urlscan.io logo urlscan.io
SecurityTrails logo

safelink121346993.talentsite.my.id Open in urlscan Pro
188.166.216.89  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://safelink121346993.talentsite.my.id/
Effective URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Submission: On January 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 29 HTTP transactions. The main IP is 188.166.216.89, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is safelink121346993.talentsite.my.id.
TLS certificate: Issued by safelink121346993.talentsite.my.id on January 13th 2023. Valid for: a year.
This is the only time safelink121346993.talentsite.my.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

6    188.166.216.89 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
safelink121346993.talentsite.my.id
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    139.99.122.42 (Singapore)

ASN16276 (OVH, FR)
PTR: ns548190.ip-139-99-122.net
safefileku.com
2    2a03:2880:f12d:84:face:b00c:0:14c9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
z-m-static.xx.fbcdn.net
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
web.facebook.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
11    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
2    2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f00a:e:face:b00c:0:3 (Kista, Sweden)

ASN32934 (FACEBOOK, US)
scontent-arn2-1.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
15 fbcdn.net
z-m-static.xx.fbcdn.net — Cisco Umbrella Rank: 84762
static.xx.fbcdn.net — Cisco Umbrella Rank: 811
scontent-arn2-1.xx.fbcdn.net — Cisco Umbrella Rank: 38258
727 KB
6 talentsite.my.id
safelink121346993.talentsite.my.id
37 KB
4 facebook.com
web.facebook.com — Cisco Umbrella Rank: 237
www.facebook.com — Cisco Umbrella Rank: 114
37 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
16 KB
2 safefileku.com
safefileku.com — Cisco Umbrella Rank: 930533
13 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
29 8
Domain Requested by
11 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
6 safelink121346993.talentsite.my.id 1 redirects safelink121346993.talentsite.my.id
3 www.facebook.com 2 redirects safelink121346993.talentsite.my.id
2 scontent-arn2-1.xx.fbcdn.net www.facebook.com
2 www.gstatic.com www.google.com
2 z-m-static.xx.fbcdn.net safelink121346993.talentsite.my.id
2 safefileku.com safelink121346993.talentsite.my.id
1 www.google.com safelink121346993.talentsite.my.id
1 unpkg.com safelink121346993.talentsite.my.id
1 web.facebook.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com safelink121346993.talentsite.my.id
29 12

This site contains no links.

Subject Issuer Validity Valid
safelink121346993.talentsite.my.id
safelink121346993.talentsite.my.id		 2023-01-13 -
2024-01-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
safefileku.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-09 -
2023-02-05		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-22 -
2023-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Frame ID: 788058C93CDFFB2880012DE9B3FA38EB
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Frame ID: 493DB786274A552E59C57DA67E90DFF1
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=id&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Frame ID: 84EAA4656015AB5ABEA8F7C6563C20F5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VIDEO JEJE NGENTOD.mp4 - SafefilekU

Page URL History Show full URLs

  1. https://safelink121346993.talentsite.my.id/ Page URL
  2. https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6 HTTP 301
    https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/ Page URL
  3. https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

29
Requests

83 %
HTTPS

83 %
IPv6

8
Domains

12
Subdomains

11
IPs

5
Countries

831 kB
Transfer

2438 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://safelink121346993.talentsite.my.id/ Page URL
  2. https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6 HTTP 301
    https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/ Page URL
  3. https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6 HTTP 301
  • https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/
Request Chain 10
  • https://web.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width= HTTP 302
  • https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width&_rdc=1&_rdr HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
safelink121346993.talentsite.my.id/ 		110 B
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://safelink121346993.talentsite.my.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.166.216.89 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
e3ceb32feed4910047200ccd3d9bdd3950f758c58432205092c6e0ceda290f1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Jan 2023 16:28:56 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
/
safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/
Redirect Chain
  • https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6
  • https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/
481 B
688 B 		Document
General
Check archive.org
Download Go to
Full URL
https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.166.216.89 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
fa20422dffac398e7fde6b677084859be63b7c78f99ce778ad64b398e490d21f

Request headers

Referer
https://safelink121346993.talentsite.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Jan 2023 16:28:57 GMT
Keep-Alive
timeout=5, max=98
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
266
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 13 Jan 2023 16:28:57 GMT
Keep-Alive
timeout=5, max=99
Location
https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/
Server
Apache
Primary Request index.php
safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/ 		35 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.166.216.89 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
8f935faec3b810de44eff90b2cef0905e33a6410ecfbfd926262160b93c4955d

Request headers

Referer
https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Jan 2023 16:28:57 GMT
Keep-Alive
timeout=5, max=97
Server
Apache
Transfer-Encoding
chunked
bootstrap.min.css
safelink121346993.talentsite.my.id/download/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safelink121346993.talentsite.my.id/download/css/bootstrap.min.css
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.166.216.89 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 16:28:58 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
app.min.css
safelink121346993.talentsite.my.id/download/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safelink121346993.talentsite.my.id/download/css/app.min.css?v=0.2
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.166.216.89 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 16:28:58 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald&family=Roboto&family=Teko&display=swap
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
909073147ed2354b49552258cfec50e1a46294a766c821ed86c0d87894b83872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Jan 2023 16:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 16:28:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Jan 2023 16:28:57 GMT
logo.svg
safefileku.com/images/main/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safefileku.com/images/main/logo.svg
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.122.42 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns548190.ip-139-99-122.net
Software
nginx /
Resource Hash
5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Tue, 09 Aug 2022 14:51:33 GMT
server
nginx
etag
"62f27475-2ad6"
content-type
image/svg+xml
accept-ranges
bytes
content-length
10966
mp4
safefileku.com/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safefileku.com/icon/mp4
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.122.42 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns548190.ip-139-99-122.net
Software
nginx /
Resource Hash
00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000; includeSubDomains
server
nginx
content-type
image/svg+xml
EDFsehamV8T.png
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/EDFsehamV8T.png
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:84:face:b00c:0:14c9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe982e7fa4b4ee454fcf99453c0315c8fbeb643179bc825b4df6927bd1a25ac4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fb-debug
qF/du/+s4taMqWFXIx93zI4FbuNV+v9rktmnZdydF7jQ2WndD9G7c55gmQYS6ZLTbE3KRkhEz0BCgrHxtCFzUQ==
date
Fri, 13 Jan 2023 16:28:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
I8vGJxtIMXgCuJvRkUipUw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1290
x-fb-rlafr
0
expires
Tue, 09 Jan 2024 06:36:07 GMT
dF5SId3UHWd.svg
z-m-static.xx.fbcdn.net/rsrc.php/y8/r/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:84:face:b00c:0:14c9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1027
x-fb-rlafr
0
x-fb-debug
Oq4iFZk/sX9SrndqAKWNS+f1WjWHNIaFU8nY2oTTOOTa1CRx297igHIIqa8+vSGA+/SvOS7tXfxRCItHziZzmQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:44:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Roboto&family=Teko&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://safelink121346993.talentsite.my.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 13:14:53 GMT
x-content-type-options
nosniff
age
11645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 13:14:53 GMT
feedback.php
www.facebook.com/plugins/ Frame 493D
Redirect Chain
  • https://web.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%...
  • https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%...
  • https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkom...
  • https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkom...
161 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f39d7f835db60b065ce29966b14a8a20afc0930fb25722b4f7c0643b15402907
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safelink121346993.talentsite.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Fri, 13 Jan 2023 16:28:58 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Tzuh4ZDF8tM3m0XUYwxSfJalVDUVXPzBy9zozvotucxLwRVpFgWo3DHZjSeB7B07xjT7RDygycSA4ScSWKrVUg==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 13 Jan 2023 16:28:58 GMT
location
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
origin-agent-cluster
?0
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
Ue4myuMqW0VntGstR+bB4ZTyY9ONNOls9clfZtzUN19HxAZbpbVAppdnSIrJLsu2A9sla3L4gsHSodZRcH7ddw==
icon.map.js
unpkg.com/footericon@3.7.0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/footericon@3.7.0/icon.map.js
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safelink121346993.talentsite.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
bframe
www.google.com/recaptcha/api2/ Frame 84EA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=id&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Requested by
Host: safelink121346993.talentsite.my.id
URL: https://safelink121346993.talentsite.my.id/vhsfhqpdhdsih6/download/5xogQxThsZNIDBK/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f3fd1c4517e9f4a70ad165bc211f051657cb3250ac4f48bd0846abf2daa9396
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uG_f8riWUJz7chUKbzZMHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safelink121346993.talentsite.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1119
content-security-policy
script-src 'report-sample' 'nonce-uG_f8riWUJz7chUKbzZMHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Jan 2023 16:28:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 493D 		721 B
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PXgZwd+47LIQZAIO7K6FA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
393
x-fb-rlafr
0
x-fb-debug
sLdl9Qg4PSOS47h+EJcVmvDIF7Wpp0r54BKdCQSGERun/ob7NymY35R7YPOys1E4a+c1XhCAIaGOfC9SwyXk1Q==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 11 Jan 2024 22:44:05 GMT
VkQF4gawP6K.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 493D 		122 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/VkQF4gawP6K.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d49d393ab42e567df675d31964e1e4b5158cf8322a2a8011e152fd90e1f03764
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nTtbATnh75hUbtQBcBojKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19944
x-fb-rlafr
0
x-fb-debug
zUeZbskGXsQTVmuhAUUaiHxM2CTlWnThxZDztUYO7heq/w/ABFQsoAJ1SDXmEuNJwmjP0WIHN26MWwOBCeXMAw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 02 Jan 2024 20:29:58 GMT
wCGjnTvW8il.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 493D 		305 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/wCGjnTvW8il.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2912bee3d19f45b93295a93939a1bc266c0569fa8aab823378b2770571cbc5dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Jq1OrgXwjnEdahOVj92XyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82806
x-fb-rlafr
0
x-fb-debug
y9ew8Kh4QTewTsf3cbdUAJzzvxJM5qlb/yKXecqduxJiOkmsRRW4Aw6u2qaBgDVD+TEovd3vCX66T4ds7lD5Jw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:05:29 GMT
3ejOcyphUGC.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame 493D 		155 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/3ejOcyphUGC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c057376d81cebce06f22160a5c661497cd03a584a5417342cb98823d28c2da42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TT8t/mOekSI+/FzUWnViyg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
43945
x-fb-rlafr
0
x-fb-debug
5aL0X0q5yh2vU5U/BuAWny+Z4GoVcxLg5ROVNe9szZ94QBgo2v6PQYqiHEqB7tLSNOu1ZOE0Rx4sm+KPu48+7w==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 Jan 2024 23:45:04 GMT
oQUO2GEpoT8.js
static.xx.fbcdn.net/rsrc.php/v3iFiA4/yq/l/en_US/ Frame 493D 		1 MB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFiA4/yq/l/en_US/oQUO2GEpoT8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9678d20ed003609fb501db1ee2a843cc046e8dd8c76eb3180d7d3b49c47fb820
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
D3ytlH4XJ/o71SYesbSvTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
286567
x-fb-rlafr
0
x-fb-debug
RozO1274P3wfK9zAcRg4JyWU9tnd+ByNBr3iPQkON08RVe+dTCC+XBY5B+5H/3mn+2WnteHrBco8qbdcvVoKFg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 12 Jan 2024 18:14:50 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 493D 		507 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
l7nW6+YasRcMO0zkpImkXij4//ylWs7eqbx2vfUYG2mger6MFYbmAViRmbifg/r7Z0hoA/Yy+6lKk3Q48mnLDg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Jan 2024 14:08:00 GMT
ikPhBcNObVw.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 493D 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/ikPhBcNObVw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3956efc94844868c411bf297e92ec4cd059fc6c9b6e8c0038f94295b44216142
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
st+D8r0iHB6dcJROObFQOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8509
x-fb-rlafr
0
x-fb-debug
p7V3uj9nAF0O5qePcj8wM2YwLrTC8AlCOfNfcfxtFHob8V0vLxvpLbzoI2mW6PnV1961edsAk8a1eFEEFIYC6A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 05 Jan 2024 02:24:23 GMT
AmXTSX-e48c.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 493D 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/AmXTSX-e48c.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d59ee5c042752f61e5b31bafe02c46f869d6e1ba0482ae974d08b99299357196
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GCHU8Ve5unONaMXgQTJ5lA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15490
x-fb-rlafr
0
x-fb-debug
bawmOdeJYMszhbvIvoGTvQU9suNsCEDlPXAwigPFKjLE68Fl2NJOhx+806BYKAly8r97sDuhAT+KTgFLvwGG3A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Jan 2024 14:39:25 GMT
BQTnnu-EZdq.js
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yl/l/en_US/ Frame 493D 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yl/l/en_US/BQTnnu-EZdq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec47b5eae8a541800f2e64181aeb81ab739a705b6a07447e5f78dc284fe0ce1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
eq5z1UWwnCiSvL+LTUesJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12967
x-fb-rlafr
0
x-fb-debug
lIMpyGkzIGS4oagbxb9Sn7Ui8R+kDDLaw5/FMxi7LB6Z0Fy6xDsaeLbf2C+8rpEKBxKibD/FbciyTY5/bqKvnQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 Jan 2024 03:18:23 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 84EA 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=id&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
recaptcha__id.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 84EA 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__id.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=id&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rNjpykvZ3Mg.png
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 493D 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/rNjpykvZ3Mg.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/VkQF4gawP6K.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a9d565c4a609072e342813a66dbe7458e68d1f89b36fc7e191a862baadd602cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/VkQF4gawP6K.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:59 GMT
x-content-type-options
nosniff
content-md5
YBPeju9R7Vktk7hZ82ZeCw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
263997
x-fb-rlafr
0
x-fb-debug
0JP47ROn6IWZjHxvqrkFxt77Zguxfm+RKJMrAVErcqsyf+V+DAUcIF/zPtvm6FvINv0KiJcuD+gY1hfe30xLdg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 05 Jan 2024 06:25:37 GMT
odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 493D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 16:28:59 GMT
x-content-type-options
nosniff
content-md5
8E8V7SJfv5OQxsrCIaL7hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1131
x-fb-rlafr
0
x-fb-debug
8j3Z7N1ToTRsOSIckd6dUXrM7j2xfj/x3WkHv61K6RajFP4i862mi407t0gKTwVABjXZ9Vw9d7oH7w2TZXB5zg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 Jan 2024 02:09:29 GMT
304951228_602927844869630_865165592546141168_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 493D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/304951228_602927844869630_865165592546141168_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=111&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=2f2d3Q9nIeIAX-DJUSO&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfCXhuq3qwfBFuSZJgdC58eFW8E37_oWDEgkMZIPjX1f-g&oe=63C59CE6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66c7a9d2343e7d4f19c6c1b455106295b84cd542b2f46bc204f9458cdf9d72bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-haystack-needlechecksum
1440215968
date
Fri, 13 Jan 2023 16:28:59 GMT
x-fb-trip-id
2074150462
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 15 Sep 2022 08:49:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2793321383
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1111325486
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1408
304793053_825961628587964_7131619409690920594_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 493D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/304793053_825961628587964_7131619409690920594_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=dsflxV9bV_cAX-WSmtp&_nc_oc=AQmGwO6RlomSncjMFyETvf9gaJpWnSpeT_lV17NIF9IGUagZ27dtgB7QNCCZAXzrjDLRYKtqTooihHwTc_DqEZoJ&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfC-nSyEAVWvnZd5lMTwrD9mLbi5Uhf4yyjr9buD3m63bw&oe=63C5AD4C
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a5bba8f9584f8%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff15c862ea431224%26relation%3Dparent.parent&container_width=368&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2F5xogQxThsZNIDBK&locale=en_US&mobile=true&numposts=5&sdk=joey&version=v10.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f170eed6538beff4030d504f49ec6d058be2244e9086c217521b07e3c58fe392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-haystack-needlechecksum
3893381277
date
Fri, 13 Jan 2023 16:28:59 GMT
x-fb-trip-id
2074150462
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 05 Sep 2022 05:40:25 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1481463936
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
766909677
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1703

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| adsbygoogle function| footericon function| checkReveal function| changeTEXT function| gtag object| dataLayer

0 Cookies

8 Console Messages

Source Level URL
Text
network error URL: https://safelink121346993.talentsite.my.id/download/css/bootstrap.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://safelink121346993.talentsite.my.id/download/css/app.min.css?v=0.2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://unpkg.com/footericon@3.7.0/icon.map.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/3ejOcyphUGC.js?_nc_x=Ij3Wp8lg5Kz(Line 105)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mkomsel.com') does not match the recipient window's origin ('https://safelink121346993.talentsite.my.id').
network error URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__id.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/3ejOcyphUGC.js?_nc_x=Ij3Wp8lg5Kz(Line 105)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mkomsel.com') does not match the recipient window's origin ('https://safelink121346993.talentsite.my.id').
security error URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/3ejOcyphUGC.js?_nc_x=Ij3Wp8lg5Kz(Line 105)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mkomsel.com') does not match the recipient window's origin ('https://safelink121346993.talentsite.my.id').
network error URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
safefileku.com
safelink121346993.talentsite.my.id
scontent-arn2-1.xx.fbcdn.net
static.xx.fbcdn.net
unpkg.com
web.facebook.com
www.facebook.com
www.google.com
www.gstatic.com
z-m-static.xx.fbcdn.net
139.99.122.42
188.166.216.89
2606:4700::6810:7baf
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200a
2a00:1450:400d:802::2003
2a00:1450:400d:806::2004
2a03:2880:f00a:e:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f12d:84:face:b00c:0:14c9
00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4
2912bee3d19f45b93295a93939a1bc266c0569fa8aab823378b2770571cbc5dd
3956efc94844868c411bf297e92ec4cd059fc6c9b6e8c0038f94295b44216142
5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327
66c7a9d2343e7d4f19c6c1b455106295b84cd542b2f46bc204f9458cdf9d72bc
8f3fd1c4517e9f4a70ad165bc211f051657cb3250ac4f48bd0846abf2daa9396
8f935faec3b810de44eff90b2cef0905e33a6410ecfbfd926262160b93c4955d
909073147ed2354b49552258cfec50e1a46294a766c821ed86c0d87894b83872
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9678d20ed003609fb501db1ee2a843cc046e8dd8c76eb3180d7d3b49c47fb820
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a9d565c4a609072e342813a66dbe7458e68d1f89b36fc7e191a862baadd602cb
c057376d81cebce06f22160a5c661497cd03a584a5417342cb98823d28c2da42
d49d393ab42e567df675d31964e1e4b5158cf8322a2a8011e152fd90e1f03764
d59ee5c042752f61e5b31bafe02c46f869d6e1ba0482ae974d08b99299357196
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
e3ceb32feed4910047200ccd3d9bdd3950f758c58432205092c6e0ceda290f1e
ec47b5eae8a541800f2e64181aeb81ab739a705b6a07447e5f78dc284fe0ce1f
f170eed6538beff4030d504f49ec6d058be2244e9086c217521b07e3c58fe392
f39d7f835db60b065ce29966b14a8a20afc0930fb25722b4f7c0643b15402907
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa20422dffac398e7fde6b677084859be63b7c78f99ce778ad64b398e490d21f
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
fe982e7fa4b4ee454fcf99453c0315c8fbeb643179bc825b4df6927bd1a25ac4