mkomsel.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safefileku.com/download/nYxm3AVhOgDZh0x
Effective URL:
https://mkomsel.com/download/nYxm3AVhOgDZh0x
Submission: On March 26 via manual (March 26th 2022, 1:58:37 am UTC) from ID — Scanned from DE

Summary HTTP 140 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 18 domains to perform 140 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is mkomsel.com. The Cisco Umbrella rank of the primary domain is 442343.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 3rd 2022. Valid for: a year.

This is the only time mkomsel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	13.212.202.252 13.212.202.252	16509 (AMAZON-02) (AMAZON-02)
7	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
5	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
140	28

3 13.212.202.252 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com

safefileku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

mkomsel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-amt2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-ams4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	404 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	267 KB
15	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635 scontent-amt2-1.xx.fbcdn.net — Cisco Umbrella Rank: 14148 scontent-ams4-1.xx.fbcdn.net — Cisco Umbrella Rank: 14535	764 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	131 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	544 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	26 KB
7	mkomsel.com mkomsel.com — Cisco Umbrella Rank: 442343	90 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430	84 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	181 KB
5	facebook.com 3 redirects www.facebook.com — Cisco Umbrella Rank: 96 web.facebook.com — Cisco Umbrella Rank: 252	34 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	safefileku.com 1 redirects safefileku.com — Cisco Umbrella Rank: 916205	14 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	83 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	18 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	645 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	344 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	64 KB
140	18

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net mkomsel.com tpc.googlesyndication.com pagead2.googlesyndication.com
15	pagead2.googlesyndication.com	mkomsel.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	static.criteo.net	ads.eu.criteo.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mkomsel.com
10	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	mkomsel.com	mkomsel.com
6	www.google.com	1 redirects mkomsel.com www.gstatic.com www.google.com tpc.googlesyndication.com
5	scontent-amt2-1.xx.fbcdn.net	www.facebook.com
5	pix.eu.criteo.net	ads.eu.criteo.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.facebook.com	2 redirects mkomsel.com connect.facebook.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	safefileku.com	1 redirects mkomsel.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net mkomsel.com
2	fonts.gstatic.com	www.google.com fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	mkomsel.com connect.facebook.net
1	scontent-ams4-1.xx.fbcdn.net	www.facebook.com
1	web.facebook.com	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	mkomsel.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mkomsel.com
140	29

This site contains links to these domains. Also see Links.

Domain
safefileku.com
www.facebook.com
twitter.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-03` - `2023-03-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
safefileku.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-05` - `2023-02-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-02` - `2022-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Frame ID: C5537DB79EDC59C11B9B6FC9559464CA
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: 255A82DAC960944CD8BFBE7482ADDD0D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=emctfpxux3qc
Frame ID: D3745D763B676FD65946A4C286C2C3E3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&adk=1812271804&adf=3025194257&lmt=1648259910&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=226x990_l%7C226x990_r&format=0x0&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910335&bpp=5&bdt=287&idt=394&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5227603444517&frm=20&pv=2&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=434
Frame ID: 2F0B155063EAF15033015A40B1595837
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1648259910&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910340&bpp=2&bdt=292&idt=440&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qbwbxLPJ5D&p=https%3A//mkomsel.com&dtd=455
Frame ID: F7D901669028DABC5EFFF956A88CBF54
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467
Frame ID: 7188E28BA711510913AB4A5CBF8420C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910344&bpp=1&bdt=296&idt=469&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=70kmoZL2kG&p=https%3A//mkomsel.com&dtd=472
Frame ID: 5D6ED6E2E523522194636E2EC09AE739
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yj5zRwAHpYUKe5FOAArk8ssHhr4GWRqLOAxY2Q&u=%7C%2B1lgGC2AtRQgIBQi67AT%2B4ahVAAqGm6Tn4EXKnooe9Y%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfT3LlPWilC1lfUtI_BrZnwO8ndtj3wXDn9_b51OLFTtcHAtH5XX9JqzLufGznh2bRZ45Fon4UoMmMr9rUqMUydQDkhzq4qh6jH6IK7yoSGo335_vkdQshsyNuQ8UvSJ0kgzPw0M5H_zMfHE2_kwIbbZ2nCcuCJmOeYJapV4duvxeYprVSUCGAyyZmURuIFpfCaqNFkEr5Rp_lxabBWnGTrxEp8rZmCryvH2KNzzelvQ-0bEjoSTNxhIEttLejanGX4PzKlq5ZxrUMydV6_ZHbh8oOt95CxbgUuaQmDdAibSM_pcUZ1byIZJJg08GjlNvmXuLNCksXaV3QqQgmdbRzZD6zveUeSqKsDvNYkXfY42Zj4Or4clYWF3U0hh4K32JwxxcEmeU8u9ZhSG-A8YkzBoenreJB_VpUXj40yutjEKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqvEWR3M-YoXLHs6i7gPyyavQCcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE7AFP0CAX5mhCDvEy2WG8_FfI9oEY6p9NGib9JNRQMk6XbUUWDgFNJxWdA8jaEoS4ro9ZLoU3TPrbRMUhgNls6OiqdKAjxuFm1NWF6HBohKyIzw1prhZokmcKTEBzDCo7qe5Mh9_RqbzvIL2ZSQG5F0YBfsta_XETVyefzhLxU_cgGW8MO8wMg77wtIjeM8tFfuxV6ruKcOAmkhieSDZ6iHdnY3BGjgXbvB9qLjxIkLRmgqWPJWICtqsrlON35GhAGd65rVfqmYUt07sPdTxL2f4g7mieKIOBADk7igJ59KCVO_mt8a3xXZEyRCI2YIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2dHlCktGDcZh-H3VWm148KxiFGsA%26client%3Dca-pub-5933362346886566%26adurl%3D
Frame ID: 5B2393F143F6AF384D21549F09A26C54
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Frame ID: 5A841E9D751B14CD3790F2E6DA02023B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4985584135867F8F68A8363C1190D5F7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Frame ID: 181DDC5D4CD425846B241DC30456FC40
Requests: 8 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8bL0jg0pL_N0a8li22Aq95Dvm5JFqaIei8rdDu82PY7qlrQ3CODtqXj6Ctar20JVLr3ZgsD6i-tQEjeZcqkT5cS1KOtBKe3u2oZciRPClXuIdTZ-4FKVOX7CtcQ8AHtkhV_n3AoCEVlKqxindD5jrXheuuoN3-4917pVpJ9KjHycSWxqjD1AQj4Z33GVtw3kBAOZM7_yM7Inn62thknRbWCAFHuuOtsxSacwH662zmU5tYnjx5mRdx5_-Jog5sKXFt_Qv8BhrWebqZgIurPui-uwHmX9oUUczglKue-U3WNQMy7nBKoaUTVWpn5P1OyEMNDA3RY8E4w_YNcj5gYxG94zwM6bo2GtoDbOBGnL0i5I9pWvhOuj4VnliOuHcdHjfGQ_DC9MIAEgus0sSOfcXxmBTnOGykfXCY8BfTTVentiK0spE7Z0zCJSfSOOEsC9jRVQQ6EFvQgJ2RILd_6csKro1o5WduSmzEL5SNdtSSJRYBbBL8nvf1Wc87OOcnaVXhMwF6kQk5_auubbx_YAlEYrmPPaOdw9dYDmtSRDcf5SuzlUwVLlyR1CjtMHJ7-iZL0e63wMgTxQkx2sx19ulGfQ9DMrGlzWPDOBBQHqa2hHcW-jfg2401RBKNmwFugc4xt2rrlyKsn2dtnRMe0oLlH27BCT_AHyt_gdh1rPXZWx14ywYgNArDSRhujCIFSQ2cmBHOt87NKqJTq5uHCiq7XLoSSsCpQOp2d5MRc9-eo1Dl-0CP4iJ7dzxdCbKIMqRROjt1dW5wUryOzl7BQOAbAk6jPT1-l-shxLGzIGHSn0d2E4O9Bmhbygk_YI0EBfTu-H7eX1Hv_MQW4onCaXhGJL8nCmQLgyzddtqOZl0Uqoi8AeAWFaWH91xABBNdSDUtPsAEG58LgYh2Pn79cXc6vmfgmp9D6esVOwzsn_dPVefgzfbN8pSPs0_K_92GwmC-_NxWxjoD9RbtNkd81x9Gd3dHJ5O3lzyrWKbM0DrVNEMw187TjGZCZ5Lx9IqYSCWil2DU53kPR0&sai=AMfl-YQdcWL96o9WQmM8oL7Q7_K8Vw8-HiXeCwX09Q9ntmzL86Q6CKw7VBf34Q&sig=Cg0ArKJSzCVNoUPRAaDWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: D59A18B64CC8209395395A70483898F7
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yj5zRwAHq-4K3qLIAAHbT3z3bX6fnYC-Tj8VRQ&u=%7C%2B1lgGC2AtRSmiVmhfa%2BUGNb87xkGBMTGGmgP2HPV4%2Bc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfT3LlPWilC1lfUtI_BrZnwA4SJz8qKbOJFXishzca-KHRkTJH3wmadDWXOgT0AdCOAT0pkJOIhBFiks5KbJhjsabmR4AaAjOPtLWb7ZcA7SshRs5Jxqhoz14yW4JhyH-rTsQqvnIIjw7wZVBGh_0O84WcikQFa1iBXOZegXXjr_xC2gC2f-M4Jh2Qa1-8CPwnd0WnANJDkzlvsvE14F0NUgc6VRiiRPZxkiT3lwfvjplGt1syOVsUwvrMXCeW-ezO_LzPHJiZnP5dmoL1HX3di1DfGZk1rOVKgjplc3jR_CaT13QV8rCrDGHe4oJOVGI48c0ky4Tswf_MsIuucNz9v3UGwFEB_qvGt_OWDHztsF7deyfWSUdggQ9nyk2y5-KV5Tl0e7L04Ojxf1v5EwyUkRiSy7xZxXNA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAKe9R3M-Yu7XHsjF-gbPtofoCsme0rFctZjj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE5wFP0JTcYjkO0YRJ6XwXgQd-GVcWq5oq5SjoNUtFMtvzYYR2udyPrb72EjbzJNz9IuqTJ5u7o0cKLUXZqvSxOTFEtmrfYRnqe8UKkJPYA8GuQD6sW-jTP_SXS7_LgWZF7yjuPbdeKXrmVQiZMDJpbitflJ0QUXeJ9Da4rbb1KEWZJN92EVatSOO5ZiUTvvXfBo-luFVM3LW2FknRMPJQDkijxQ9iyaCEBTW9YlMTZeG3eifFcoT2CPwDAQ5Padi2MFctYqbE5jP22Bp_KUuT9YrpV4oJZDQTi_0vgKxvnXOW-4bSrPqzsVKABpqUjfnVkoTTvwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22MRdYamB7vmWmSaEGBL7zU-cBBw%26client%3Dca-pub-5933362346886566%26adurl%3D
Frame ID: 3F58480BAA9727D2A632F7FF697C66F5
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 009E0D1F3620ECBE9747557A13EEDE58
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: E16CC686E44A0AB23700051AA87F2A73
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1B0774499725B87ED9F1B58DF071097C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 93292A0E43BF652AD262FA8814CF92EA
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Frame ID: 94399AFBEA835745F238E3A55E064AAA
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: AF410EB4C54335AB078BCDF38D3DCC87
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65DE8FD40C72AD6135D542587F9DA965
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2548F6F9947EB1A8D15E94E1A884ECF8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VID-20211812-52728WA.mp4 - SafefilekU

Page URL History Show full URLs

https://safefileku.com/download/nYxm3AVhOgDZh0x HTTP 302
https://mkomsel.com/download/nYxm3AVhOgDZh0x Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

140
Requests

100 %
HTTPS

79 %
IPv6

18
Domains

29
Subdomains

28
IPs

5
Countries

2707 kB
Transfer

7292 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://safefileku.com/

Search URL Search Domain Scan URL

URL: https://safefileku.com/register
Title: Join us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x
Title: Tweet

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&description=Download+VID-20211812-52728WA.mp4
Title: Pin

Search URL Search Domain Scan URL

URL: https://safefileku.com/report?fid=nYxm3AVhOgDZh0x
Title: Report file

Search URL Search Domain Scan URL

URL: https://safefileku.com/page/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://safefileku.com/page/dmca
Title: DMCA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safefileku.com/download/nYxm3AVhOgDZh0x HTTP 302
https://mkomsel.com/download/nYxm3AVhOgDZh0x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://web.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width= HTTP 302
https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width&_rdc=1&_rdr HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

140 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request nYxm3AVhOgDZh0x Show response
mkomsel.com/download/
Redirect Chain

https://safefileku.com/download/nYxm3AVhOgDZh0x
https://mkomsel.com/download/nYxm3AVhOgDZh0x

17 KB
6 KB

813ms
786ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 7e08945c4c931c60a1ef0077cf349ff919df21af43247081db531ecb052c18eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.27
cache-control: max-age=31536000, public
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FU8RInk%2BC1qPy%2BtZYnTgEyhq5ai8ZpOrLiKooH6GGEy3YOsE3JZqe4ERzrJuPyawHL6BdL6lOlERqdLqzRXHVH9es5PxQA9UoD9otso3d70vZ0tcR9p5LY7zvChn6C5uezCKUHriQ0rgnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f1c48136c009001-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sat, 26 Mar 2022 01:58:29 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.27
Cache-Control: no-cache, private
Location: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
mkomsel.com/download/assets/libs/bootstrap/css/ 158 KB
25 KB 15ms
14ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/libs/bootstrap/css/bootstrap.min.css
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/nYxm3AVhOgDZh0x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 Jan 2022 04:37:15 GMT
server: cloudflare
age: 3071
etag: W/"27681-5d5ab971df4c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYsTT2krYi%2BjVaJ1kDdxSfi0f2H2HZzmPBhnuzd4o4vp8jCG6GBzoorimT4TK8ofxm8HmTKh0VcSTT%2B0bjagqzKwKU3oGI2t9Afo37L89SdAK5fV3%2FXUxpFqt5udOljA%2BWGt0eqSpxXicA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f1c481a182a9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.min.css
mkomsel.com/download/assets/css/ 10 KB
3 KB 13ms
13ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/css/app.min.css?v=0.2
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea5297eef92504dac741d537e93a4d1271607be29bdfdd9aa23258d1ef2e8aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/nYxm3AVhOgDZh0x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 Jan 2022 04:37:15 GMT
server: cloudflare
age: 3071
etag: W/"290a-5d5ab971df4c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Srs%2Bc9ixBZnoxuOFpWnXc3X1iNp2WLqPormZ1coPb7l2tlK5NDxLD9GmkKNbydq%2Bi5yZHpSxwgljslma1KVEy%2F3OH9t25ugKBlBC8dtZkuNnulKh69sdXp30urdMuAwFnVDBFLciFMhNdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f1c481a182b9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 157ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ea28ea96c3e37d9fa0523811966bf38d99c949014e8c610ec54efe89a106681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53819
x-xss-protection: 0
server: cafe
etag: 5661396658878681256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Mar 2022 01:58:30 GMT

GET
H3 200 invisible.js Show response
mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/ 43 KB
16 KB 26ms
25ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1648256400
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c11bfc098fe76aed768458ec0843821e7284883abb6da49bba4170ba1f7941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/nYxm3AVhOgDZh0x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnN%2FdfCVDKEz3ghHJcnp81Xbje3ndhBqjtjG0fcZ1BXsK%2FQznrVW3ErgnYWM2A16EnNmpH5R2F4j1vwUkq1OB%2Fbpj3Po1KLzDtw2wLGUApFB17F%2B6UzT8DKH8JzQ8pe9uupPWcNMeIPDZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6f1c481a3df59bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK logo.svg
safefileku.com/images/main/ 11 KB
11 KB 166ms
165ms Image
image/svg+xml 13.212.202.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safefileku.com/images/main/logo.svg
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.212.202.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 01:58:30 GMT
Last-Modified: Sun, 16 Jan 2022 06:20:06 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
ETag: "2ad6-5d5ad06fcb362"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10966

GET
H/1.1 200
OK mp4
safefileku.com/icon/ 1 KB
2 KB 343ms
176ms Image
image/svg+xml 13.212.202.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safefileku.com/icon/mp4
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.212.202.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1d / PHP/7.4.27
Resource Hash: 00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 01:58:31 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.27
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ef6c023c71b3aabaecb650a4b06a8063c76577fd62f89c565247d0b134e628f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IZT6L7rEfn8QLukafSVqBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 26 Mar 2022 02:04:37 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: RNKZzrMyzaFmtNnePrea/ImEMQaspfB3z+A+flPOJcSmUkZOpxrd415564per/gcqklh44wvW9pfVhskjXvqYg==
x-fb-trip-id: 686109401
x-fb-content-md5: a09d177df41d5969cbf0d99b230ed991
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 26 Mar 2022 01:58:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8b0739d3dac1f3757911a9043c82ea90"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 jquery.min.js Show response
mkomsel.com/download/assets/libs/jquery/dist/ 87 KB
32 KB 14ms
14ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/libs/jquery/dist/jquery.min.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/nYxm3AVhOgDZh0x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 Jan 2022 04:37:15 GMT
server: cloudflare
age: 3675
etag: W/"15d84-5d5ab971df4c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhNr9Ovx85ei3vyNyi9WuzvqBkxXdVC35rtdgL1Yuj6ifxEbVs3ZW5gVCRG2IXaeb3pG3opFeu1oWpy2ig95eIGvBOU%2BYFeXsRwnZFKQJNtQE8JM8PhlzqZw50waLO7IPaBD%2BehHWll81w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f1c481a383b9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 150ms
56ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a736fe6962afb8ee314e4013af5f4e4048e25ac3378528abe5408b62a2a95ebb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Sat, 26 Mar 2022 01:58:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 145ms
51ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J72KJ758XE

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b9bbdfcb5417427c398816b9c7d1189438b0d27f4919e790d9cb48b73b4c718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65107
x-xss-protection: 0
expires: Sat, 26 Mar 2022 01:58:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=53f3835f6f9b2fd0fad8782f7002fdd8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ad9408ceb11c31b2d44a85e6c8775b3b6a969984ac028eec040312f977111d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7zj5ez2Rfo4cQlf/Wp5gcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 26 Mar 2023 00:12:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82675
x-fb-rlafr: 0
x-fb-debug: AXRuT0I4PpQq1lSiv0km+vSJ6z5vA6qR+8X3VXbfc+bmISirUCpKgBbc8EkXiG9H6FgAXdSiTpis9CBi1XRwPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 39009d45dba6586c77cdc3ca23ed6884
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 01:58:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9b6c9352cfde2450bc9e36ff1d6ee48f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 pica.js
mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/ 21 KB
8 KB 28ms
27ms Other
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481089d745285c53f106da3d25ec4ac3a718506278a4f7fe9889f9c567d32a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/nYxm3AVhOgDZh0x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT6aKS%2B0y%2Bw1IAUzzGh37DHq1d1m2JZv5LoeHeHdsWmx6VXJCunX7XlVybVCzIWNJuZC3%2Bw%2F6OK4rX4cxRfF3TtElVg0x6da3C%2BDM7ATByKNsDNn%2BAAK8%2BXWbaUoaMAnqLsZ7Gai3JvFkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6f1c481ace629bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1026262167543273&ev=fb_page_view&dl=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&rl=&if=false&ts=1648259910208&sw=1600&sh=1200&at=

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 26 Mar 2022 01:58:30 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 361 KB
143 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 21:27:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 296 KB
107 KB 118ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5933362346886566&plah=mkomsel.com&bust=31065832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b8064fd4bdaf2224c5ff699569719d604034a38d3741ee693a790d1e431b17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109244
x-xss-protection: 0
server: cafe
etag: 8660559427584878093
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Mar 2022 01:58:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame 255A 10 KB
5 KB 122ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 25 Mar 2022 14:18:28 GMT
expires: Fri, 08 Apr 2022 14:18:28 GMT
cache-control: public, max-age=1209600
age: 42003
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 6f1c48136c009001 Show response
mkomsel.com/cdn-cgi/challenge-platform/h/b/cv/result/ 2 B
695 B 36ms
35ms XHR
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/cv/result/6f1c48136c009001
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1648256400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mkomsel.com/download/nYxm3AVhOgDZh0x
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f1c481d68719bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7S8nSQ1b3lPfzUxcA4illLHC2sXFSRO65v7KQdEa%2Bc%2BnSqCRRYofFZXUBH6%2FKeNnlZRWnqRd2pJo0%2FAAKjiHHKlDuQmSj8JrVVfx5z7Xc%2FipaG%2BMopWJR6FKTbXUiX1BMaCoB88sAPj1Q%3D%3D"}],"group":"cf-nel","max_age":604800}

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 134ms
46ms Ping
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J72KJ758XE&gtm=2oe3e0&_p=1228589461&sr=1600x1200&ul=en-us&cid=2002031068.1648259911&_s=1&dl=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&dt=VID-20211812-52728WA.mp4%20-%20SafefilekU&sid=1648259910&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J72KJ758XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mkomsel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D374 43 KB
22 KB 115ms
64ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=emctfpxux3qc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

663f7fb6e67a9ba9041448a241b9e1e2edfd5a8455371310210bbb8a8a8a6b55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WhV2JDx61oa3knqPWpGLmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Mar 2022 01:58:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-WhV2JDx61oa3knqPWpGLmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22797
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 163ms
46ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mkomsel.com&callback=_gfp_s_&client=ca-pub-5933362346886566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5933362346886566&plah=mkomsel.com&bust=31065832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ec98ea7fa8c296b6a32b1dbe377ecf93a45b3290ff0fbd8b132574387fc82eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 01:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 01:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F0B 201 KB
50 KB 436ms
387ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&adk=1812271804&adf=3025194257&lmt=1648259910&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=226x990_l%7C226x990_r&format=0x0&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910335&bpp=5&bdt=287&idt=394&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5227603444517&frm=20&pv=2&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=434

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

184f40610954f0056621e94b8aa2408d84dc408fb68f3edcb0a4e5d09833357c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Mar 2022 01:58:31 GMT
server: cafe
content-length: 50666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Mar 2022 01:58:31 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7D9 94 KB
32 KB 451ms
429ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1648259910&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910340&bpp=2&bdt=292&idt=440&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qbwbxLPJ5D&p=https%3A//mkomsel.com&dtd=455

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5842e16ca3635684ff7b637e1f095e52ade16412b2f79577b47934a31bd4eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Mar 2022 01:58:31 GMT
server: cafe
content-length: 32565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Mar 2022 01:58:31 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7188 60 KB
26 KB 687ms
677ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f201a59130873fc2a3b8ada47cba26ea9db8f1f924b344fdea84fbccf0b3d39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Mar 2022 01:58:32 GMT
server: cafe
content-length: 27034
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Mar 2022 01:58:32 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D6E 23 KB
10 KB 273ms
271ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910344&bpp=1&bdt=296&idt=469&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=70kmoZL2kG&p=https%3A//mkomsel.com&dtd=472

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5f73326ae685dbf7a5a3012bb9d4d325d5cd60a0488302cb004f76965b007bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Mar 2022 01:58:31 GMT
server: cafe
content-length: 9837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Mar 2022 01:58:31 GMT
cache-control: private

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame D374 51 KB
24 KB 85ms
39ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=emctfpxux3qc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 17:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 17:18:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame D374 361 KB
142 KB 104ms
58ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 21:27:22 GMT

GET
DATA 200
OK truncated
/ Frame D374 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D374 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D374 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 109102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 31 Mar 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D374 15 KB
16 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 291110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D374 102 B
134 B 50ms
50ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=emctfpxux3qc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 26 Mar 2022 01:58:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 5D6E 2 KB
1 KB 149ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910344&bpp=1&bdt=296&idt=469&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=70kmoZL2kG&p=https%3A//mkomsel.com&dtd=472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:41:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D6E 119 KB
37 KB 181ms
80ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 01:58:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 5D6E 15 KB
7 KB 144ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:36:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D6E 0
0 120ms
120ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CapIvR3M-YoXLHs6i7gPyyavQCcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE6QFP0CAX5mhCDvEy2WG8_FfI9oEY6p9NGib9JNRQMk6XbUUWDgFNJxWdA8jaEoS4ro9ZLoU3TPrbRMUhgNls6OiqdKAjxuFm1NWF6HBohKyIzw1prhZokmcKTEBzDCo7qe5Mh9_RqbzvIL2ZSQG5F0YBfsta_XETVyefzhLxU_cgGW8MO8wMg77wtIjeM8tFfuxV6ruKcOAmkhieSDZ6iHdnY3BGjgXbvB9qLjxIkLRmgqWPJWICtqsrlON35GhAGd65rVeom6S_VDSTZoPXzV3w085mIZeLtjMVkoDNPJ0zyUaz3bV09xUh-4AGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5MzMzNjIzNDY4ODY1NjYYAA&sigh=GAdDROCw1J0&uach_m=[UACH]&cid=CAQSGwCNIrLMmCJeR2vzTJFzZK3Awzu9PmPP2HmFvBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=854766408&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910344&bpp=1&bdt=296&idt=469&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=70kmoZL2kG&p=https%3A//mkomsel.com&dtd=472
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 26 Mar 2022 01:58:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Mar 2022 01:58:31 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5D6E 0
0 74ms
19ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKzDEsz6RLAJmAKdg2ICAgAAANjdxtzNDeSEEEdzPmIXnbkxQXBijTAODQAS&wp=Yj5zRwAHpYUKe5FOAArk8ssHhr4GWRqLOAxY2Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 270786
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5B23 117 KB
41 KB 87ms
42ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yj5zRwAHpYUKe5FOAArk8ssHhr4GWRqLOAxY2Q&u=%7C%2B1lgGC2AtRQgIBQi67AT%2B4ahVAAqGm6Tn4EXKnooe9Y%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfT3LlPWilC1lfUtI_BrZnwO8ndtj3wXDn9_b51OLFTtcHAtH5XX9JqzLufGznh2bRZ45Fon4UoMmMr9rUqMUydQDkhzq4qh6jH6IK7yoSGo335_vkdQshsyNuQ8UvSJ0kgzPw0M5H_zMfHE2_kwIbbZ2nCcuCJmOeYJapV4duvxeYprVSUCGAyyZmURuIFpfCaqNFkEr5Rp_lxabBWnGTrxEp8rZmCryvH2KNzzelvQ-0bEjoSTNxhIEttLejanGX4PzKlq5ZxrUMydV6_ZHbh8oOt95CxbgUuaQmDdAibSM_pcUZ1byIZJJg08GjlNvmXuLNCksXaV3QqQgmdbRzZD6zveUeSqKsDvNYkXfY42Zj4Or4clYWF3U0hh4K32JwxxcEmeU8u9ZhSG-A8YkzBoenreJB_VpUXj40yutjEKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqvEWR3M-YoXLHs6i7gPyyavQCcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE7AFP0CAX5mhCDvEy2WG8_FfI9oEY6p9NGib9JNRQMk6XbUUWDgFNJxWdA8jaEoS4ro9ZLoU3TPrbRMUhgNls6OiqdKAjxuFm1NWF6HBohKyIzw1prhZokmcKTEBzDCo7qe5Mh9_RqbzvIL2ZSQG5F0YBfsta_XETVyefzhLxU_cgGW8MO8wMg77wtIjeM8tFfuxV6ruKcOAmkhieSDZ6iHdnY3BGjgXbvB9qLjxIkLRmgqWPJWICtqsrlON35GhAGd65rVfqmYUt07sPdTxL2f4g7mieKIOBADk7igJ59KCVO_mt8a3xXZEyRCI2YIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2dHlCktGDcZh-H3VWm148KxiFGsA%26client%3Dca-pub-5933362346886566%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

214059461947fbf94ab7d81955f3fc36a753c9aa7f91fb6afa2df452043a5890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 26 Mar 2022 01:58:29 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YykhO4o4rEYb-AdTGZOkYER0y9czEMu6N92vl5PtYPzGW7-hwoVaslBRx7GA27N4bHbfzZj35j4f6T0_vE-4AWCZA-_KKSoymU89cnGCvZP974zCCZf9JNXg2xBqhWUabf9Zwnd9I2jVLtHhlGVUWwhJ1utw3nurgbUdSuLh2nRrOOFsJVq3wA_skd5iGfaSHqygKZvYDNXgD3CZPx5kiQAmkF8mO5AdzX7ydjwedUCUu1wZIKsXZNteS210cHWzSH_PDR5EcuggSTBM"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 21146636
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5A84 7 KB
1 KB 55ms
55ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9ef8ffad6d013726db4307bdec875c115f92aeaf826791abdb7f2792e3f7cbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j6ITbE45mFjymhF/WDiveQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Mar 2022 01:58:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-j6ITbE45mFjymhF/WDiveQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1109
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame F7D9 8 KB
1 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1648259910&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910340&bpp=2&bdt=292&idt=440&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qbwbxLPJ5D&p=https%3A//mkomsel.com&dtd=455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 01:40:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 01:58:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame F7D9 2 KB
904 B 106ms
57ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:57:38 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame F7D9 19 KB
8 KB 104ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:56:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame F7D9 2 KB
1 KB 64ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:41:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7D9 119 KB
36 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame F7D9 15 KB
6 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:36:05 GMT

GET
H3 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame F7D9 28 KB
12 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 03:20:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F7D9 0
0 90ms
89ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUH17R3M-YqOtH4rCx_AP6-Gs8Aalt8yJadr36d-tD5KBuMPzJRABIOyqmkRgleKQgqAHoAHdy93VAsgBCakCjWBDBidtsj6oAwHIA8sEqgTvAU_Q9jAplYc87CekbYfk0OKeXUsPeTy5B89HJJSlI_vX-F36NqC4uctmNZMQz8u0CFDDDMjA1iLR_VzeRjG-zW6r23jNmv0qyLLupAMci2JciKA3A3_D8_0ItDnTJRkB0BDokYoqRDSD7Qh_S2cI83RuO37lAp2Iof85W6KQTvXJ3bdI_hSna0lLYNaxiavKZZWDaOrtLca2Y9AwPEC349Ec3Ufhn9mFtUBJcwbQjqVASSOab5Q4eBfoutQ2f4R_7sAngoKVahK5iWVeJIEwblnSYZsrYrhbiUXgUTu0huhjB0n3ZmH8ZtKcSAlNj1v3wASWu4XV5wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHi7SiqgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCbywrSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQB0BUBgBcBshccChoIABIUcHViLTU5MzMzNjIzNDY4ODY1NjYYAA&sigh=e9aRMuh7Skw&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=238524979&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1648259910&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910340&bpp=2&bdt=292&idt=440&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qbwbxLPJ5D&p=https%3A//mkomsel.com&dtd=455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 26 Mar 2022 01:58:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 145 KB
51 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/reactive_library_fy2019.js?bust=31065832

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d76403edfa5090dee0c02fe3a123ccf9c70b36234ca3bb6dc1917fd060f88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52587
x-xss-protection: 0
server: cafe
etag: 5380549874833958586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5B23 2 KB
1 KB 57ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yj5zRwAHpYUKe5FOAArk8ssHhr4GWRqLOAxY2Q&u=%7C%2B1lgGC2AtRQgIBQi67AT%2B4ahVAAqGm6Tn4EXKnooe9Y%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfT3LlPWilC1lfUtI_BrZnwO8ndtj3wXDn9_b51OLFTtcHAtH5XX9JqzLufGznh2bRZ45Fon4UoMmMr9rUqMUydQDkhzq4qh6jH6IK7yoSGo335_vkdQshsyNuQ8UvSJ0kgzPw0M5H_zMfHE2_kwIbbZ2nCcuCJmOeYJapV4duvxeYprVSUCGAyyZmURuIFpfCaqNFkEr5Rp_lxabBWnGTrxEp8rZmCryvH2KNzzelvQ-0bEjoSTNxhIEttLejanGX4PzKlq5ZxrUMydV6_ZHbh8oOt95CxbgUuaQmDdAibSM_pcUZ1byIZJJg08GjlNvmXuLNCksXaV3QqQgmdbRzZD6zveUeSqKsDvNYkXfY42Zj4Or4clYWF3U0hh4K32JwxxcEmeU8u9ZhSG-A8YkzBoenreJB_VpUXj40yutjEKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqvEWR3M-YoXLHs6i7gPyyavQCcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE7AFP0CAX5mhCDvEy2WG8_FfI9oEY6p9NGib9JNRQMk6XbUUWDgFNJxWdA8jaEoS4ro9ZLoU3TPrbRMUhgNls6OiqdKAjxuFm1NWF6HBohKyIzw1prhZokmcKTEBzDCo7qe5Mh9_RqbzvIL2ZSQG5F0YBfsta_XETVyefzhLxU_cgGW8MO8wMg77wtIjeM8tFfuxV6ruKcOAmkhieSDZ6iHdnY3BGjgXbvB9qLjxIkLRmgqWPJWICtqsrlON35GhAGd65rVfqmYUt07sPdTxL2f4g7mieKIOBADk7igJ59KCVO_mt8a3xXZEyRCI2YIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2dHlCktGDcZh-H3VWm148KxiFGsA%26client%3Dca-pub-5933362346886566%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5B23 2 KB
1 KB 58ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5B23 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 5B23 507 B
835 B 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 5B23 43 B
349 B 162ms
38ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=cdOon9_jarZdncOBluTGW7awbY2VMg5F0AGs16mxWsx7CgX31xqjHY4NVZpTVfGYX1aRkf5SgHCDYhuMroveJ4IPOs5UGKCOiR9_I5tKH02_XRRmezLmnHKM7-qZzaKA4YuM99iNDnUsDfSE15I9hAULQATWEdRkYKVVOQ5L9egsxwBLdcv4aDMdLUhjnZ8Vp0NNK26opWPCIJ_XM2z9mDxKYBxNNdVVFh3ArhGCxb7k2sEvJ3DFxsYUp83-kqLxrMPAA2e_mi5rN9R4UtojL5jRBJvlpVIDuVqTJPHaahjGfI8LqqM0VKF3xIVsQFx7H7eF3g6UC9GIvWxL2WtLhA7FKSt6hAlxJBZneuv4R3fNnfN0DMe2-LIUtS6S2siOsSH6A3iWL3v8X4ixGkrCarWqtz_sUq1BMPfPL2CYcO1FeHrL0A5kJv2uBb30aGc5KlZ6WA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:32 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 19995571
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4071457188580697868/ Frame F7D9 10 KB
10 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4071457188580697868/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b345c4c853672a5abd0acfd8d7be88176706da6752ccd8ef2d3d74e1a5441074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:57:03 GMT
x-content-type-options: nosniff
age: 363689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10574
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 13:11:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:57:03 GMT

GET
DATA 200
OK truncated
/ Frame F7D9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F7D9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5B23 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame 5A84 51 KB
24 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 17:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 17:18:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame 5A84 361 KB
142 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 21:27:22 GMT

GET
DATA 200
OK truncated
/ Frame 5D6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60af899e7765ca75d6f4a8fda67bc73106a3816b6bce7d90a3fd31ac4b959266

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5B23 73 KB
73 KB 74ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2F8135cf59197a4aaeaf077ce3c95d7012_uranium_banners_1200_628px.jpg&v=3&s=HZbeXGaHiwgEBZbMhh2-H80A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29604893
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 74492
expires: Fri, 03 Mar 2023 17:33:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5B23 11 KB
11 KB 111ms
52ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2Ffab7ecdb83454ac8bef590f953ff843d_an-logo-green.png&v=3&w=2396&s=OZcl7RubOsoJEKeV_z2yVquI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29604560
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11390
expires: Fri, 03 Mar 2023 17:27:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5B23 0
128 B 65ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=YykhO4o4rEYb-AdTGZOkYER0y9czEMu6N92vl5PtYPzGW7-hwoVaslBRx7GA27N4bHbfzZj35j4f6T0_vE-4AWCZA-_KKSoymU89cnGCvZP974zCCZf9JNXg2xBqhWUabf9Zwnd9I2jVLtHhlGVUWwhJ1utw3nurgbUdSuLh2nRrOOFsJVq3wA_skd5iGfaSHqygKZvYDNXgD3CZPx5kiQAmkF8mO5AdzX7ydjwedUCUu1wZIKsXZNteS210cHWzSH_PDR5EcuggSTBM&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Mar 2022 01:58:32 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5B23 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5B23 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 96ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 97ms
49ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/ Frame 4985 10 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 25 Mar 2022 14:54:33 GMT
expires: Fri, 08 Apr 2022 14:54:33 GMT
cache-control: public, max-age=1209600
age: 39839
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/ Frame 181D 10 KB
4 KB 46ms
43ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 25 Mar 2022 14:54:33 GMT
expires: Fri, 08 Apr 2022 14:54:33 GMT
cache-control: public, max-age=1209600
age: 39839
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F7D9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fa6bc24867efad75d5b13f55462f378808975ae603be2069365649f58f64be0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D59A 0
0 186ms
80ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8bL0jg0pL_N0a8li22Aq95Dvm5JFqaIei8rdDu82PY7qlrQ3CODtqXj6Ctar20JVLr3ZgsD6i-tQEjeZcqkT5cS1KOtBKe3u2oZciRPClXuIdTZ-4FKVOX7CtcQ8AHtkhV_n3AoCEVlKqxindD5jrXheuuoN3-4917pVpJ9KjHycSWxqjD1AQj4Z33GVtw3kBAOZM7_yM7Inn62thknRbWCAFHuuOtsxSacwH662zmU5tYnjx5mRdx5_-Jog5sKXFt_Qv8BhrWebqZgIurPui-uwHmX9oUUczglKue-U3WNQMy7nBKoaUTVWpn5P1OyEMNDA3RY8E4w_YNcj5gYxG94zwM6bo2GtoDbOBGnL0i5I9pWvhOuj4VnliOuHcdHjfGQ_DC9MIAEgus0sSOfcXxmBTnOGykfXCY8BfTTVentiK0spE7Z0zCJSfSOOEsC9jRVQQ6EFvQgJ2RILd_6csKro1o5WduSmzEL5SNdtSSJRYBbBL8nvf1Wc87OOcnaVXhMwF6kQk5_auubbx_YAlEYrmPPaOdw9dYDmtSRDcf5SuzlUwVLlyR1CjtMHJ7-iZL0e63wMgTxQkx2sx19ulGfQ9DMrGlzWPDOBBQHqa2hHcW-jfg2401RBKNmwFugc4xt2rrlyKsn2dtnRMe0oLlH27BCT_AHyt_gdh1rPXZWx14ywYgNArDSRhujCIFSQ2cmBHOt87NKqJTq5uHCiq7XLoSSsCpQOp2d5MRc9-eo1Dl-0CP4iJ7dzxdCbKIMqRROjt1dW5wUryOzl7BQOAbAk6jPT1-l-shxLGzIGHSn0d2E4O9Bmhbygk_YI0EBfTu-H7eX1Hv_MQW4onCaXhGJL8nCmQLgyzddtqOZl0Uqoi8AeAWFaWH91xABBNdSDUtPsAEG58LgYh2Pn79cXc6vmfgmp9D6esVOwzsn_dPVefgzfbN8pSPs0_K_92GwmC-_NxWxjoD9RbtNkd81x9Gd3dHJ5O3lzyrWKbM0DrVNEMw187TjGZCZ5Lx9IqYSCWil2DU53kPR0&sai=AMfl-YQdcWL96o9WQmM8oL7Q7_K8Vw8-HiXeCwX09Q9ntmzL86Q6CKw7VBf34Q&sig=Cg0ArKJSzCVNoUPRAaDWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 26 Mar 2022 01:58:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D59A 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame D59A 32 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a832c4111e0b3790c12bbeffd2ab3edce59cb14106de52e2b080062e3e78f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 22:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 4486095307292073227
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Apr 2022 22:20:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame D59A 2 KB
1 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:41:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame D59A 15 KB
6 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:36:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D59A 119 KB
36 KB 96ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame D59A 19 KB
8 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:56:20 GMT

GET
H2 200 15448510939693400268
s0.2mdn.net/simgad/ Frame D59A 17 KB
18 KB 166ms
39ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15448510939693400268

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1648259910&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648259910342&bpp=2&bdt=294&idt=459&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=5227603444517&frm=20&pv=1&ga_vid=2002031068.1648259911&ga_sid=1648259911&ga_hid=1228589461&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065832%2C44760495%2C31061828%2C31060032%2C31065550&oid=2&pvsid=1296271816166101&pem=875&tmod=1208735715&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Q1hqQWhw7h&p=https%3A//mkomsel.com&dtd=467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0af5c4eec37a645321c2ef51c7b9b24d948a822d9882a2f84ccb5a9fb1a22df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:03:01 GMT
x-content-type-options: nosniff
age: 240931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17397
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 07:03:01 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame F7D9 28 KB
28 KB 90ms
43ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 270710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:46:42 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 4985 4 KB
634 B 97ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 00:49:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 01:58:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4985 205 B
229 B 44ms
43ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 19436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Mar 2023 20:34:36 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4985 604 B
628 B 44ms
43ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 00:28:16 GMT
x-content-type-options: nosniff
age: 5416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Mar 2023 00:28:16 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 4985 19 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8226
x-xss-protection: 0
server: cafe
etag: 11792478805792993122
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:08:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 181D 0
0 83ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClgbZR3M-Yu7XHsjF-gbPtofoCsme0rFctZjj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE5AFP0JTcYjkO0YRJ6XwXgQd-GVcWq5oq5SjoNUtFMtvzYYR2udyPrb72EjbzJNz9IuqTJ5u7o0cKLUXZqvSxOTFEtmrfYRnqe8UKkJPYA8GuQD6sW-jTP_SXS7_LgWZF7yjuPbdeKXrmVQiZMDJpbitflJ0QUXeJ9Da4rbb1KEWZJN92EVatSOO5ZiUTvvXfBo-luFVM3LW2FknRMPJQDkijxQ9iyaCEBTW9YlMTZeG3eifFcoT2CPwDAQ5Padi2clUM8CFLeiBJRA7c-XY1DYP9XTwDSiyRPzUSJl7Qg1-OfixWv0WABpqUjfnVkoTTvwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTMzMzYyMzQ2ODg2NTY2GAA&sigh=slYoaRWIuD0&uach_m=[UACH]&cid=CAQSGwCNIrLMhlVZsqCtkeAE0l_8PfIIG75lxYy_eRgB

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 26 Mar 2022 01:58:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 181D 0
0 18ms
17ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKzDEsz6RO0HfJ2DYgICAAAALl6IzFZz1RUQRnM-YvY6uZ6NX5Z-53rqABI&wp=Yj5zRwAHq-4K3qLIAAHbT3z3bX6fnYC-Tj8VRQ

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 273413
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3F58 120 KB
42 KB 41ms
40ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yj5zRwAHq-4K3qLIAAHbT3z3bX6fnYC-Tj8VRQ&u=%7C%2B1lgGC2AtRSmiVmhfa%2BUGNb87xkGBMTGGmgP2HPV4%2Bc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfT3LlPWilC1lfUtI_BrZnwA4SJz8qKbOJFXishzca-KHRkTJH3wmadDWXOgT0AdCOAT0pkJOIhBFiks5KbJhjsabmR4AaAjOPtLWb7ZcA7SshRs5Jxqhoz14yW4JhyH-rTsQqvnIIjw7wZVBGh_0O84WcikQFa1iBXOZegXXjr_xC2gC2f-M4Jh2Qa1-8CPwnd0WnANJDkzlvsvE14F0NUgc6VRiiRPZxkiT3lwfvjplGt1syOVsUwvrMXCeW-ezO_LzPHJiZnP5dmoL1HX3di1DfGZk1rOVKgjplc3jR_CaT13QV8rCrDGHe4oJOVGI48c0ky4Tswf_MsIuucNz9v3UGwFEB_qvGt_OWDHztsF7deyfWSUdggQ9nyk2y5-KV5Tl0e7L04Ojxf1v5EwyUkRiSy7xZxXNA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAKe9R3M-Yu7XHsjF-gbPtofoCsme0rFctZjj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE5wFP0JTcYjkO0YRJ6XwXgQd-GVcWq5oq5SjoNUtFMtvzYYR2udyPrb72EjbzJNz9IuqTJ5u7o0cKLUXZqvSxOTFEtmrfYRnqe8UKkJPYA8GuQD6sW-jTP_SXS7_LgWZF7yjuPbdeKXrmVQiZMDJpbitflJ0QUXeJ9Da4rbb1KEWZJN92EVatSOO5ZiUTvvXfBo-luFVM3LW2FknRMPJQDkijxQ9iyaCEBTW9YlMTZeG3eifFcoT2CPwDAQ5Padi2MFctYqbE5jP22Bp_KUuT9YrpV4oJZDQTi_0vgKxvnXOW-4bSrPqzsVKABpqUjfnVkoTTvwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22MRdYamB7vmWmSaEGBL7zU-cBBw%26client%3Dca-pub-5933362346886566%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bcaf3470fe19396df55cd1a83b5ac1e2a33aba8cb8875b3a18b28f4022e7ba40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kU_1Doo4rEYb-AdTGzhWmLSmYf5rbOUyCQjgQL9mr7bBjqtJkhbDoFON-k1NL9g0kjfn-hw1Vv5JsVnGUyOyaLMq33_94BTgLi9ONyXSylynuxU_EqgoMp0r9sETxFsJfAOhrodmZOKKzsHe6uNLpNGrwB-mEnpmgCAkoNBMA6wiN5fcLwhZ7lbTBUon_jfgfdsTR5QuFmiXXWPaZ9BYPuWRY0So-wVQ-r19vE2Mtu-t24fKQPCxBMMVXN4OCCLGprz_xQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 22514761
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 181D 2 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:41:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 181D 15 KB
6 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:36:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 181D 119 KB
36 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 009E 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 145444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D59A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 029655d02a17be59d3ee3d46b34d34b61239b53c56681a9f96cb845db811e4f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3F58 2 KB
1 KB 20ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yj5zRwAHq-4K3qLIAAHbT3z3bX6fnYC-Tj8VRQ&u=%7C%2B1lgGC2AtRSmiVmhfa%2BUGNb87xkGBMTGGmgP2HPV4%2Bc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfT3LlPWilC1lfUtI_BrZnwA4SJz8qKbOJFXishzca-KHRkTJH3wmadDWXOgT0AdCOAT0pkJOIhBFiks5KbJhjsabmR4AaAjOPtLWb7ZcA7SshRs5Jxqhoz14yW4JhyH-rTsQqvnIIjw7wZVBGh_0O84WcikQFa1iBXOZegXXjr_xC2gC2f-M4Jh2Qa1-8CPwnd0WnANJDkzlvsvE14F0NUgc6VRiiRPZxkiT3lwfvjplGt1syOVsUwvrMXCeW-ezO_LzPHJiZnP5dmoL1HX3di1DfGZk1rOVKgjplc3jR_CaT13QV8rCrDGHe4oJOVGI48c0ky4Tswf_MsIuucNz9v3UGwFEB_qvGt_OWDHztsF7deyfWSUdggQ9nyk2y5-KV5Tl0e7L04Ojxf1v5EwyUkRiSy7xZxXNA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAKe9R3M-Yu7XHsjF-gbPtofoCsme0rFctZjj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MzMzNjIzNDY4ODY1NjagAdW20uoDyAEJqQKNYEMGJ22yPqgDAaoE5wFP0JTcYjkO0YRJ6XwXgQd-GVcWq5oq5SjoNUtFMtvzYYR2udyPrb72EjbzJNz9IuqTJ5u7o0cKLUXZqvSxOTFEtmrfYRnqe8UKkJPYA8GuQD6sW-jTP_SXS7_LgWZF7yjuPbdeKXrmVQiZMDJpbitflJ0QUXeJ9Da4rbb1KEWZJN92EVatSOO5ZiUTvvXfBo-luFVM3LW2FknRMPJQDkijxQ9iyaCEBTW9YlMTZeG3eifFcoT2CPwDAQ5Padi2MFctYqbE5jP22Bp_KUuT9YrpV4oJZDQTi_0vgKxvnXOW-4bSrPqzsVKABpqUjfnVkoTTvwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22MRdYamB7vmWmSaEGBL7zU-cBBw%26client%3Dca-pub-5933362346886566%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3F58 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3F58 308 B
636 B 16ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 3F58 507 B
835 B 25ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 3F58 43 B
347 B 20ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=tsxl1aj-_nUTPhwtB1-SiGYmvmumoZSYalx6VhDLWm3qo_JgoHYhPQrpG2HT5mDkiI3jZklCwGHhTt7DFBV_sTJbNr36TGCOMDBae9aPQSz70vKjnNfUX8OsSVe3TIzGBVyMJ_FkOOZVB3pO_39lFT0o0lzHPCVgQWZgCYQRowTyGG49ccAzvG8n-y21N8HAjuxXRI-a036ch8kLVBOnMfS4diWBKWCt2QKfG1vS2UyhMgIHRBvB0iPobUKWyX7ZRrdDtcXx_vAOXtF278sTPW4b7mqUGKFm1G14MZuoGrj6x4HcrtfIAG1WRG5tVNbEDeDUEXBF8B1ebsH5G6dgqD8X_kZANF4vmT4h88hAGiLtvlugt28YZxhYSg6PM9YnatAFnUlxBAfZanODfYy8fENmL4_xLXTQVwGwyLhStg2QIGcZCmyiT2156KarMxHurwjPsA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:31 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3852490
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame E16C 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 12:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 12:47:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3F58 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
DATA 200
OK truncated
/ Frame 181D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62b9bcbeade5704d3203f27097b8080c9b13a89742e4d5246ad046acdece3338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3F58 73 KB
73 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29604893
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 74492
expires: Fri, 03 Mar 2023 17:33:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3F58 11 KB
11 KB 24ms
24ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2Ffab7ecdb83454ac8bef590f953ff843d_an-logo-green.png&v=3&w=2006&s=FXaOYEou_EGo77QKis9ZgFlW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29604560
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11390
expires: Fri, 03 Mar 2023 17:27:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3F58 0
127 B 17ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=kU_1Doo4rEYb-AdTGzhWmLSmYf5rbOUyCQjgQL9mr7bBjqtJkhbDoFON-k1NL9g0kjfn-hw1Vv5JsVnGUyOyaLMq33_94BTgLi9ONyXSylynuxU_EqgoMp0r9sETxFsJfAOhrodmZOKKzsHe6uNLpNGrwB-mEnpmgCAkoNBMA6wiN5fcLwhZ7lbTBUon_jfgfdsTR5QuFmiXXWPaZ9BYPuWRY0So-wVQ-r19vE2Mtu-t24fKQPCxBMMVXN4OCCLGprz_xQ&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Mar 2022 01:58:32 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3F58 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3F58 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Mar 2023 01:58:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B07 8 KB
892 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 00:06:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 01:58:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1B07 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:57:38 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 1B07 19 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:56:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1B07 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:41:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1B07 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 01:36:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B07 119 KB
36 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 01:58:32 GMT

GET
H3 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame 1B07 28 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 03:20:34 GMT

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame 009E 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 12:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 12:47:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9329 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sat, 26 Mar 2022 01:06:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 9439
Redirect Chain

https://web.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%...
https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%...
https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkom...
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkom...

145 KB
33 KB

143ms
142ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=53f3835f6f9b2fd0fad8782f7002fdd8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4767edd7f78957d967010ba1972dbf51163ef4ecf8586428479b2333efd252c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: NS0SBE1LpJ12sVU6EORgqt670z5M80cQpLNPlCP37fdcwIN/UA+Ta0R5dUZgJ+HRk6HdPw52S82oir1qnScMwg==
date: Sat, 26 Mar 2022 01:58:33 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: GQ4spYJd4bZWtt6lXay2Ulrz0h9ZQXqY10x56DU7kGapi+O2E2CrAsUg6pIJVoS7M7q2kZLZ6qDaUat5+sefTA==
content-length: 0
date: Sat, 26 Mar 2022 01:58:33 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 123ms
50ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eca478180950074f516a7d6b69e0533e3f0eecec4b298e57810e469f1231bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10614
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9329
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 26 Mar 2022 01:58:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Mar 2022 01:58:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 26 Mar 2022 01:58:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame AF41 35 KB
13 KB 54ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/nYxm3AVhOgDZh0x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 12:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 12:47:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 01:58:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 009E 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3kvtR3M-YvrMHrOax_APmP6ssA4AAAAAOAHgBAI&bg=!b2ylbCjNAAbzJazn0yU7ACkAdvg8Wv5uJe8kHrDrllq4yYniAK-XfqWQcHA4zLxU86na54k83fgWOwIAAAFUUgAAAAJoAQcKADBIPpFS-TkTMvCIBNGAk2O5fB0t7fK4pEo0ltwnVfIJR6YM9DbVLNFu_kVDxZTxs2aZAwyxy_FBvw2uwod9mJhIvCTQfMcxBKm0L_RkTlC4zy2JYA1O9dE907-lMRgc54Tu4xLI5rOMEiU4FpRtN2g39H93NTvyKrH5kNjOqg_jcftFKyRvpJjVmJWpBs03Tnnrc3wtcbxvxLKabLKFXd8c-uiphSnpJU5hnN-zQtqcIcnG5NjoTqHI_U89tk-xj13Vm2HrpwrITJaGUq7Ff8UFiK06Kx8oWLyqRFijrMu0NgZ5RzVQuOds0tqVL9Lnl7hvNnXmPIUfgd7r4UotnOaI5EPCg3sfeFKbmh5JwcWXadwNp198pYQbtKCf0wZe_2jpeX4_oQ2L1puzFADBtmFgG_OLY2ZOme26toZOeiv97HPcYPgoJG_FSt-frgvNRkUJEfZn_7BwX5z0ybg9PbMjI51ntTxYXhs-YEHprLSKoEKelxho2YwFzZi-eZOqifJTTjqLlEPlJ3HitFDn8ICnPUQ8zJOgp9SnixXZxQm-w9-y1BPgFqwBcrfEpwc4BR1letM8CV7XScQevnXoRUXITQn9QK3ylDmfbYhtzivRDnWIVubEUrvJim14iAWs5pdsLxat30fcJlpVIyH8vkRHWLgs84HuUrD33eibj1rn8Gb1Il9cJnru0hhA2whnA-VXOz3B9nQgicEPnpu3OYPvSgjyPh2joEle3a-G4_FWRnaHij6zrsLnp48IXYb31R0lsaJ3yHk1HEQRn3Zil_A8kuF_lc3LFP0Mzt22FX1OhsuF8MkQo1IlBV7sQQ-mqqrgA3R2E0g7i-jw5jCNWH6O679e8TJ9V3aPVQH_yhcWcntOu67n7BOcc9DJfw7svYzCtRnkXwtqOfwxL8q8nDWeVF7Uoqt3YmuDZSWLPA2FlEbYUA1tCCEusCuk56kg4mLGDLdPcjKiQEWTaJdUOmI-6Ksr26wCaPI8arsAYF6Nh57Ume7ZwSVz5_j8q8buQAJ5sG-AVRfPXTq6mBSqEoRpUl6Jg2nONbox-qcIKm5OIOeHWL8Xo0lXzQd9krIBSM4RtJuMYL72xeywuyV760U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65DE 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Mar 2022 17:41:57 GMT
expires: Sat, 25 Mar 2023 17:41:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 29796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2548 783 B
534 B 52ms
50ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d41680eea1adb45e65db92b3732a18c97c7a5ddeabd05061f18b503a2e2556b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V1Msd3hhwRTNMPp322Ihuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 26 Mar 2022 01:58:33 GMT
date: Sat, 26 Mar 2022 01:58:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-V1Msd3hhwRTNMPp322Ihuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D6E 42 B
64 B 72ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssawS1yo_hKCI943CcNGzIHKVOh7i1iMe5x89jhQPg13s0sgTwijZbD2ucS9Sr9GdbuBuqwAVZahbzvmKmLOq-Nw&sig=Cg0ArKJSzKsuwpnU5KOrEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=0.49&if=1&vu=1&app=0&itpl=20&adk=1855931090&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648259910818&rpt=687&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame 65DE 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 12:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 12:47:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2548 0
0 53ms
52ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=1296271816166101&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 9439 705 B
667 B 20ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

879d96944105ff807c48acdce8eeb7ded4a833589428eebcf05853b990500c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vpP90KyLmQdtTXYLZU0Jjg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 378
x-fb-rlafr: 0
x-fb-debug: LvfgGwC/ser5bl9fcBpCUj9k9CH5UPVUPzucNNR8Y8ZuO+RiyQWxGgYGxHx+QqA8S4zeScPCTylpL7/KhI5CFg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Mar 2023 19:41:06 GMT

GET
H2 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 9439 125 KB
20 KB 19ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DaMRuE+YoIxDIzGIPbrOjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20378
x-fb-rlafr: 0
x-fb-debug: QEoXAtF2ohYbztFaz9QbiKlL2QMc3VOAS1tgnUCqEGGsPxgkwbbH4RnlhhuYJCdrLhShjUZwtyDkVzPMxAwzLQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 15 Mar 2023 09:47:18 GMT

GET
H2 200 _RlnFb6YbRm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 9439 307 KB
83 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/_RlnFb6YbRm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c376014be979d78b7b6a1cb77ceeb4dc39d4762316be13e286ab9627453a01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Wz0fUq1S0PlSuxLp4IT46A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84480
x-fb-rlafr: 0
x-fb-debug: AJ8isJIvq5d3NPbQBucLCVbs4utpEPQQ6sAJdzQGtWn/z75r6f7CU8eqU6+3yxE0ChGjMV074O8xGRjb+mccLw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Mar 2023 19:29:42 GMT

GET
H2 200 rIfYRbts4s3.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yw/l/en_US/ Frame 9439 156 KB
44 KB 32ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yw/l/en_US/rIfYRbts4s3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d85b1a1d64df4864283faebc3d00199666fff929a209f741e6b318a9448cb032

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h718P4tWKs7xuy9XOz6+7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44426
x-fb-rlafr: 0
x-fb-debug: /fsXr4EK1pHP8YzDYdK5+kN1a2hl1pjuTPF93y1xJbbn2loNGKcP6nkkDdmafmnkyWhc09mJOcuY4ouT4D4zYQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 24 Mar 2023 19:34:05 GMT

GET
H2 200 DPU9FVzFqgx.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yw/l/en_US/ Frame 9439 1 MB
333 KB 31ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yw/l/en_US/DPU9FVzFqgx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ae7502d8919d352606b9493afb95f83b9c6a84253791be6de3e6704c69211a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ac7u3WWJP1bkVqVKpvf16g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 340512
x-fb-rlafr: 0
x-fb-debug: msdgpZWFaDgfvBfl3tXOIifNwT96ORRTV6JWuVBA6b9ts9calfFdK+TVbHh2hEIKjRT1DWHTKSuAHoZBHupZRg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 25 Mar 2023 15:56:37 GMT

GET
H2 200 rAHOJhbbO5R.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9439 36 KB
11 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/rAHOJhbbO5R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe5e4ee79f114a995689f21597a04b4f7672d8b8cfe525bd4e40461a800ac816

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JgVrEK0E6kYcgKQoGavuRw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 11301
x-fb-rlafr: 0
x-fb-debug: /nz1HRSeBdzvf6jPe6pLm0r2JnksNz+jhY+HJ4UQFAxtRtjFVAPI1hatode01tujSjhou7q5+EmfKftN4Nj2Sw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Mar 2023 15:26:39 GMT

GET
H2 200 jFADBD6dLLg.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/y5/l/en_US/ Frame 9439 41 KB
12 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/y5/l/en_US/jFADBD6dLLg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

127afd5d44cda999547cc478804305c788a40f24910debffedff269740591543

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: C1XSG19xHpfoR572Q2c9KA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12322
x-fb-rlafr: 0
x-fb-debug: IVHZnYheTDGpKEABYaHmcHi+uIp73v9dWXyoKFCbdWo8PI8jo/yE5lQmO+cJRpR+20P7dchFpd1Tq4dcGqlmyg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 26 Mar 2023 00:59:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 65DE 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CZrINA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9439 251 KB
251 KB 17ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: 7fNP3+FxSit2co2v2rQJUVHESYPyJE5LHrQtDluqqbmP7krHxrZ30brOLAQVY4pbZ3+Yn06ptn+YsDrOzNEkxg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Mar 2023 15:54:37 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 9439 1 KB
1 KB 12ms
12ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: FwiRObiN+CTzaq3j/wsATYwXuDM7wQnZ+NOIdTOLDojmAi1imKG9XGWL1CBDgHZMlpTrgN2nVipAtYni17/BSw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Mar 2023 15:55:27 GMT

GET
H2 200 89237274_199401321407673_1914957069237092352_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.6435-1/ Frame 9439 1 KB
1 KB 56ms
16ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.6435-1/89237274_199401321407673_1914957069237092352_n.jpg?stp=c0.6.48.48a_cp0_dst-jpg_p48x48&_nc_cat=102&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=lCzduEurfq0AX-xSGkA&_nc_ht=scontent-amt2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_so0QuVOXtsIuY24x_WukF8_x-kdCSwzeEBHIMWUdvVQ&oe=62639BE7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c110817a7ee3e46a2597fb06e3c510b9c341cc0b75f6c8d9304eed3ecfcd439a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2372678107
date: Sat, 26 Mar 2022 01:58:33 GMT
x-fb-trip-id: 1709462857
last-modified: Wed, 04 Mar 2020 09:37:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2349701980
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1274452765
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1329

GET
H2 200 271729580_1634202806919771_3452141047080319182_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9439 2 KB
2 KB 56ms
15ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t39.30808-1/271729580_1634202806919771_3452141047080319182_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=wV3DXvhsrmQAX8ec5yi&_nc_ht=scontent-amt2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8cBDwdBYBOGa9Rry2CCv7A8fVqTyIrmW71ag_hFNylQw&oe=62441FF8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 85ca972b26fbec358dca1effe783a45a45cea9f64307a6b10a1f234f72595d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 557288316
date: Sat, 26 Mar 2022 01:58:33 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 10 Jan 2022 16:24:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2711224702
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2249446989
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1568

GET
H2 200 84241059_189132118950875_4138507100605120512_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.30497-1/ Frame 9439 943 B
1 KB 55ms
15ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.30497-1/84241059_189132118950875_4138507100605120512_n.jpg?stp=c14.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=1&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=dOHsnNjbLAQAX-yRXMq&_nc_ht=scontent-amt2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8ap_svderhyvDAEQDyqlvPH2_HGLHmssP6dXgowAOeCQ&oe=6263D911
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2005931516
date: Sat, 26 Mar 2022 01:58:33 GMT
x-fb-trip-id: 1709462857
last-modified: Thu, 30 Jan 2020 18:41:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3648183006
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3771084146
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 943

GET
H2 200 275001332_633800434579711_4048608677718661658_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9439 1 KB
2 KB 55ms
15ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/275001332_633800434579711_4048608677718661658_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=108&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=XUI-qE1mFTUAX_ZfDzK&_nc_oc=AQlvqbdyBNpkMVeFpvJ5iL70dYQWsznsZufTseyPvaeW4lGAgOTlQwGDa3jW4eDt_s-pSUHXgD8RFLWqA6JkuL_l&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT836i_MGE5KIG3C2D4LYkSlvETtb0zrw_AdkyaJLO0pEg&oe=6243B179
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5f39e147d7927d205cd3bd1c5d8eee7b567e9c1712c8d8e8177ed1a6ab789a6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2587661278
date: Sat, 26 Mar 2022 01:58:33 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 28 Feb 2022 07:13:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=114670001
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2045543918
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1388

GET
H2 200 128344986_375597040380730_8087103139144296435_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.6435-1/ Frame 9439 2 KB
2 KB 56ms
16ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.6435-1/128344986_375597040380730_8087103139144296435_n.jpg?stp=c28.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=6iB3mhKuSRUAX_YlZka&_nc_ht=scontent-amt2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9vhBQf_sOM6Vf6nO6vTIay9pimgVXlMJtd7JXd1C-hzA&oe=62625C63
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 45abc56fe26e7947671e5f0888560970bee2253ec99cd8cc6e0162044448f99d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 4091251478
date: Sat, 26 Mar 2022 01:58:33 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 30 Nov 2020 03:53:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2318737400
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 152247721
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1599

GET
H2 200 84628273_176159830277856_972693363922829312_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.30497-1/ Frame 9439 933 B
1 KB 56ms
16ms Image
image/jpeg 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-amt2-1.xx.fbcdn.net/v/t1.30497-1/84628273_176159830277856_972693363922829312_n.jpg?stp=c14.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=1&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=BPeFdOTjXCEAX97Cjvg&_nc_ht=scontent-amt2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-4eyruGxT-v3C3LUBUISP5YWRBm9cXL0I5xgk9qajALw&oe=62658619
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217a6fad1c7e14%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ffa4e49b885c7c%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FnYxm3AVhOgDZh0x&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 70fb525a16e78790077d0aea043d7ce48c787ad971d99262ea9b19737ac70f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Sat, 26 Mar 2022 01:58:33 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=582736489
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 933

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7D9 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszZ09SZ6huudDDBmT9NhCjn0jaBJDY_D5lFi6cQxW9oos5_8B37BYspCsHidrWmoyfwolbcoWm_5TCq0fVpjS5FSPdBoWanVemhctQ4Kx66bj8YyA4DQ&sai=AMfl-YTT2OSqFxEdhbBvkyo0BNny6jslD1FNA7WF1CMe07dvWaKrBRpkDzC9kmKLZPGWl9LwM9besWsDwpLv&sig=Cg0ArKJSzHWddUVumyQNEAE&id=lidar2&mcvt=1088&p=0,0,135,539&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1847874569&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648259910797&rpt=1080&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D59A 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbNpQrDPcpJZq9EX8Eaizc0XZttFmxL_iVb7dlnJOzQQJv9L_V11QlUNhy_3sTzoabNsC7oCnAtdE2uQuMqufPK-PnV16Sz2ZXUP-L1Ik9ZD7QWZrkE9JFVOyviWLT9bb9-uZBQeGQRBFKNz24ZaLfOnv7TLCzc1f3_LHD3zWwlw&sai=AMfl-YSDHE-T3Yf6CseU70jkHq1Zz9Q70WT01134bf_p4zo_Gf8PMC-Rkw8UMFsiO4J6kdNr2lIUDJAxp3up&sig=Cg0ArKJSzEROzZHnc6LDEAE&id=lidar2&mcvt=1023&p=0,0,280,336&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3675393043&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648259911676&rpt=256&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 181D 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyGN8IRVHmwDnf2BR8EoZ4iTOkoSjngLPOSDl7_YWqYXuMvrRfiF54BDiggMMgqVE12wAEV8V0Xu3bRbHrUCQ7AA&sig=Cg0ArKJSzIOEm08vy2UeEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=45,751,1001,1067,1067&tos=45,706,250,66,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648259911660&rpt=292&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 01:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220323&jk=1296271816166101&bg=!KyilKGzNAAbzJazn0yU7ACkAdvg8Whmn5lbYotfpCviDGEu21zN09d0h9Tq9YQbx_Fnj5_YjYkGWsAIAAACQUgAAAAJoAQeZAr7bLnPmUGQV6noGPaomXD49Ds_ih_Qa90BtB0fxIn0J1EHvtOCJgtAk3bwCzdAC39qvYYUjupJyittPtjNTx68IxscW3KfiYlNSgs-uzOJ3XUCmHg5YlmdK03xjW7c1l8LhDO-3mbYyq618pWL1Z1M1QTxpl_MLTqR8f9jIoAaOaRCNvm3mpj791iVB0s25s_kmP66taptEpbUwATsFHPj6o11gzPEppE3tnwLRnvjST6Pu63-Ejq5CRUUOKB7KRfkfP3LSeRtDXaO7td1h9qLCr_OvgjJm58Rg8gOUozkY7rv-ss6OI24IUOIsEKf3igeliBqp9xvXPSBz3GuCofhuDzAJoR6XjcEVLHxkRLuhQScxayjXowaWRcyCkh5U_T7zp4zNdJC955pOdaaMlsLPAeRwjrEYlYjg6JSTmt4YTX5Mo76wyodbVJNAa8jtam4RXRBYwWgCI8duoo3LxjDaxUstZ2AQM2wRKC0xLfmra4AHFmQb2eNiSJ93Bc0udMcIpFEm7nJ243oCi9_ePB89pt7pFHhdCA8QtLm_-Z90Ui6EZpAH6c9fQ4FLdISJtjBeF2Qhx-k6eklJEJwBgQWfLvyDZFY0cXxJhhaMyolB8TnabX8IKGazieJrTr8Ilsh3ma_7smmmbqbGCtigEq17gKAANcrL2teK6vCqQNM-h7-9SUTIK-ElpHspKYU8mjEagt9V4Qa8AgpBz22O3JMfq6pgx_UUWtKT2pj6wXj3yoJEwPRFMnoihH9lAi9w3Yg5SvqT5UnTrkGZEyuulVff5KUeEHT19BvClAZe6PWmPdssRiev6fnunc_Yy5hht_PmnaLLCPZ1G3IAng4I3_f-nlMjw0Q7LuHIO17I_8aHt8h8KKPE2dqf7alZOwdsKABbSKnBaM1jgdDmuvuepRMv9Scj04EyEgqv3BDvGLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3F58 73 KB
73 KB 16ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 01:58:33 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29604891
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 74492
expires: Fri, 03 Mar 2023 17:33:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3F58 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Mar 2022 01:58:34 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safefileku.com/	1970-01-20 01:51:07	Name: XSRF-TOKEN Value: eyJpdiI6IjluU1A1Ry9NMEN3b1pva1ZQU3JseHc9PSIsInZhbHVlIjoiTnI1a0l5dGFhbVg0ZjVQOVZpNUloMG1uU0toVHF3TFF4eUwvdzBPdDNCWFRuYnFURkRRS2xjUXpDL203WEpRcitrUFZ5YVRETzQ2aWYzdERuWWJ4TGdTZnBTREgvRm53c05iQnk5NjhhaFlnWkdiaHhCU3NDMGxkZS9OdWZrMCsiLCJtYWMiOiI4YjQ2NDQwNDI2MDI1NmU5YWVkNjRkZDljMjczYTg1ZGY3MmQwNzYyMGFkYzYyOWE2NTAzODYyY2RmNWM0NDM4IiwidGFnIjoiIn0%3D
safefileku.com/	1970-01-20 01:51:07	Name: safefileku_session Value: eyJpdiI6ImNudnJDMVoyV2NUejhMZ3R3UWRNYmc9PSIsInZhbHVlIjoid3k5RmRXYkRKZUJ1RDY5Z3htYXk1elV3T3lpZE16azE4SFZXbjFWN1NLOFBnY2lYWGxyb1lCQ0s3cUxiZlZlQmhrN1paN3g3YUVZbUhLR0dXWWdDcFo3aUxiTU1KRlNPSkZiSnJuN1dvLzhFUUJBREpMbU5mZ2p3dHRxbkY4dm8iLCJtYWMiOiI3OTJkOWEzYjdlODkwODRjMDUyNTgyMDYzNjU5OTRjMDVhN2FiMzU3ODNlNTg1ZTRhMGM2NGM0YTgwZjAzM2MyIiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 01:52:26	Name: visitor Value: eyJpdiI6IkRSN2xQSm9HanZrdE1wZnlaL2dDbmc9PSIsInZhbHVlIjoiaGVTdlR1V0ZFQUxINGdsRjZ0YkxyUlJ6NVhSNGx2N21oNE44dFNQNzhpRnBWTmRzUDBnVkxMdForempqNzZWZiIsIm1hYyI6IjY5OTExMmNjMmViZTFiYzljZDJkY2Y2NmRmMjgzNGFhMzlkYjM3YTNmNzY1YzU5OTA1Zjk0MGQxMjAxYWExZDciLCJ0YWciOiIifQ%3D%3D
mkomsel.com/	1970-01-20 01:51:07	Name: XSRF-TOKEN Value: eyJpdiI6IkkzN00zNkJkWUYyOGdyK3dJV3A3YUE9PSIsInZhbHVlIjoiSTZXcGlKbncrcVg4cmNUejhMRzJQNXh5RWZZRmlRdmtaRkRDTVZla2tuandTMFhVZEZTMVJJWFF1VW5FQmE4ZThlM1BxZllCSktFL3VwSkVjb1NRVk9lUVhWRzJMRTczd0hLckNqc01yR1pWQUgrcUhWcGh5OXhHV1E5ZjFEYzEiLCJtYWMiOiJhNThmZGUzZTQ2YjRlYjY0MGE4OTFlZTZjNTI0NmM2OGRjZTM2NWZlNTQ5MTNlMGI3YTQ2OGI2ZDZhNGVkNmMwIiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 01:51:07	Name: safefileku_session Value: eyJpdiI6IjBiVEd3REdNT2tOVFBOb1B0b3hSY0E9PSIsInZhbHVlIjoiK1M0cUpkVHlQcUx2Ujh2RFBvMllPL2lqSGZOZjVEbTRuLzFJTm5jVUljVHcvU2RuUkx6YmQzZGpzSGpydDEyQ1IyWXJQb2lGc2ppTk5zQTk0bDJqeS83TWtzbzZ5ZkFiYVlyNmRPLzRuYTNwenUxWm8yWTF3NGRNVXl4TTB1dFEiLCJtYWMiOiI0ODNlMzFhOTJhODZiZTgzYjExN2YyNTVmNTU0OTcyYmE0ODMxZDMwMGM0NjczMWY4OGYxNmVlZjQyMDMwMTJmIiwidGFnIjoiIn0%3D
.mkomsel.com/	1970-01-20 01:51:01	Name: __cf_bm Value: lKSreBc66mFzNE2_zHo2VGVrovMeLkDHXMtO4srDxmo-1648259911-0-AYAK86ai+1aBrJ+Q4r03gdnnywtdB5aAEQF/M5S5TVhiPj7BIlHnioDKcD3CSZamVZlU1xiiBGq94KMqQtWtddXe5SE+uOHk1wdalCwOjpcH/T9Tom3fpFkP+kAIh0xSeQ==
.mkomsel.com/	1970-01-20 19:22:11	Name: _ga_J72KJ758XE Value: GS1.1.1648259910.1.0.1648259910.0
.mkomsel.com/	1970-01-20 19:22:11	Name: _ga Value: GA1.1.2002031068.1648259911
.mkomsel.com/	1970-01-20 11:12:35	Name: __gads Value: ID=a995be9420b909c8-22bf177b66cd0004:T=1648259911:RT=1648259911:S=ALNI_MZPiV-Hu1zYhWIHiWncqy6mK8W8pQ
.doubleclick.net/	1970-01-20 11:12:35	Name: IDE Value: AHWqTUnBt4XULp6OaNQE4ygz_nkEMM3E1oxP6jJoYyBfidXSsj_Q_jtVh_Qj7dB_MLw
.doubleclick.net/	1970-01-20 01:51:03	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
mkomsel.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
s0.2mdn.net
safefileku.com
scontent-ams4-1.xx.fbcdn.net
scontent-amt2-1.xx.fbcdn.net
static.criteo.net
static.xx.fbcdn.net
tpc.googlesyndication.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.212.202.252
142.250.185.162
142.250.186.162
178.250.0.162
178.250.2.135
178.250.2.148
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::7
00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4
029655d02a17be59d3ee3d46b34d34b61239b53c56681a9f96cb845db811e4f8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ad9408ceb11c31b2d44a85e6c8775b3b6a969984ac028eec040312f977111d6
0af5c4eec37a645321c2ef51c7b9b24d948a822d9882a2f84ccb5a9fb1a22df1
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127afd5d44cda999547cc478804305c788a40f24910debffedff269740591543
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184f40610954f0056621e94b8aa2408d84dc408fb68f3edcb0a4e5d09833357c
1b9bbdfcb5417427c398816b9c7d1189438b0d27f4919e790d9cb48b73b4c718
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
214059461947fbf94ab7d81955f3fc36a753c9aa7f91fb6afa2df452043a5890
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ae7502d8919d352606b9493afb95f83b9c6a84253791be6de3e6704c69211a6
2fa6bc24867efad75d5b13f55462f378808975ae603be2069365649f58f64be0
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
35d76403edfa5090dee0c02fe3a123ccf9c70b36234ca3bb6dc1917fd060f88f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea28ea96c3e37d9fa0523811966bf38d99c949014e8c610ec54efe89a106681
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45abc56fe26e7947671e5f0888560970bee2253ec99cd8cc6e0162044448f99d
481089d745285c53f106da3d25ec4ac3a718506278a4f7fe9889f9c567d32a8f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d
51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
5842e16ca3635684ff7b637e1f095e52ade16412b2f79577b47934a31bd4eca9
5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eca478180950074f516a7d6b69e0533e3f0eecec4b298e57810e469f1231bb4
5f39e147d7927d205cd3bd1c5d8eee7b567e9c1712c8d8e8177ed1a6ab789a6e
60af899e7765ca75d6f4a8fda67bc73106a3816b6bce7d90a3fd31ac4b959266
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b9bcbeade5704d3203f27097b8080c9b13a89742e4d5246ad046acdece3338
663f7fb6e67a9ba9041448a241b9e1e2edfd5a8455371310210bbb8a8a8a6b55
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69c11bfc098fe76aed768458ec0843821e7284883abb6da49bba4170ba1f7941
70fb525a16e78790077d0aea043d7ce48c787ad971d99262ea9b19737ac70f89
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b8064fd4bdaf2224c5ff699569719d604034a38d3741ee693a790d1e431b17f
7e08945c4c931c60a1ef0077cf349ff919df21af43247081db531ecb052c18eb
85ca972b26fbec358dca1effe783a45a45cea9f64307a6b10a1f234f72595d90
879d96944105ff807c48acdce8eeb7ded4a833589428eebcf05853b990500c8f
88a832c4111e0b3790c12bbeffd2ab3edce59cb14106de52e2b080062e3e78f0
8c376014be979d78b7b6a1cb77ceeb4dc39d4762316be13e286ab9627453a01d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef6c023c71b3aabaecb650a4b06a8063c76577fd62f89c565247d0b134e628f
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4767edd7f78957d967010ba1972dbf51163ef4ecf8586428479b2333efd252c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a736fe6962afb8ee314e4013af5f4e4048e25ac3378528abe5408b62a2a95ebb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b345c4c853672a5abd0acfd8d7be88176706da6752ccd8ef2d3d74e1a5441074
b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f
b9ef8ffad6d013726db4307bdec875c115f92aeaf826791abdb7f2792e3f7cbb
bcaf3470fe19396df55cd1a83b5ac1e2a33aba8cb8875b3a18b28f4022e7ba40
c110817a7ee3e46a2597fb06e3c510b9c341cc0b75f6c8d9304eed3ecfcd439a
cea5297eef92504dac741d537e93a4d1271607be29bdfdd9aa23258d1ef2e8aa
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d41680eea1adb45e65db92b3732a18c97c7a5ddeabd05061f18b503a2e2556b8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d85b1a1d64df4864283faebc3d00199666fff929a209f741e6b318a9448cb032
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec98ea7fa8c296b6a32b1dbe377ecf93a45b3290ff0fbd8b132574387fc82eed
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f201a59130873fc2a3b8ada47cba26ea9db8f1f924b344fdea84fbccf0b3d39e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5f73326ae685dbf7a5a3012bb9d4d325d5cd60a0488302cb004f76965b007bb
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe5e4ee79f114a995689f21597a04b4f7672d8b8cfe525bd4e40461a800ac816

mkomsel.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

100 %HTTPS

79 %IPv6

18 Domains

29 Subdomains

28 IPs

5 Countries

2707 kBTransfer

7292 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mkomsel.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

100 %
HTTPS

79 %
IPv6

18
Domains

29
Subdomains

28
IPs

5
Countries

2707 kB
Transfer

7292 kB
Size

11
Cookies

140 HTTP transactions
8 data transactions