20_T5OMmlXfA23xw7l_NrJKnFdR21i4_pIfB3ENEqCa1IYfNKFLKWqncRnpp2SzGzVKGksPEgbDnypBC52IcAIKZ5_pnmfxRAiBnS5-YZJ2VAOcEYO1YGn_llOlmQhyi1lM_Ku6KZjInRpRNra40xfhFgScgNiEut7KJYOv2ABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5MzMzNjIzNDY4ODY1NjYYAA&sigh=HHP7wv3t8FE&uach_m=[UACH]&cid=CAQSGwCNIrLMwjSBTB5plEI3trzx1SV3cMUVt4Yt7xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987704&bpp=1&bdt=368&idt=222&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HLVVQ1O6ZV&p=https%3A//mkomsel.com&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 18 Jan 2022 01:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 14B6 0
0 71ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EMz6RLAJmAKdg2ICAgAAANjdxtzNDeSEEJMS5mFx710gLhJ0wc5wVQAS&wp=YeYSkwAPAqgIu8XFAA9y19vXsVGaTLnC-Erk6g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 132348
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 84D6 217 KB
58 KB 337ms
139ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YeYSkwAPAqgIu8XFAA9y19vXsVGaTLnC-Erk6g&u=%7C%2BnNam1pS%2FNyTaZJxqcLPQ1HNA5M4z73vqmzm9OiKVGg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy0Duxw-twqt7vJGG2MF_oAqC3U4f0EZktacoe_GbXFg_j71UnsRc29DlxW0ug0lYy4PH5fx0wfVIKXXISip7Sf-Oo-NvdvfLcZyuQgB7ZMKpWjFxK2EEK13acNPNIK70vBItCzEiFawAlTGyxrAAvu1EX-lY45A94QRb-I5wvGJKV7YyhF3w80TW04_Zwz3nLx2WV93L1HdsM7y0H_1jhqe4RqtxL0re2bgfnbyd8nSn4b54PqYSI-Qid2imw_lhIUp4g95WTaD1MGTnIVmpQKSOJ7HCoBuTxMB_trgPNkRoo-nTzjiSUqz5Ho5EVhWlZuYUYr937GickZ4gNzQH4RNrAbDXbgqILYyy19EnuZLxnIYZj0UeGHhlf6wMXg6GWWyCQbSdsj1v&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOoCOkxLmYaiFPMWL7_UP1-W9UMme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTkzMzM2MjM0Njg4NjU2NqAB1bbS6gPIAQmpAs7gd5C8IrM-qAMBqgT0AU_QeUCbR5SvXeRSMhjU_pcLlV-o3tdRz828v1uZYto7A5DnRLXzXYkB7jhDbxh3Wm-uUzjyA-e8xUCCWyyRNBYKU36SAVNd2OFfaPTta4BkGY9GaZM_eEBY06_RAHxzAOrNpiLfrPk32EyXfnXZRxoizsi20_T5OMmlXfA23xw7l_NrJKnFdR21i4_pIfB3ENEqCa1IYfNKFLKWqncRnpp2SzGzVKGksPEgbDnypBC52IcAIKZ5_pnmfxRAiBnS5-YZJ2VAOcEYO1YG3ftEqN4fGzsKCNtpa58_dIDFr6VhRZWzytld7zqylme1aQjcKUIh-K2ABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hEKwVsB4vrMtdBvoMiuJbjNyaRQ%26client%3Dca-pub-5933362346886566%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

22c9b9e4cb1a0017f2568ac9beb42b8ab00da5d97ed8ecabd78da08e7634d25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 18 Jan 2022 01:06:27 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uOm0_nz7RqSHrhAioog6meh5Y1ouoSQ5hogZbC47a57KXxp9C4Jb2Ourpjd4S7hwEbM4tcL9Se7w2-m7C2ivXAadT6uFJsIFt2x0f-K6CKVY5CqfY4qK9_tYAHr862yE3_0GsReWGsydfSmYvcBt85Dnn_urBj0SB-Bnwm12eW2_xVItPx7bMfl0MPdONn1c8SgEGbKVjhekzrOrirxNxMMmLhwfcSyR760D8iChrvBnLOSPI3QevDVq2v4_l4nt8-XaZQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 122895439
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 97ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 94ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame 5881 11 KB
5 KB 39ms
36ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Mon, 17 Jan 2022 02:57:35 GMT
expires: Mon, 31 Jan 2022 02:57:35 GMT
cache-control: public, max-age=1209600
age: 79733
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame 2A21 11 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Mon, 17 Jan 2022 02:57:35 GMT
expires: Mon, 31 Jan 2022 02:57:35 GMT
cache-control: public, max-age=1209600
age: 79733
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3E7A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9007ff013baf5f4b718f18124f9035c1ee7d68be96148c4b9addf71d186bd2dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3E7A 15 KB
15 KB 83ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:54:06 GMT
x-content-type-options: nosniff
age: 515542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 01:54:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3E7A 16 KB
16 KB 51ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 502390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 05:33:18 GMT

GET
DATA 200
OK truncated
/ Frame 14B6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3828f3d7cb00b2f5b9cf7699c87e2303dadb4dd1d432b2be24a5c8a3ebb1a440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 5881 4 KB
634 B 95ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 00:50:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 01:06:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5881 205 B
229 B 36ms
36ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:34:48 GMT
x-content-type-options: nosniff
age: 9100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 17 Jan 2023 22:34:48 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5881 604 B
628 B 37ms
36ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 23:33:35 GMT
x-content-type-options: nosniff
age: 5573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 17 Jan 2023 23:33:35 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 5881 18 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8089
x-xss-protection: 0
server: cafe
etag: 17106604058346595485
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:40:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A21 0
0 188ms
86ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYEiv-UY7YdPSVeooP8hEXpjVE552vOmRmaU8v4qWRPv5XcVVcGKT90p4MwhpZ8crgL5G0wfFOg2VQGXrWCZb-43Ha8Zp1RAwOWVsoHcQMHxN2fVCKWGkjuObtWbcflvfSNAshnpNWlxN8nUxQEfX0Y7leTEYFv7QPgLUUUyTthGM5OL7h77hFsZ60hWnuVKVnf7ck6JcC2uOmu1ohsk7pQ650EsErdL0uxZOGLkQ8ZG6F5hHJRZKY18AZWJb2-KD9RxZJ6C1P6M3geVsMhDRUJ8p4KbovILfwHt8oB9C-_tjNhyY4cusP86RLkwWUf7QHFL662IEPo_fBdC6UAmVPkErCn7BVffYpoimkuZR2cUQJAQdoU_rZjA3E4ZjcuMoyy4bO3s_YIA_xvCZ6Y_5P01Y1_9VpIW5_48c_OhBqfpOs2CodA5_OzxEjTo9MqoylQJPJQOnN0ViYwHxXn7T2-eTWW-wI14gt8EPS9hOtnXHw1vcjEG3vdQm-nxsRAhCJ_L8jDkCiZV1mwltgYr5Q6cKbzw2XFIyYFRHykaVxjM1j4IJielY-zlFketTgTNutp2ZMyiOkOOrfe5onUHLuogp1ZkTqq1ANvOfROvYGcN6H4LsCbhU1PKGU_yd7ISohYjRL0GJCPCMW3M4Kh-3UKddIOhnyQ8fESnu6n9V7IUqOqbb3cX6XyAgPElAQdmOuShDFI5-pgU1YWAnXtObZk1Y8i1EZTTWzj5Az-do0rZLFaOkjnD9HDAUSwrDuume1n6En4aIIVnQR-Lckoi0F_t-LnUhx6OVVNDIqxMnudk1Ur6zEg5OqaOgMxdXnkooztSxURY5CiujTNSPUkQ_dB_AKEktsOX_ZDW58As1pxo6fvwJ70dXu8AcMAOJKG3HWNLG2TYZcfH0y5RK9AuxWSWIUf6LFeEfMsrfCVpJSVrMR9sC6BvyeYlFyrrhh8-7_ntGrHeCgFCUXkX4tuixyMu7jXBgnQu_-qeG-WQvki7rH4vCNPqoEXuGGzu_DPueig1CFEZHvtBnFud61&sai=AMfl-YQnbO0WeuWd1HQbcoqoZ5lgQv37rY4K46Vh9l-WwwrZr5O9oBy20vWg0g&sig=Cg0ArKJSzOeRTH7lrsE2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 18 Jan 2022 01:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A21 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jan 2023 15:19:13 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2A21 32 KB
13 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b770f7ca4e0add0192ef0e6b3af06258a99453263ec73bb08d8f57bdcd2a138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13123
x-xss-protection: 0
server: cafe
etag: 1047769457888903897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:27:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2A21 2 KB
1 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 01:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A21 121 KB
37 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2A21 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:59:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 2A21 19 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:52:16 GMT

GET
H3 200 15177733444999739628
s0.2mdn.net/simgad/ Frame 2A21 20 KB
20 KB 88ms
41ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15177733444999739628

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e325cfc20f5bab19ea97a13404d1237cf2ff992a8d8ad6394caf81d9e6b627c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 18:00:45 GMT
x-content-type-options: nosniff
age: 25543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20670
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 Jan 2023 18:00:45 GMT

GET
H3 200 11167617244392488680
tpc.googlesyndication.com/simgad/ Frame C203 38 KB
38 KB 72ms
71ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11167617244392488680?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn4k5pbo6AINsV_viubarBxNATqLw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf2a570fe1c9e610caf179afb1468249a2f3c2f4875334a23820784d58652569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:50:37 GMT
x-content-type-options: nosniff
age: 562551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38726
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 02:51:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Jan 2023 12:50:37 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame C203 19 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:52:16 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame C203 2 KB
1 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 01:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C203 121 KB
37 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame C203 15 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:59:34 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame C203 27 KB
11 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 19:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11395
x-xss-protection: 0
server: cafe
etag: 13428216562775282503
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 19:22:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C203 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgx07kxLmYbv7O4Pf7_UPro6wmAGj4NHnZ9yW35_FDqmplYKXDhABIOyqmkRgleKQgqAHoAGs8ri_AcgBAqkC06goPUDPDD6oAwHIA8kEqgSIAk_QqbsQ4IdCXOELhB0hXpJVNW48E-oGJcFhiBbHz-rN-Pa5NFvIJW1UiLMJtA_phosP0LB_ahfbI2jEq_Xmd6qEQfRNkZCJqm3GNmuCA-felrVPr6pguuJQQCZNAjbGdRndzPB14AvGrwEa9_N6UrC3ZBIGyEOXT1dj55QcXM6zHXCakiPtT3ByifTGGEZQ8nkjMJD6b6FUeUKPAoKbe5bXsaT6r72qY0Egz0t141nQ9IqLVxZjZKVFdv2oZn16rfklnhWNaf7x2Zm3aSrgQO42FRH5b1ilGPxqyjiDjoJqAmdbLMYfiYnYJ65Nd2RBlGqYRaQjGW23W2uAmCAdJ6ziMmua0qzNJsAEl53BrOIDkgUECAQYAZIFBAgFGASgBgKAB7yNx8ACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ0tQW0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU5MzMzNjIzNDY4ODY1NjYYAA&sigh=D84k1ItLDog&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 18 Jan 2022 01:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A21 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c2a2552be8e933097c03d3bddb1cf9752fa49318e1f67050186c6b60190a65f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06F9 143 B
163 B 36ms
36ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 18 Jan 2022 01:02:43 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F94D 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 14 Jan 2022 15:19:21 GMT
expires: Sat, 14 Jan 2023 15:19:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 294427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C203 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65beaff4d49424a906eae4e21647850ee918aeb7c941b56667633b4e2e0105cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8171 3 KB
579 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 00:44:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 01:06:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8171 1 KB
878 B 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:30:15 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 8171 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:52:16 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8171 2 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 01:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8171 121 KB
37 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 01:06:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8171 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:59:34 GMT

GET
H3 200 b08052bb948632636d2eb594b39baf17.js Show response
www.gstatic.com/mysidia/ Frame 8171 27 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11476
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 08:34:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 15:07:41 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 48ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YeYSkwAPAqgIu8XFAA9y19vXsVGaTLnC-Erk6g&u=%7C%2BnNam1pS%2FNyTaZJxqcLPQ1HNA5M4z73vqmzm9OiKVGg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy0Duxw-twqt7vJGG2MF_oAqC3U4f0EZktacoe_GbXFg_j71UnsRc29DlxW0ug0lYy4PH5fx0wfVIKXXISip7Sf-Oo-NvdvfLcZyuQgB7ZMKpWjFxK2EEK13acNPNIK70vBItCzEiFawAlTGyxrAAvu1EX-lY45A94QRb-I5wvGJKV7YyhF3w80TW04_Zwz3nLx2WV93L1HdsM7y0H_1jhqe4RqtxL0re2bgfnbyd8nSn4b54PqYSI-Qid2imw_lhIUp4g95WTaD1MGTnIVmpQKSOJ7HCoBuTxMB_trgPNkRoo-nTzjiSUqz5Ho5EVhWlZuYUYr937GickZ4gNzQH4RNrAbDXbgqILYyy19EnuZLxnIYZj0UeGHhlf6wMXg6GWWyCQbSdsj1v&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOoCOkxLmYaiFPMWL7_UP1-W9UMme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTkzMzM2MjM0Njg4NjU2NqAB1bbS6gPIAQmpAs7gd5C8IrM-qAMBqgT0AU_QeUCbR5SvXeRSMhjU_pcLlV-o3tdRz828v1uZYto7A5DnRLXzXYkB7jhDbxh3Wm-uUzjyA-e8xUCCWyyRNBYKU36SAVNd2OFfaPTta4BkGY9GaZM_eEBY06_RAHxzAOrNpiLfrPk32EyXfnXZRxoizsi20_T5OMmlXfA23xw7l_NrJKnFdR21i4_pIfB3ENEqCa1IYfNKFLKWqncRnpp2SzGzVKGksPEgbDnypBC52IcAIKZ5_pnmfxRAiBnS5-YZJ2VAOcEYO1YG3ftEqN4fGzsKCNtpa58_dIDFr6VhRZWzytld7zqylme1aQjcKUIh-K2ABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hEKwVsB4vrMtdBvoMiuJbjNyaRQ%26client%3Dca-pub-5933362346886566%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 47ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 84D6 308 B
636 B 42ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 84D6 507 B
835 B 43ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 84D6 0
462 B 218ms
158ms Image
text/plain 2600:9000:223c:ca00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1642467988
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YeYSkwAPAqgIu8XFAA9y19vXsVGaTLnC-Erk6g&u=%7C%2BnNam1pS%2FNyTaZJxqcLPQ1HNA5M4z73vqmzm9OiKVGg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy0Duxw-twqt7vJGG2MF_oAqC3U4f0EZktacoe_GbXFg_j71UnsRc29DlxW0ug0lYy4PH5fx0wfVIKXXISip7Sf-Oo-NvdvfLcZyuQgB7ZMKpWjFxK2EEK13acNPNIK70vBItCzEiFawAlTGyxrAAvu1EX-lY45A94QRb-I5wvGJKV7YyhF3w80TW04_Zwz3nLx2WV93L1HdsM7y0H_1jhqe4RqtxL0re2bgfnbyd8nSn4b54PqYSI-Qid2imw_lhIUp4g95WTaD1MGTnIVmpQKSOJ7HCoBuTxMB_trgPNkRoo-nTzjiSUqz5Ho5EVhWlZuYUYr937GickZ4gNzQH4RNrAbDXbgqILYyy19EnuZLxnIYZj0UeGHhlf6wMXg6GWWyCQbSdsj1v&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOoCOkxLmYaiFPMWL7_UP1-W9UMme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTkzMzM2MjM0Njg4NjU2NqAB1bbS6gPIAQmpAs7gd5C8IrM-qAMBqgT0AU_QeUCbR5SvXeRSMhjU_pcLlV-o3tdRz828v1uZYto7A5DnRLXzXYkB7jhDbxh3Wm-uUzjyA-e8xUCCWyyRNBYKU36SAVNd2OFfaPTta4BkGY9GaZM_eEBY06_RAHxzAOrNpiLfrPk32EyXfnXZRxoizsi20_T5OMmlXfA23xw7l_NrJKnFdR21i4_pIfB3ENEqCa1IYfNKFLKWqncRnpp2SzGzVKGksPEgbDnypBC52IcAIKZ5_pnmfxRAiBnS5-YZJ2VAOcEYO1YG3ftEqN4fGzsKCNtpa58_dIDFr6VhRZWzytld7zqylme1aQjcKUIh-K2ABtSgisukm6ijbKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hEKwVsB4vrMtdBvoMiuJbjNyaRQ%26client%3Dca-pub-5933362346886566%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ca00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:28 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 1gJzIfpLoGbZ76n_dCIEK4DVCLLpz-0mh5X8T1pTC5NOQ3Sg8AuTIw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 84D6 43 B
347 B 288ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=uUAeLqIgar3PdS5R9BM-mVDRxQVuPIRXbaQBOIZ4pOmA3kwUNPgP5pUEIg2TuD2C3nPjwrCINFa-so0v1ZQgC8PQsGj73ft5kQWvYg-bf2S6pEQneDr-drMogr4Nm6Sd3xDGX-mwiaWd5wj-gDr3NKuT0xrP0n3tfwxQtREwX7F7APSdlwhj9Ag2AA00EJQtlg89JHD6vi5TlgBiwhDw8eYoGYfkFWBqB4ApWcYW-0B71xhrD5WvipWmekOWD2Hsk5evzmGbQEgyLsx1dw85-ec1PixEKVEawOURve0OfWfS5bosZQE8k9meYhrvrscL7kgXSLx2jHoK40V-BFTz62qWYPxddwVGTpyvAzGMEn7WnwTCmcj3rNojZPxCgpVBKeEpEspx7w6gDNgbY3e9ZJ-NUSJSKUA9efiQwu3MGAlQ9RhIRRnmb5tyLR3RCINRCvbmtA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:28 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2993006
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D718 143 B
163 B 36ms
36ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 18 Jan 2022 01:02:43 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06F9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 18 Jan 2022 01:06:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 01:06:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 18 Jan 2022 01:06:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A64 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1642467987&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642467987703&bpp=1&bdt=366&idt=218&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=1153041639742&frm=20&pv=1&ga_vid=802485236.1642467988&ga_sid=1642467988&ga_hid=1753114849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31064093&oid=2&pvsid=1521035219489479&pem=281&tmod=625&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fsgI7xJcPr&p=https%3A//mkomsel.com&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame F94D 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 84D6 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 5 KB
5 KB 126ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=cv-0XWAuCUcnqwngfrtP0s7A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:33:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 556379
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=29073045
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 5106
expires: Wed, 14 Dec 2022 02:24:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 3 KB
3 KB 140ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoCaritasverband-fur-die-Diozese-Limburg-e-V-109141DE.gif%3Feb%3D1&v=3&w=800&s=_B-8C4GTpwx8YVLCZ1khPNmH&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

944585003819bc679b3343e2faf4edbe539322a662f8e6564db5b3e66b152b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 19:43:19 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 364989
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=2253872
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 3076
expires: Tue, 08 Feb 2022 21:47:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 6 KB
7 KB 140ms
29ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoBMW-Group-27361DE-2101221525.gif%3Feb%3D1&v=3&w=800&s=MsH_5I1fgPst-J4Jpa9CEsh7&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f8de8ee65552be2f01a67a6dc47020a4a132e9bfe4b8eb02143d89fb2df08241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:05:16 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 72
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=2259
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 6422
expires: Mon, 17 Jan 2022 17:38:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 5 KB
5 KB 140ms
28ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=800&s=yNtVSyMvGQ7vNe6i3CJi6U6k&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 15
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=3040
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 4833
expires: Mon, 17 Jan 2022 17:49:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 2 KB
2 KB 140ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoSchlosshotel-Kronberg--Hotel-Frankfurt-265536DE-2105211026.gif%3Feb%3D1&v=3&w=800&s=EZ1zyYVjY0QnRbgDC6W6-5-4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5d0ca3d973d773325cf298a7aa6450a03c769a758a541143b635ceee40508175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:04:33 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 565314
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=952619
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1688
expires: Sat, 22 Jan 2022 12:41:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 2 KB
2 KB 140ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHYDAC-International-1570DE.gif%3Feb%3D1&v=3&w=800&s=znMivPSQTkpXJavQ1yo34C_C&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3ccdc1db5cba814ea2736fc06e3a6a94945ec8b7db7318fe913c3daed9dd612e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:02:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 239
vary: Origin
x-cache: hit graced cached
content-type: image/webp
cache-control: public, max-age=2180
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1868
expires: Tue, 18 Jan 2022 00:44:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 2 KB
2 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FK%2FlogoKPMG-AG-Wirtschaftsprufungsgesellschaft-Berlin-8038DE.gif%3Feb%3D1&v=3&w=800&s=qLQ5dbqX_hSP7QpkzwsM5roO&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ed7e36bbfdc81471c0197939b78fee25d2237d860623cb1d5f146ff1e6b984d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:03:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 180
vary: Origin
x-cache: hit graced cached
content-type: image/webp
cache-control: public, max-age=113
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 2120
expires: Wed, 12 Jan 2022 03:01:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 2 KB
2 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoMARITIM-Airport-Hotel-Hannover-264032DE-2105071139.gif%3Feb%3D1&v=3&w=800&s=frrqlyOZ-LCRDX_FqRcgE1JQ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ac237d570be225be2f925a43ee6e5dfd0e24700c2fdbf266df27cf139a1e6257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:59:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 435
vary: Origin
x-cache: hit graced cached
content-type: image/webp
cache-control: public, max-age=159
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 2182
expires: Tue, 18 Jan 2022 00:18:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 1 KB
2 KB 21ms
20ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEAM-GmbH-Co-KG-154639DE.gif%3Feb%3D1&v=3&w=800&s=PFujZLChvsIUbNU_GZ9tHFr2&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c18ac20103ef9806e6d124cb3b9a61f50d76feb8cae3aaec91feb175aa5cde2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:17:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 2937
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=3599
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1500
expires: Tue, 18 Jan 2022 01:17:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 2 KB
2 KB 17ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2Flogoe-solutions-GmbH-72769DE-2003131615.gif%3Feb%3D1&v=3&w=800&s=X6ELytRjrSsHFJXwJCgKtjFU&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b5803fae76d88776907f61b452ba6932344d241463f3caa4254ac021276c0fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 22:28:17 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 95891
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=2574334
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1984
expires: Tue, 15 Feb 2022 17:33:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 6 KB
6 KB 20ms
20ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoSchwarz-Dienstleistungen-152212DE-2011091542.gif%3Feb%3D1&v=3&w=800&s=ry51IsDNdpjZUp0hyK1LTNz4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9df96b8c5459598bf0fe9757f6bb7ead77be97ab5099f97e3a8f2bbb84b68762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:12:51 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 561217
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=964330
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 6270
expires: Sat, 22 Jan 2022 17:05:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 84D6 333 B
648 B 17ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoJOST-Werke-Deutschland-GmbH-42200DE-2012111149.gif%3Feb%3D1&v=3&w=800&s=Dun2yXFITIQibxjttJJAJ0lx&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d74537d5b6661cff4a11859968627411f462aa83c818600c1965e3896039da25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:06:16 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 565212
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=1944856
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 333
expires: Thu, 03 Feb 2022 00:20:33 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 84D6 0
127 B 323ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=uOm0_nz7RqSHrhAioog6meh5Y1ouoSQ5hogZbC47a57KXxp9C4Jb2Ourpjd4S7hwEbM4tcL9Se7w2-m7C2ivXAadT6uFJsIFt2x0f-K6CKVY5CqfY4qK9_tYAHr862yE3_0GsReWGsydfSmYvcBt85Dnn_urBj0SB-Bnwm12eW2_xVItPx7bMfl0MPdONn1c8SgEGbKVjhekzrOrirxNxMMmLhwfcSyR760D8iChrvBnLOSPI3QevDVq2v4_l4nt8-XaZQ&sds=2&rev=80076.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 01:06:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:06:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D718
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

61ms
61ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 18 Jan 2022 01:06:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 01:06:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 18 Jan 2022 01:06:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7ADB 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F94D 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BttL-kxLmYbyBPLiK9u8P78aSyAEAAAAAOAHgBAI&bg=!kJOlk9fNAAaocxMpqHM7ACkAdvg8Wn1N4FEZexid0gSkyaO0avuq-astdJvJS8EKAWmSaFdtviBsDwIAAACNUgAAAAJoAQeZAvp6qXka4AwyMYBwXpQhgIsT8JmO1Bae3A3BFFWsPOdq-E-UlbEUGyEVfTetiz49IQhUiccznQjXlHwZSDJkr9R9jfYCwY_gyNBMCePVhPsyw-ug7AiFnZNeQ5e6EWwb8rkaY6j3IKTf22Gjchakm6R9OyG5HUeX6K2vbOm1hB2px14RpO_25UzvFVFG7hMIibVn3lzsgJrTFoPKFclWmaVQhDruNhx3tPCEdiV-X5vLbJgg4hX__CuOO6Txx-h1uKSoCgJZlKPC9Scienk9kfYV93_qu6ZzGwowNv7ncs3lRngPYhhf4ddd4pgTDPYeanf09_gk0x6ZgfyG9GmPyTFldjgHCExx0UH8hWtCRlbVny2rss6lt4nHU9GN023F6Bqk88ak_opXsLffTaM4AO9P5Dk9NwPhgXUAf5y_JVJmLu7mh5EPqQK_p_jju6X1Rxq0u0sorgWlBkj6IkJT1Z6xBOW8ZAJko2CyHiqK3lbuoysg7dKtUAC9b0VujLS8DdElrKqYAGNmU-kJD0kfPoUHgFBEu9sJmIXfJZjzjchN4tHsU6bbVSwjVKxxnpQ6zR4lJ4LoXX0GyweoF0aVJDhLQHWUCUp70q3qDyH5bhlWcoI4JIyaJKsCsb-bLg8JKAUmnN2s3pGHsbw6Fr1LgB1pa6NUqmncvQDSX2FF0rpz7LU3kkm7WBLcwBAD5Yn71-GpDsF_ubx-lWaNL6vS6In91fa9oAVxIbG6xzUzjIKV-W8J5L5NZZA8zewNwtOTfwM6B2m_6lNjnf-JnxP9r-WrNoO-Dv8DyxGil1Q-ft6q2Z6ZgdgYsQDQFcmuymU5SIYLPCvIbUFDsVKXuIbcZZsYzDkGLmZ5lsQwxcwVvHG9UJsqAxnTLhQ6RAA5dzohwavf1_k5t_sM5SpLcHj35WFDmtirTprqwN5E3pGk4kDsbC7OASZvcoco9Rxs7nBcoui3PHrvVG79yk99zcwCIZMqfyYb66RQ73ajHirXmzokS_20m3Dk4oZb_NM

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/Ol1kFRlUjNlLeAs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 1757
Redirect Chain

https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%...
https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkom...
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkom...

139 KB
32 KB

267ms
267ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fb438dbf705a78bbd6ee4457ef20ce19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f7b8ee9d99b67ae02cf3eb6818133ffff269c3216c416113b1c8bea826bd3d0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: lI4w7zkRqhhGeSg0h42SoRiw92JYywokqPR8WyNFFOZi+wRMxE2APPPTlysUdCEpvMCkl/XRlef7PtI9sV0BYQ==
date: Tue, 18 Jan 2022 01:06:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: YpGVsTczZKz7rYQ36wL0O0pQ+b7UpGsLYoU0fqMftvfgrEZr2EbVakPZkkv6oC4Zt62QBcHSDhqD2APlzYKtuQ==
content-length: 0
date: Tue, 18 Jan 2022 01:06:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 99ms
51ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2416b42da180343f718ab87b26ef9e93d564ec6448030b501db952747a6864af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8713
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 01:06:29 GMT

POST
H2 200 result Show response
mkomsel.com/cdn-cgi/challenge-platform/h/b/cv/ 2 B
608 B 342ms
40ms XHR
text/plain 2606:4700:e4::ac40:a423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/cv/result?req_id=6cf3ebb3df7d4401
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mkomsel.com/download/Ol1kFRlUjNlLeAs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7jESsxmRgDzBcXZBt1YnYC2njhJPB5fY2PZKUcgLVuGh0Y1yqRv2Xyc%2Bxtm%2BMda4vAHuVQwKPf7g3S1TZNWMsmyu7wRNde5TdL1I261Djg%2FRtuu%2Fpfp%2FKdI6yydNtlB3J3PucV1uZbTBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 6cf3ebc86e874401-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC19 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Jan 2022 00:52:21 GMT
expires: Wed, 18 Jan 2023 00:52:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4433 783 B
534 B 50ms
49ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aab9ea676b63597f66c9b8be1e5a1c7a32277e132c9d97e66503ac0cf24cb6c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A4tt4gxB3qH1dnvg1GbEsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 18 Jan 2022 01:06:29 GMT
date: Tue, 18 Jan 2022 01:06:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-A4tt4gxB3qH1dnvg1GbEsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 FEDQ4UvMNtg.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame 1757 748 B
745 B 10ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/FEDQ4UvMNtg.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6419fcc49cca43fe210d31f1f1d3985a141bbb4f021fdf865034ff564783181

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SpU74utwVmiyiyzAwsiZdA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: 6mVKOrm//J3lqi6FZTwXhljBsDhbbdDDsp29UbgJF4iQGN+8/f5gUqjD1mGltbY+e8DKERh1mpBM4D0v4QustQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 15 Jan 2023 17:41:22 GMT

GET
H2 200 djv5WIIxXK8.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/ Frame 1757 125 KB
20 KB 9ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/djv5WIIxXK8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34397260b8bbf46c8ec0cbea9232f22c1a3582912398fc54e7d5419b49f986b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2wK901UtqVAvcQ0pvuBDXA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20403
x-fb-rlafr: 0
x-fb-debug: xMGhdbgEf1mgWkQWk2glYEfYVgJSMFMyLmyPbEsd0CzRa+OOnj0nQmruEh2vHD4IEpDfwnEux7qHFzbmPXpfuw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 20:08:53 GMT

GET
H2 200 s8GJzAB5Zn3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1757 307 KB
83 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50c6fe147f314037c91162d843433a0d305348b76db2280c2bedf6c0eb54ee0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PNumDbg6UcNs8x9N3V8tOw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84352
x-fb-rlafr: 0
x-fb-debug: D3/eKTpIwfoHrkW4SES99x5NXl39vE8cQfWrmfFPgrVlhfu5tjsxOw1HMZLZWy9/ModI4bOiIisGQlsDxHUgwg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 21:39:29 GMT

GET
H2 200 WNBH2SworhH.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yX/l/en_US/ Frame 1757 157 KB
44 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yX/l/en_US/WNBH2SworhH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

380253487ad21cd9ccb2305523b38743b96c87b65058b7d6822ade7e267bbb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OLXID8lOedVfA9KUAnkupg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 44640
x-fb-rlafr: 0
x-fb-debug: giVJq68bjHixGaz0/yTXmUU5aPAcvq2USXpiAE8TRat7sup/DLzC3Ug/IfgQGbjAB7oEqT9GBqNNYoL8e25jKg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:47:08 GMT

GET
H2 200 OoKfJOkDeyt.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yH/l/en_US/ Frame 1757 1 MB
332 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yH/l/en_US/OoKfJOkDeyt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44cc9853d6b580ac37debbb7f588d141a28c10d42a5ea6d7af640cd136e57af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dzwljQcaOp38TZs0INbk8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 339205
x-fb-rlafr: 0
x-fb-debug: Apr8OBaJRCDDe9sIV2/p8vkgvTYLD/J/Q1CmuEArC/DpHgcaDiuBU3seTDsrW0CGsU4/5L43nkrOmuLc+OV5ZQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 15 Jan 2023 04:54:18 GMT

GET
H2 200 RICrecDQjt5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 1757 26 KB
8 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2442d64a8a90cf982824a1dca7e8a1fb1d343ee500285b4e7a29c0dc560a486b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Bn3zKyb+/fDiXbzfDYRQZA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 8491
x-fb-rlafr: 0
x-fb-debug: 0lIUiJS5bomNlqwFhJ705RS013lXUy1+O33iga3cmf2B28SJksKmgqx3wbQVpYF2PRwesxbnPPmCmIv0g7/BLw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 04 Jan 2023 19:40:48 GMT

GET
H2 200 MizIeGQyzmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/y7/l/en_US/ Frame 1757 39 KB
12 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/y7/l/en_US/MizIeGQyzmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ec0d76653ac2d2a096be8a3c100a24a9a395a346ea59b77cedb7e9592f2c461

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 90pRQOVA+uSGzaWEzfgNng==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11733
x-fb-rlafr: 0
x-fb-debug: RHodhdA+PIdzdbnsj8fLjtanmx1OeYiBEWzR5adiYHklCEkAuQj/+pr2TEsZcs0e+0hK95XDNQg08hRFL5cUQA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:47:08 GMT

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame FC19 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4433 0
0 48ms
48ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=1521035219489479&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1757 251 KB
251 KB 19ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/djv5WIIxXK8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/djv5WIIxXK8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: NStnZoS+E2l2tAqe/HRiVguVm6q59Ky4tPSGWojxD1+2Tx/U4lbDe4aLep81Xxxr7/gPj+gN9iq18rLYlXSX1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 Jan 2023 18:04:47 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 1757 1 KB
1 KB 10ms
7ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: uHCO/VthgQ/l6FXBDKp1zhpTzZsJaxMz5+tNcm+C5PuIXx6Sflry3mTAzJDPtFfm8PeppbFdfgafCv7HNSMcFA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 16 Jan 2023 01:46:13 GMT

GET
H2 200 255929967_184418867226768_7746137615137018539_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/cp0/p48x48/ Frame 1757 1 KB
2 KB 208ms
141ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/cp0/p48x48/255929967_184418867226768_7746137615137018539_n.jpg?_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=OYE3EtwpfJkAX-X4zFC&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT9JQNZknnvtPYWINPUg27bGdM_nshBF0-v2FHmQGaWPvg&oe=61EA12ED
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d92cf52fb1e13f567e5df9a14c919bef6615d1fdb3ab2f586e1f7160492fc1c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 964154265
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Thu, 18 Nov 2021 13:01:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3110578832
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 9A0WUvL4bHDDBsz3Pljo8JMiBZ7olXVB1BmaX5QM7sadnAEwWnoxtbXMESDLdQ7YJtxceR5ZKs9bNvK3phVv2A
cross-origin-resource-policy: cross-origin
x-needle-checksum: 571484833
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1384

GET
H2 200 156125248_913495659412716_1632455233323926953_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t1.6435-1/cp0/p48x48/ Frame 1757 1 KB
2 KB 133ms
66ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t1.6435-1/cp0/p48x48/156125248_913495659412716_1632455233323926953_n.jpg?_nc_cat=100&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=k4V3f5Wid-cAX-4u8oN&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT8nV8On-JdX3dQ71xe2lFRB2gSTxbH4X3r_ID6jfeBzWw&oe=620CE3ED
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 097c33a31a5b35eb6e7d288e45a24fc7953d8b0d3b3a51fa79560403d5c8da50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1412724133
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Fri, 05 Mar 2021 10:57:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2267988473
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: BVZ2VPntnrdN0lp4VxD189hoouCRTO-idSPv4jo5OiwEwFcJ0CJ5Egs4BRBFBFvilGzXbpLZttII4YJhjZl_JA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2071920002
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1442

GET
H2 200 84241059_189132118950875_4138507100605120512_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t1.30497-1/cp0/c14.0.48.48a/p48x48/ Frame 1757 943 B
1 KB 95ms
28ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t1.30497-1/cp0/c14.0.48.48a/p48x48/84241059_189132118950875_4138507100605120512_n.jpg?_nc_cat=1&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=iS8jF9WD2g0AX_--EPo&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT_q9fqKi5_YQ7bb3BEy4novUpPdBz3znii4tmoYn9LbAw&oe=620BA5A6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 2005931516
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Thu, 30 Jan 2020 18:41:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3648183006
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3771084146
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 943

GET
H2 200 106675190_177243393763936_913258515803173098_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/cp0/p48x48/ Frame 1757 1 KB
2 KB 132ms
65ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/cp0/p48x48/106675190_177243393763936_913258515803173098_n.jpg?_nc_cat=101&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=mmZeQkec320AX8isbVe&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9wv7FETTbuaAHKwFlxTQ_s60abWh-cjUHGgI9ytgGljQ&oe=620CD447
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f807cdb6f41332d845735747b86fed1ca0b9f00bbdddc8301417f49633e8443c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 656074334
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Mon, 06 Jul 2020 01:24:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3620104822
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: GdPBIY_syGa_v9Ln0RRHfPhEYJyBSS2mvCse5_90RIJIwqzbGoH6JuUg9Lr8Utt3mt3xdZVRYdqD010dIhktNA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3290070754
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1237

GET
H2 200 249921544_891958671694451_2872198997045782328_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/cp0/p48x48/ Frame 1757 1 KB
1 KB 195ms
129ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/cp0/p48x48/249921544_891958671694451_2872198997045782328_n.jpg?_nc_cat=102&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=fCY7mlcKVWEAX_xcxbc&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT89TGBjGqQyrHt9ZoxkZ5Qvq5kyaedQH1Db1vs7wlhwJQ&oe=61EA10E3
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4878f6631e5c5cb13a0a8f99c7181ad0c0495ebf5bb63c344c6a8885def5fddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 3866972652
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Fri, 29 Oct 2021 00:52:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2294650270
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: bMMHXOceBxJ80AamLB4S5NLEFM5cIAq7EzoUWjFH3vEI4jZRy1s4O8QWBbam9rMf53fHMllUFM2CUn_vv4Fw8Q
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2860114542
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1319

GET
H2 200 257728427_431001531917325_3807240920616450677_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/cp0/p48x48/ Frame 1757 2 KB
2 KB 223ms
157ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/cp0/p48x48/257728427_431001531917325_3807240920616450677_n.jpg?_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=kseY2nplFosAX93yyZc&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT8dMqzoDczETqe9LrfcRiCAqknhlR2gMuy5_wXlXgnAqg&oe=61EBD3FC
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e05296833494cfa1aba100e2f39ff75e18b1983f8fc4ed92f5a60442a28d78f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1203087357
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Sat, 20 Nov 2021 00:50:38 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2504421130
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 7GlJRnefxglvFqGyXNuIgvK-S-eGFkahJUKIArugrcS8nn3NuB_Y5gnC62S9juCrt_o-7q-MQ7KehRiz9n2cwQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3020005689
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1720

GET
H2 200 140849212_724063961834161_2518759626755457154_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/cp0/c0.2.48.48a/p48x48/ Frame 1757 1 KB
1 KB 131ms
65ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/cp0/c0.2.48.48a/p48x48/140849212_724063961834161_2518759626755457154_n.jpg?_nc_cat=109&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=nlKH_QMa3XkAX8XqLjn&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_RyMGlWhhUaXqU3qBJwUGbgxDt1zuWYogahG-Cg2g8Gg&oe=620CCCAB
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a1fa4a34e96a8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff2bc1e51ef5f318%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FOl1kFRlUjNlLeAs&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 573ea49a32d34b2b31edc09e059017396edc9d54d8918277040095d16c149beb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1876271042
date: Tue, 18 Jan 2022 01:06:29 GMT
x-fb-trip-id: 1904183273
last-modified: Sat, 23 Jan 2021 13:10:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1353271853
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: Sm6RZWUa_qJkvp_hX1qTTdOzgZHeFjNNEErzcdE-_ZbcsDRtuDoME7TCB8EdUeKX61gS5S_HlbmIzD8S0gwQAg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3679318389
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1177

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 14B6 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoQNs0xLuNmA-kEuAB1S2q7hftJ7vOUjKVKFQaVJTMOx7drrfvFJvS1U5RR_h5jpc2XUwul3G5vSumD7rIXF-t&sig=Cg0ArKJSzC3IPEcT5N67EAE&id=lidar2&mcvt=1082&p=0,0,280,1200&mtos=0,0,0,1082,1082&tos=0,0,0,1082,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=0.49&if=1&app=0&itpl=20&adk=1855931090&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642467987928&rpt=718&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E7A 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUYr5vnTvaUw0pJAJZ6R1Oi7mj4Z6dtjr-_QA6vQ4oFgUS5zzADwW8nGP37xFM9TARu1YbLQTxHqaaKxusw7eeJ8EMRL009dh012YSIzyzY_B1vA5VAQ&sai=AMfl-YTFM6wQJ9z9zB5ef_3oRqnq5hPgoRio9Wo__cztdfiaonpAoi3mREnQFoJBa0eYA4SBJZgtUbWjLwRD&sig=Cg0ArKJSzF2u1bn3nb_fEAE&cid=CAASBORoGE0&id=lidar2&mcvt=1056&p=0,0,135,539&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1847874569&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642467987920&rpt=757&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame FC19 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C203 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5NUtLGRAzJpIkTpMWij-s1xdtWUAHoNwXOjAPmDR4x69SBBgiM9IFisUgx21xL2rZga6I8urGoWrrQeCdpIYf8Ll5_GDaa1YAjus6pm8ShcxbvIxVqA&sai=AMfl-YQhkQsAFC4MDuSwuCggQlL-IZ2f68XypFdzzvEcjE27Kr5SfrTjYBRTwJSxu2vs25xpWQy6mYs7ACa-&sig=Cg0ArKJSzI0xpaH_9CwqEAE&id=lidar2&mcvt=1006&p=0,102,280,438&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3675393043&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642467987924&rpt=851&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=1521035219489479&bg=!e3ileDzNAAaocxMpqHM7ACkAdvg8Wo0XPuTR5Diors07-BIfsmyWW5QQLs54pFf51caWYyGbap53kQIAAACxUgAAAAFoAQeZAr405YBp_Ya12iAm3NcFbcZfYlxMIEEwNvyNKTsWOwRJdzAQZRLMOhfPnG7KO4bxOEReM5uKqv9KlUOp0ajZJVyXpiZD9-uOJaAzmpsenQE3wABf8YWjgZIMCH-QGmVVax3yvnIwPIbz1r2nivBUisUQG71A-42QM0ywwvx-d9m45sUwx9DxM0Yru2jF9jFyRy0B1-9AK_407wGJnTTa6cPemtkaCrG6iFBH_648ZZ4MmBl1CdHbfSls4lqfWExAz-T6VpDZqn9PhU3bp_rIBT0hgtusAJmP1aFBiAGqqLyJZDm8DqbdjXUG8HgpA68wEyZVx0_9LAG-4UFkcfgMrxtphfuoPOuF2OUAKvANRrTcs8ed2Qt7X5eS0OR7tnyfHRb0aPDUGb_2vn7Sypb6g3xTaU6V7YfOaFQ441wQdpCG8WGoPXmr0ut9sEFi0JvugbdU9t6uV8BOcq6FqZMC1XHNMb0jE99JB3BnKquc1lC0q6-3I4CXN_qybaz1tvkHKSAzHaa-EURj7WpbIl3yQBiyZGtl2FrtgRRq2jrQ4QVlzqTgb712mc5f_kLLuzE05vG6W-fiQYqII-Z7gI-CMxkQ3xeaMyK5EYDlL91O4ZFFbBF83kMxHMyDL-rK9zlOgxVb20zgLgWn5FZK7Qba1wfaoBa-xJuUEZ2tLWizm3G6UWf7Eb8K-6AUV51oL-iFx2LMfll6kKSXsEa0wkfNXw5L3rLYOIblXvIoG9-Suwn4EmL7iUc19EIFRPJqfb8hVMgI1otwiHgajKA89OdO9InN8njg5_zQ1QDfqlb_Ai68lYU-g2VMqNfi13aAVkgrCjOPN07GTwlYUf46HjjMRR1tYwXk1keP2JhtnFgK6SXENMsnpZhxM_5hT-J7-kwWaP-wVBFBcHAx_omgxSHOd-26zy9xposHoKEBNAQxunw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A21 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7LYnFExjao63g0nmQBD47sB3ze7DgCxWoQJS1x_wJFk9l754F39YJ6uWU-_gXtMHqSRGgbQigOjutv4ngx4iZyHLxJ3PqImxUmYL4RpMeIqUD_yRG8cywCKxTBAcSbp6B0W4pEUcpdtFHcwDs1B21UTv1pUE2iaZJtRb3i_PSjQ&sai=AMfl-YSwoMZxXJmfaCevpTEOsTUVScd-tM3ArO_LTDPRbiBixOqbjy5WVGXz_UBPFkWppOQBBbQOL4Isl0FT&sig=Cg0ArKJSzBaMbEXQx8hAEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,798,1000,1157,1157&tos=0,798,202,157,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642467988524&rpt=287&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 01:06:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?7blU6A

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safefileku.com/	1970-01-20 00:14:35	Name: XSRF-TOKEN Value: eyJpdiI6IkhBS3RFQndjSDFnNWp2emJOcWd6bGc9PSIsInZhbHVlIjoiam96WDJYZmU3U29FS3NGRm82UFlLTXI2eG1vYTJjWWRTLzlsRUVrb21IUWdNOEFLeE1OWUFJcTVhWW5KbVo1ZHloWkE0dFZYNithYnVYdnpwS0JmWWN1bXp3RWZMN2VIV1BrNkM4VGhUNUR5M2dMeVZZK1VJaTFZeDJwRDNaU0IiLCJtYWMiOiI0YTUwZDY4MDhiY2I0ZTZkZThjYjNmMjc1Y2YwODAxZDc2MjA4YTZkMWUzZDhiODZjYjc0MGY0OTQ1ZDI3MDYwIiwidGFnIjoiIn0%3D
safefileku.com/	1970-01-20 00:14:35	Name: safefileku_session Value: eyJpdiI6InVCOU0yYzFZaGtyZVJQOHEyV2xvYWc9PSIsInZhbHVlIjoidExhMnY1TzVzd3NvZkhucnUxeUh0cUxjbElHTUJmTWZNTGZnMnhiVithQXF1RDd6QVkwNGdqOWpLT2lsK2p4R2x1a2p4WDJ3QkhMSVd1SVJBbzkyNGZuY1FRZm9YVm8xZTRvNXFCeUVTQ2Z5d0xKeUhmeVdZTkhnaERvdUFmUkYiLCJtYWMiOiJkODlkY2E3ZGJlZDQxOGIxNWVlZjgwYTg3NzlhNzIzMjFjYWYxMjlkOTRlY2FjNTU2OTMwYWU5MjRkYTQwZjcwIiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 00:15:54	Name: visitor Value: eyJpdiI6IlRsai8zaDRISzEzcnpWY0N5Qy9RZVE9PSIsInZhbHVlIjoiNmt6OUh4b202MWtTa1hIUExEaW04SWt4aDFLMDlLM21BSlRJSGttMk9ScHR0WlVFZHozZ0pLQVpXR3BreU5vUSIsIm1hYyI6Ijk1OWQwMTQ1ZjMzYTYzNTJhNGY5ZjVkNWM5ZWI3NjUxOGRmNmZjNDgyNTc0NzEwNTlkNWExNjM5NTQ2MGYzNzUiLCJ0YWciOiIifQ%3D%3D
mkomsel.com/	1970-01-20 00:14:35	Name: XSRF-TOKEN Value: eyJpdiI6InArNytiblV1aFF1VGVLTUxFaCs0TWc9PSIsInZhbHVlIjoiTWFQUVBSaUx5Y1JoYTFJN2NEME1DU3IzNnpFV2VDR0ZRdDdzRmhVNTkwME5aNkFQOW9EZjIwdWN2bE9JZDlMR1lmQmtJTWRpSWt6WXpwa0Vpb0tjaVYvU0NXY2Z5dUF2YW5ZYmlEYXdTZEpjMWV0RFRxUWtpRHU2N1pBWUdVYVYiLCJtYWMiOiJjYWY4MDA4YmEwNzcyZWQ2YTBlZGU1OGI0NTg5ZjcwOTM2NjJmZTFjMjk0OWRhOTZhNTc5M2E5YWU4MzNjODAxIiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 00:14:35	Name: safefileku_session Value: eyJpdiI6Ilk4UWRsK0RIQXhnQzl4UXl6S29KNEE9PSIsInZhbHVlIjoiOHVrUU94TmZRSXBJRmwveENXK2RyV0RhOTlUUk5VRHlUMjU5OWtFVnpxeUJrWHN2T2tmamtuTkhOWGswT2pHcUxjR0IwMnJuMk5LRmNsd3dKZUNYUTZyMGJ1TG5lNC80eUl4b25rcndRZkxvZHhQc3VMYUF4YmllUmZvVXJYUVQiLCJtYWMiOiJkMjI5Yjc1YmIxODhiNDkxMDRlNDEwYTIyZmNhNDYxYWNlMDcyNWUyNjkwYzQxNmIzMmRkZmIyYTQ3MTJhYmY0IiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 00:15:50	Name: __cflb Value: 0H28vMLKnHt4WU5ky6emhhGaddLvsK8fzj9jkY36QWp
.mkomsel.com/	1970-01-20 17:45:39	Name: _ga_J72KJ758XE Value: GS1.1.1642467987.1.0.1642467987.0
.mkomsel.com/	1970-01-20 17:45:39	Name: _ga Value: GA1.1.802485236.1642467988
.mkomsel.com/	1970-01-20 09:36:03	Name: __gads Value: ID=6a817314ef46f126-220f2e9d22cd00df:T=1642467988:RT=1642467988:S=ALNI_MaL__W6IDvUoiiB_72JlL1lLrZFLQ
.doubleclick.net/	1970-01-20 09:36:03	Name: IDE Value: AHWqTUmoFoIsXaudXXkvgKK1AtxSpcOM9jr8amDyFKlmT77hZilChNfiK_QTIESO2G8
.doubleclick.net/	1970-01-20 00:14:31	Name: DSID Value: NO_DATA
.mkomsel.com/	1970-01-20 00:14:29	Name: __cf_bm Value: 1bXlaEaGQIypdXAVdpsAW72exfjvzbbr_y84ZkEDsbk-1642467989-0-ARKHnm8llCHRBNXuyA1gaszf0GRseJZxNp5Q3lRTiwSwEJzS3CNFk9rS/vwnZBL908g7K6VTJn/i3v7x3ypIi1V5xQV5x9Db02tbaXe04ExSihTuIcgsvoolH/GZTCGWLw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
is.gd
mkomsel.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
s0.2mdn.net
safefileku.com
scontent-arn2-1.xx.fbcdn.net
scontent-arn2-2.xx.fbcdn.net
secure-gl.imrworldwide.com
static.criteo.net
static.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
13.212.202.252
142.250.186.130
142.250.74.194
178.250.0.139
178.250.0.160
178.250.0.162
2600:9000:223c:ca00:1e:a43d:b640:93a1
2606:4700:20::ac43:5384
2606:4700:e4::ac40:a423
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a02:2638:1::2
2a02:2638::18
2a02:2638::3
2a03:2880:f00a:11c:face:b00c:0:3
2a03:2880:f00a:e:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
097c33a31a5b35eb6e7d288e45a24fc7953d8b0d3b3a51fa79560403d5c8da50
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
148bca24aad00019c6b2be273d63157d6e292007d16c542dff2fb676d6853ff5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
22c9b9e4cb1a0017f2568ac9beb42b8ab00da5d97ed8ecabd78da08e7634d25a
2416b42da180343f718ab87b26ef9e93d564ec6448030b501db952747a6864af
2442d64a8a90cf982824a1dca7e8a1fb1d343ee500285b4e7a29c0dc560a486b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a8a61c0ae283ffa3409ca9ab2319283568f49e2f58be536699b087741639f5d
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
34397260b8bbf46c8ec0cbea9232f22c1a3582912398fc54e7d5419b49f986b0
380253487ad21cd9ccb2305523b38743b96c87b65058b7d6822ade7e267bbb1d
3828f3d7cb00b2f5b9cf7699c87e2303dadb4dd1d432b2be24a5c8a3ebb1a440
3ccdc1db5cba814ea2736fc06e3a6a94945ec8b7db7318fe913c3daed9dd612e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44cc9853d6b580ac37debbb7f588d141a28c10d42a5ea6d7af640cd136e57af2
44f4c6080f3888195b895a8e4083808d50dc927941e7240b02d4b4abba224583
47d6a05d6ad84b1c213f47647d1fb89523cf96bf0611728d5fc453fb89c83e23
4878f6631e5c5cb13a0a8f99c7181ad0c0495ebf5bb63c344c6a8885def5fddb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e03a1d78851f102c9fce8dafe2cd91c8c695ef149e705e793a742db43d84a9d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c6fe147f314037c91162d843433a0d305348b76db2280c2bedf6c0eb54ee0e
51b322c24470da6d14f47e3d8b7cc2fdaa83f755d18007366025b870f7a4874f
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573ea49a32d34b2b31edc09e059017396edc9d54d8918277040095d16c149beb
5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0ca3d973d773325cf298a7aa6450a03c769a758a541143b635ceee40508175
5f7b8ee9d99b67ae02cf3eb6818133ffff269c3216c416113b1c8bea826bd3d0
6109228bb361aa5d317df98355de600d6da2cf7995da9f5c335481e97a664f4e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65beaff4d49424a906eae4e21647850ee918aeb7c941b56667633b4e2e0105cd
6c2a2552be8e933097c03d3bddb1cf9752fa49318e1f67050186c6b60190a65f
6d87c7104899de0c27acfcebd6c1c8dd0ea4592e009adebc652d58018b77571f
77d99150881703fc83ba5c3b2b65fde3184d93b33e81bfe8fa6c2177cdbc122a
7b770f7ca4e0add0192ef0e6b3af06258a99453263ec73bb08d8f57bdcd2a138
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
87516bc146d3c25b656c67a640cde4bc183c97de27bca9ee11eef02d28c6f796
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9007ff013baf5f4b718f18124f9035c1ee7d68be96148c4b9addf71d186bd2dd
944585003819bc679b3343e2faf4edbe539322a662f8e6564db5b3e66b152b6d
9df96b8c5459598bf0fe9757f6bb7ead77be97ab5099f97e3a8f2bbb84b68762
9e6bc8999b8d3a5c7911737f7dfb127326a149a6f57196b2c7ca559b992de872
9ec0d76653ac2d2a096be8a3c100a24a9a395a346ea59b77cedb7e9592f2c461
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a408a35cfa91cc9bed25af220d0747ba8a9e2733cda06ee2bcf2a4643f8f5dce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55de880d6a7f3948ec6287dde281107f7b81db2b05e856a1c79a624ba928e04
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aab9ea676b63597f66c9b8be1e5a1c7a32277e132c9d97e66503ac0cf24cb6c9
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac237d570be225be2f925a43ee6e5dfd0e24700c2fdbf266df27cf139a1e6257
b5803fae76d88776907f61b452ba6932344d241463f3caa4254ac021276c0fd8
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bf2a570fe1c9e610caf179afb1468249a2f3c2f4875334a23820784d58652569
c18ac20103ef9806e6d124cb3b9a61f50d76feb8cae3aaec91feb175aa5cde2d
c428b0c62a59fd1d7e081a5ce956c099472b7287507ba455423780e9666910e0
c489de434fde67ccb8c3978dc224f3e87e1dde31135a93e5f741a44c73b2954c
c6419fcc49cca43fe210d31f1f1d3985a141bbb4f021fdf865034ff564783181
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce6fab7309badc173e5d937b70d67b0f2fb7263e75db65e73fd3256784177714
cea5297eef92504dac741d537e93a4d1271607be29bdfdd9aa23258d1ef2e8aa
d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c
d6bfeb6e147f4bc5795c0088b84ca30381bba6366744d5627254dbdac57f26fd
d74537d5b6661cff4a11859968627411f462aa83c818600c1965e3896039da25
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d92cf52fb1e13f567e5df9a14c919bef6615d1fdb3ab2f586e1f7160492fc1c5
d93dcbfa68020b4988db45230a47d97b4ece90bb404733829f66224851ca6b9f
e05296833494cfa1aba100e2f39ff75e18b1983f8fc4ed92f5a60442a28d78f6
e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3
e325cfc20f5bab19ea97a13404d1237cf2ff992a8d8ad6394caf81d9e6b627c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
ed7e36bbfdc81471c0197939b78fee25d2237d860623cb1d5f146ff1e6b984d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f807cdb6f41332d845735747b86fed1ca0b9f00bbdddc8301417f49633e8443c
f8de8ee65552be2f01a67a6dc47020a4a132e9bfe4b8eb02143d89fb2df08241
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

mkomsel.com Open in urlscan Pro 2606:4700:e4::ac40:a423 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

99 %HTTPS

79 %IPv6

20 Domains

30 Subdomains

29 IPs

5 Countries

2655 kBTransfer

7222 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mkomsel.com Open in urlscan Pro
2606:4700:e4::ac40:a423 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

99 %
HTTPS

79 %
IPv6

20
Domains

30
Subdomains

29
IPs

5
Countries

2655 kB
Transfer

7222 kB
Size

12
Cookies

144 HTTP transactions
6 data transactions