mkomsel.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/www_mediafire_comhsvHgFilexvid
Effective URL:
https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Submission: On May 06 via manual (May 6th 2022, 2:45:22 pm UTC) from ID — Scanned from DE

Summary HTTP 58 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 58 HTTP transactions. The main IP is 2a06:98c1:3121::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is mkomsel.com. The Cisco Umbrella rank of the primary domain is 379734.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 3rd 2022. Valid for: a year.

This is the only time mkomsel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.212.202.252 13.212.202.252	16509 (AMAZON-02) (AMAZON-02)
7	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
58	19

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.212.202.252 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com

safefileku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

mkomsel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 511 scontent-frt3-1.xx.fbcdn.net — Cisco Umbrella Rank: 9175 scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 9292 scontent-frx5-2.xx.fbcdn.net — Cisco Umbrella Rank: 11220	764 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	201 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	497 KB
7	mkomsel.com mkomsel.com — Cisco Umbrella Rank: 379734	91 KB
6	google.com www.google.com — Cisco Umbrella Rank: 20 adservice.google.com — Cisco Umbrella Rank: 128	26 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	12 KB
4	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 100	34 KB
3	safefileku.com 1 redirects safefileku.com — Cisco Umbrella Rank: 831731	14 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	85 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5351	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	645 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	344 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	68 KB
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 40295	494 B
58	14

	Domain	Requested by
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	mkomsel.com	mkomsel.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	pagead2.googlesyndication.com	mkomsel.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	www.google.com	mkomsel.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	www.facebook.com	2 redirects mkomsel.com connect.facebook.net
3	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	safefileku.com	1 redirects mkomsel.com
2	connect.facebook.net	mkomsel.com connect.facebook.net
1	scontent-frx5-2.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	fonts.gstatic.com	www.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mkomsel.com
1	is.gd	1 redirects
58	20

This site contains links to these domains. Also see Links.

Domain
safefileku.com
www.facebook.com
twitter.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-03` - `2023-03-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
safefileku.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-05` - `2023-02-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-12` - `2022-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Frame ID: 03CC5EE334282CBF6153F9AA4E3195E1
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 4EB9A6386899387D5108B870ECBD4F71
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=6b2ba95eihsh
Frame ID: E509A87D93D3B07144DAE9D13B55C677
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&adk=1812271804&adf=3025194257&lmt=1651848317&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317258&bpp=2&bdt=173&idt=132&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2426134923387&frm=20&pv=2&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148
Frame ID: D12970ED2AAEC6BF135EEDE5F1957060
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=3227553192&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1651848317&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317260&bpp=2&bdt=176&idt=150&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2426134923387&frm=20&pv=1&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h44M65mAGx&p=https%3A//mkomsel.com&dtd=155
Frame ID: 66FE958BF8D9004D7327074EFE8F2A8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1651848317&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317262&bpp=2&bdt=177&idt=163&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=2426134923387&frm=20&pv=1&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SV2OEOavcl&p=https%3A//mkomsel.com&dtd=166
Frame ID: EB38AC9E81575DD650DD077064941F5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=1839787983&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1651848317&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317264&bpp=1&bdt=179&idt=172&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=2426134923387&frm=20&pv=1&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ZxIpbIdXUL&p=https%3A//mkomsel.com&dtd=175
Frame ID: C3B78FD33F274D64EFB998EBEA1F6A61
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT
Frame ID: 5CEEC15BB60B6C05EAA0F313DB2E2F38
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Frame ID: 846E18E8C0118ED0AAACD1E5B33ADC91
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE3A420C514FAA3020157A4096242FD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14F0BD7C42F839312671729F129AE2BB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VID-20220409-WA0017.mp4 - SafefilekU

Page URL History Show full URLs

https://is.gd/www_mediafire_comhsvHgFilexvid HTTP 301
https://safefileku.com/download/ETAZ2x8f7HWZvUQ HTTP 302
https://mkomsel.com/download/ETAZ2x8f7HWZvUQ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

58
Requests

100 %
HTTPS

89 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

1791 kB
Transfer

5217 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://safefileku.com/

Search URL Search Domain Scan URL

URL: https://safefileku.com/register
Title: Join us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ
Title: Tweet

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&description=Download+VID-20220409-WA0017.mp4
Title: Pin

Search URL Search Domain Scan URL

URL: https://safefileku.com/report?fid=ETAZ2x8f7HWZvUQ
Title: Report file

Search URL Search Domain Scan URL

URL: https://safefileku.com/page/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://safefileku.com/page/dmca
Title: DMCA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/www_mediafire_comhsvHgFilexvid HTTP 301
https://safefileku.com/download/ETAZ2x8f7HWZvUQ HTTP 302
https://mkomsel.com/download/ETAZ2x8f7HWZvUQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ETAZ2x8f7HWZvUQ Show response
mkomsel.com/download/
Redirect Chain

https://is.gd/www_mediafire_comhsvHgFilexvid
https://safefileku.com/download/ETAZ2x8f7HWZvUQ
https://mkomsel.com/download/ETAZ2x8f7HWZvUQ

13 KB
6 KB

739ms
661ms

Document
text/html

2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.18 PleskLin
Resource Hash: ce50118412318b910daf2c755e380fff3897e8bf4861d30cfc024ceaae82514f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: DYNAMIC
cf-ray: 70727fa9a8c50ffa-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 06 May 2022 14:45:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUXB7fEyx3yBOlJJRXiD0GSYwxDYfQrhU7NGTnO0cyhGm05qYvCLyIR575HaSGpRL%2BIOrqXswVba7TBj1F7D4j6Gsb6HIkKl2ynQvwMNr3QYr4sxy2HExW%2Bi92hy0vKcErdVy%2FwttJWEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.0.18 PleskLin

Redirect headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 May 2022 14:45:16 GMT
Keep-Alive: timeout=5, max=100
Location: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.27

GET
H2 200 bootstrap.min.css
mkomsel.com/download/assets/libs/bootstrap/css/ 158 KB
25 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/libs/bootstrap/css/bootstrap.min.css
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2525
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Jan 2022 04:37:15 GMT
server: cloudflare
etag: W/"61e3a0fb-27681"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiuLIbeWr6OBcgbg5tGYo2dbdSOp1Q%2F%2B4oUoacXq0t%2B23HULosmlRsgp9fnEXPMQoXmWM11CDbjbQYyNzRw5HIf94DxPN%2F2Td6mE4cBvC7zX79SkEk2DFY8a1aOL4biNJQU0wazW3yhQMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 70727fae29bf0ffa-MRS

GET
H2 200 app.min.css
mkomsel.com/download/assets/css/ 10 KB
3 KB 31ms
31ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/css/app.min.css?v=0.2
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cea5297eef92504dac741d537e93a4d1271607be29bdfdd9aa23258d1ef2e8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2525
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Jan 2022 04:37:15 GMT
server: cloudflare
etag: W/"61e3a0fb-290a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=batFj31oTlNf6papKKWE10adoTHNwYLRORcwyT8EHPD8A1myxcVjker3saFYlz6OeF8KcQRIVATgOoQee4K%2FF8JNMoDKidh73fmsrxTl0YK2Y05RyQHq%2B1OCgApMStI0iIQqR2mszlZ1BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 70727fae29c10ffa-MRS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
55 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16ecba0a1120768eaa3832f603d58d6e89a0b8abe4f3991857365116c55f416c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55910
x-xss-protection: 0
server: cafe
etag: 4269611623063325591
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H3 200 invisible.js Show response
mkomsel.com/cdn-cgi/challenge-platform/h/g/scripts/ 41 KB
15 KB 56ms
56ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651845600
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54f548de0285d0884b36ee7a797a9af64dd5e135920f659ceae78827541faaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqMqgjtBfi8f9VqLvlSWkYMi1fGjR%2FRxKr9kJqGeT3G4FyO4wfQEmHRQxNERvLt%2BCVrt8W8bcINOmA%2Fp59AkkjlQjbg9I9e1t%2FRI28u57eiszCATbxrUt5RCffNwBOHJryPQUdmCQQhWRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 70727fae6fca733e-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK logo.svg
safefileku.com/images/main/ 11 KB
11 KB 161ms
161ms Image
image/svg+xml 13.212.202.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safefileku.com/images/main/logo.svg
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.212.202.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 14:45:17 GMT
Last-Modified: Sun, 16 Jan 2022 06:20:06 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
ETag: "2ad6-5d5ad06fcb362"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10966

GET
H/1.1 200
OK mp4
safefileku.com/icon/ 1 KB
2 KB 172ms
171ms Image
image/svg+xml 13.212.202.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safefileku.com/icon/mp4
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.212.202.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-212-202-252.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Unix) OpenSSL/1.1.1d / PHP/7.4.27
Resource Hash: 00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 14:45:17 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.27
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d41d60b69ef560cf53d4c4747d642d4d2360da6578fd883c7aa044b4e4eb7b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xm3vcJ2ueP9OqzlE6NyFZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: fqgD+Ee7BzymC5AHmMoWSGt5gw/ZshqbwKm+PzYHHvW4a5FLcZYD8/4lMnmuzkPOMCyLlwHVfSwGvFQV4oH8mA==
x-fb-trip-id: 686109401
x-fb-content-md5: 6a8b926e4cfbd8fabf6f0ccbcd00e168
x-frame-options: DENY
date: Fri, 06 May 2022 14:45:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f56d7853c53c70a8582bbc3566fe665c"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 May 2022 14:50:00 GMT

GET
H3 200 jquery.min.js Show response
mkomsel.com/download/assets/libs/jquery/dist/ 87 KB
32 KB 38ms
38ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/download/assets/libs/jquery/dist/jquery.min.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2168
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Jan 2022 04:37:15 GMT
server: cloudflare
etag: W/"61e3a0fb-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RA0u9zy9d6iOCBvTcFVufEnpyFIhajGu5S1L4XC%2FNmBET%2BsfElBS9dwpKhFiefA%2F43nmnPz0l7nOVHq9kt2udJ6mpqKO9lxXh1gzLW%2BneN5roH0fmYaT7pxBit%2BeCYg8husqYIXeOScH4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 70727fae5fb1733e-MRS

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 37ms
15ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J72KJ758XE

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b07b74f93591a6a796d65cabcee824359b8f18572103a6ed02c804edbd8435d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69316
x-xss-protection: 0
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
83 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0821abf1d5b084cfba061e7d2389bfa0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d1a5f0e5eca890f219d887b0e980f79d19ba2e8640b6df35a5ba9ea8925e73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8skh//yNbT1bXZDiIrS/bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84639
x-fb-rlafr: 0
x-fb-debug: n+1YKzbSvxmdLKGuaF6WR0OucSd4tDkOIG+ausjYsCVUBf0Y9mgxUmDHF658gg3Qa694kkWoU6j3fGS2A0Y5YA==
x-fb-content-md5: 4a2cadba7c73cfb086cdffb5febfaf0d
x-frame-options: DENY
date: Fri, 06 May 2022 14:45:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8d6849867776147be0b1742ec3d674cd"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 06 May 2023 14:18:16 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 364 KB
144 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Origin: https://mkomsel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 14:11:36 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204280101/ 308 KB
110 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5933362346886566&plah=mkomsel.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dd99285cda241649432f3200cd124dca9f18e7f2ca9990a86697941b38102da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112510
x-xss-protection: 0
server: cafe
etag: 9977075685718418144
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 4EB9 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 15:00:38 GMT
etag: 1428802124239944296
expires: Thu, 19 May 2022 15:00:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 37ms
14ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J72KJ758XE&gtm=2oe540&_p=961567267&_z=ccd.tbB&cid=59187274.1651848317&ul=en-us&sr=1600x1200&_s=1&sid=1651848317&sct=1&seg=0&dl=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&dt=VID-20220409-WA0017.mp4%20-%20SafefilekU&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J72KJ758XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 14:45:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mkomsel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1026262167543273&ev=fb_page_view&dl=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&rl=&if=false&ts=1651848317322&sw=1600&sh=1200&at=

Requested by

Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E509 43 KB
22 KB 42ms
26ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=6b2ba95eihsh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c6e92c72ec73f6856a2fdafcc4a4e384907ad4ed03d4550713cf311e6155b75

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yq1NPguNsozTK7xwdYbAXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22766
content-security-policy: script-src 'report-sample' 'nonce-Yq1NPguNsozTK7xwdYbAXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pica.js
mkomsel.com/cdn-cgi/challenge-platform/h/g/scripts/ 28 KB
10 KB 44ms
44ms Other
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d5057c8e5f0dedc452c01f0f94e4461e869a8d9e23f434c9395368f3c40ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja0Nmi91EByOK9wtmLbhC726z%2BClMGS7a5I1iq02uHFOK88mpoujs5C6%2B3hlvU0B5axF0PcoxeNVvEhbKIa1CYxJ2Xg9LBTjPi6FqQzMCpZ421ApRGjV%2FtgN5dnCvmc2IM8L1GOJx%2BnRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 70727fafbb16733e-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 65ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mkomsel.com&callback=_gfp_s_&client=ca-pub-5933362346886566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5933362346886566&plah=mkomsel.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

48510c2601ba479f354bd399317442d41e8c745de57b9e8bc44c9730e231e799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mkomsel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D129 31 KB
6 KB 190ms
176ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&adk=1812271804&adf=3025194257&lmt=1651848317&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317258&bpp=2&bdt=173&idt=132&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2426134923387&frm=20&pv=2&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43d30eabd06744e3026e3a27469d42f6882ffc99f58e1119c7bb9cc19d192e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 6253
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:17 GMT
expires: Fri, 06 May 2022 14:45:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 66FE 430 B
230 B 243ms
236ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=135&slotname=4776431068&adk=1847874569&adf=3227553192&pi=t.ma~as.4776431068&w=539&fwrn=4&lmt=1651848317&rafmt=11&psa=0&format=539x135&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317260&bpp=2&bdt=176&idt=150&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2426134923387&frm=20&pv=1&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h44M65mAGx&p=https%3A//mkomsel.com&dtd=155

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f51c359c70477db482257d9a1ee19286d5aff56a47391d3af3a03963740c321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:17 GMT
expires: Fri, 06 May 2022 14:45:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB38 430 B
229 B 289ms
288ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=3675393043&adf=1438075936&pi=t.ma~as.2076775831&w=539&fwrn=4&fwrnh=100&lmt=1651848317&rafmt=1&psa=0&format=539x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317262&bpp=2&bdt=177&idt=163&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135&nras=1&correlator=2426134923387&frm=20&pv=1&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=531&ady=629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SV2OEOavcl&p=https%3A//mkomsel.com&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c16dac787db1f870cd7d6d3f1a2149eda730acd69501b6af64804eee07fbb793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:17 GMT
expires: Fri, 06 May 2022 14:45:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame E509 51 KB
24 KB 21ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=6b2ba95eihsh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 14:10:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame E509 364 KB
144 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 14:11:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3B7 430 B
229 B 220ms
219ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5933362346886566&output=html&h=280&slotname=2076775831&adk=1855931090&adf=1839787983&pi=t.ma~as.2076775831&w=1200&fwrn=4&fwrnh=100&lmt=1651848317&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651848317264&bpp=1&bdt=179&idt=172&shv=r20220504&mjsv=m202204280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C539x135%2C539x280&nras=1&correlator=2426134923387&frm=20&pv=1&ga_vid=59187274.1651848317&ga_sid=1651848317&ga_hid=961567267&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44719338%2C44760475%2C31065544%2C31064019&oid=2&pvsid=185182322039607&pem=907&tmod=737289618&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ZxIpbIdXUL&p=https%3A//mkomsel.com&dtd=175

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd734c5ec0ce8e7a5542e5a38f0c9c1b9af3818024f9f204567ab366ab19292f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:17 GMT
expires: Fri, 06 May 2022 14:45:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E509 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E509 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E509 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 68708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 12 May 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E509 15 KB
16 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 250716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E509 102 B
134 B 15ms
14ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT&co=aHR0cHM6Ly9ta29tc2VsLmNvbTo0NDM.&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=normal&cb=6b2ba95eihsh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5CEE 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be57d39bf89187f9e47a0c38b6f035a307d039c31a96a102ca6234d27155876f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oyjqi9+F3Dc15QQdq1F+Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1111
content-security-policy: script-src 'report-sample' 'nonce-oyjqi9+F3Dc15QQdq1F+Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 70727fa9a8c50ffa Show response
mkomsel.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
719 B 52ms
52ms XHR
text/plain 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/g/cv/result/70727fa9a8c50ffa
Requested by: Host: mkomsel.com
URL: https://mkomsel.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651845600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mkomsel.com/download/ETAZ2x8f7HWZvUQ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q1aM8eUJb%2FcPpMShAHDlJI%2FpxKdORgU32F5n8XJVTunqzT5Cqc1f3H0KjAnPgEDc74z3J4hko8pbeoPB3RxEvp7vFoxsDunVR5NJ3oytRhAoJEretXry5zoDsLkOhiLPxI4yjnlnSuo6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 70727fb27a3f733e-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 5CEE 51 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 14:10:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 5CEE 364 KB
144 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&k=6Lf64oMaAAAAAGFnwjAYBTBXFsEcRqVsm-dccOzT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 14:11:36 GMT

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 846E
Redirect Chain

https://www.facebook.com/v10.0/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%...
https://www.facebook.com/plugins/comments.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkom...
https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkom...

145 KB
33 KB

339ms
339ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0821abf1d5b084cfba061e7d2389bfa0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf2162a0e41b44921f6f5436b733ca72d433d5cbc7259a69163de52e71b66460

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Fri, 06 May 2022 14:45:18 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: m+nXcnBwF/V4qG5mHLlAnO5FKyCcSXYoBR28VRt2evPwrLTOEIZy7MnzmDoYeEVci0eDLqT+rYdb1XJlfDh2sg==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Fri, 06 May 2022 14:45:18 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: w1MbmxwtIjE5IZySJWHmM7Evsy6Wli02pSSiYz3KXbIUHV7ZiNWmXUl+KKOGxH/g2KWFaZ0YYoTA9EVkLBy+rQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 42ms
28ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f60faf88bd9cd7d81daac015c93c8d5ffa539de986067567d4240502139ac26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10659
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 May 2022 14:45:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE3A 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 13:30:59 GMT
expires: Sat, 06 May 2023 13:30:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14F0 783 B
536 B 15ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6fa41ba9b4b153c2ba9acf92413543d00d390148463637a5fc7687fb76a19c01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DGXMRKm1BIcpqL5k1uYEYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mkomsel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-DGXMRKm1BIcpqL5k1uYEYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:45:18 GMT
expires: Fri, 06 May 2022 14:45:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14F0 0
0 71ms
71ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=185182322039607&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame BE3A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 15:39:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BE3A 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nQ8BZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 846E 721 B
583 B 10ms
8ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVSJF/6ycs/5uNocEebDvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 392
x-fb-rlafr: 0
x-fb-debug: Iw84O/J/yzi5rdD66nF0u2J9uLg9Rk7BmOLiQEppcGPr21DV3YdrNgR4m7sraxeWWvTQgU3s89NklRQS81UiVA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 May 2023 00:11:23 GMT

GET
H2 200 0ZOgg9U9jI1.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ Frame 846E 124 KB
20 KB 9ms
8ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/0ZOgg9U9jI1.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5444a7ec66deeea599de9c7805ded6f04ae20a5d1e4fe3988a8cbdde04ba2118

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: X9gjmzMotSX+Uf+cU0ocyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20381
x-fb-rlafr: 0
x-fb-debug: XhTqu6TkYacQ6yXkyJpSgK/lm3nB9ZZ+RjTPqJPPvY0s6PJKIsmnkEkOboeSd54hvLh5D5K7vk7duPU3haOSaw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 27 Apr 2023 18:02:15 GMT

GET
H2 200 2M1vNSE0Ome.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 846E 309 KB
83 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/2M1vNSE0Ome.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75f23e1c66295abc4e6c5db6b47d7332ca1b877272eacfaa15f7c016e1824d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lVZW6bzfFKJ2w+t1nMHYWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84935
x-fb-rlafr: 0
x-fb-debug: fSeQ11MLaf2h9ogyAZsnH1s+KPve4Z0rUUN2Vf6Ad2nU5XgBHuOWvjNot7mfjY28eT7N2OYuZbHli1RWfSSusQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 May 2023 23:00:47 GMT

GET
H2 200 WvGLjZX_o1j.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yL/l/en_US/ Frame 846E 156 KB
44 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yL/l/en_US/WvGLjZX_o1j.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

587c7ecf6b628b8f4ab7a3cffd3e92778e2f975cfeffcaa4f31ef53e0730f47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0ZYtsvHMBEFgNtW4t0poDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44443
x-fb-rlafr: 0
x-fb-debug: bT7w4bhf9I+KesHyGVr6R0q/hb8/j42XhCs9bn0V6j56T2L4mTwdgyU13TZYeUrizri9uQoSYxO9vV6ViJXKYg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 05 May 2023 03:40:01 GMT

GET
H2 200 hhsSCWfk5Py.js Show response
static.xx.fbcdn.net/rsrc.php/v3iqDT4/yl/l/en_US/ Frame 846E 1 MB
334 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iqDT4/yl/l/en_US/hhsSCWfk5Py.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bfa0a0cab3fb4460557191a3f0730141c0a9b55720488036e030f061a404eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5Q6VgQ+7Xo3g/VKiSDe1XQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 341499
x-fb-rlafr: 0
x-fb-debug: bX3VviueXpdzS6WDHJqL8nZRXT/ZZDuyHY8BogUDM3yNqqO+lPkhDY5uCAXneX6whh58bocy2aJY4GRPwboKgA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 05 May 2023 08:38:56 GMT

GET
H2 200 kSZXc6JbvHD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 846E 33 KB
10 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/kSZXc6JbvHD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c3c01509188d0d1c0e8b4e2cd8a065135b7417d42ccb975927d9178635ca17c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eSdOnoTCj2y2suCDAVGaWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10258
x-fb-rlafr: 0
x-fb-debug: oMATx4eU0PSF5fobrwKmBuKX1kBxy36jRly+YGLdlwLIXjk6wj2bWzErZKQD9whLi95nzDMyStP5DjDOLz18/A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 06 May 2023 01:39:39 GMT

GET
H2 200 yt-0NzPw2hP.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yi/l/en_US/ Frame 846E 42 KB
12 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yi/l/en_US/yt-0NzPw2hP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1207bbec831195624c9933523737f6dcf41c048cc7e594732d53449d47c54e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: P6IFKsRYSShl9P9UpjwOxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12421
x-fb-rlafr: 0
x-fb-debug: bBXhYxgEtgdOE2p3jO7kVT0q+MjZE5gROygYmQYDdTjq/HqTbFgkzNrQtvIkbcr2I7Nbw/EBm2INm+Tz2K3a6w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 02:56:00 GMT

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 846E 251 KB
251 KB 17ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/0ZOgg9U9jI1.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/0ZOgg9U9jI1.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: 1XhUET8jA18HKO9jM+SgpfFaRNpdmcu8wWDMOQxt8gp3Ro3DoXf2214lQ6o8fTpsADMHCt30bEb+bN0NWkKxMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 01:20:49 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 846E 1 KB
1 KB 11ms
10ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:45:18 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: U+hhqVkokvOjTTjAOEmdP/MF2yxqSyDB9+dYVzmga5zVHvr9aYpBS5KJv3zksuhJXLjK5t/6AF1bnK2IcI4/qg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 May 2023 23:10:30 GMT

GET
H2 200 278379018_158272769995603_4812493483134500514_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 846E 2 KB
2 KB 24ms
8ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-1/278379018_158272769995603_4812493483134500514_n.jpg?stp=c27.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=102&ccb=1-6&_nc_sid=dbb9e7&_nc_ohc=-Pl4NTT_KmoAX_9f3NK&_nc_ht=scontent-frt3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_vL5fSdYm0443kZwKRPwByW-C4YIkQ3WMjSdbX-Zzk3A&oe=627AE616
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 193acdf05c21c4d3ed0104ab6e91c922a14e905feaeb12279f4eca54b01b9fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-haystack-needlechecksum: 1203676417
date: Fri, 06 May 2022 14:45:18 GMT
x-fb-trip-id: 686109401
last-modified: Tue, 12 Apr 2022 20:41:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3912542711
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1721488345
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1902

GET
H2 200 277148128_134510432446752_5238335901241243994_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-1/ Frame 846E 1 KB
2 KB 23ms
7ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-1/277148128_134510432446752_5238335901241243994_n.jpg?stp=c0.2.48.48a_cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-6&_nc_sid=dbb9e7&_nc_ohc=7sC2vH0tGyEAX-PrGzR&_nc_oc=AQlOJbk9LDDMSBqGCFne94x-KGwiFOjoq3NpnlbyyaZcjFn7arKLPCuAPa85L_FfyqCja95t0YZTDV_I1g9hRmap&_nc_ht=scontent-frx5-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_Q3bAPbufaapoDsmovCepsweD7LER_by2W-kFqfy8O1A&oe=627A43F2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3bfd9825c76a167cc0a0c41d756418de51ec1799b6c2099f56185033d77652c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-haystack-needlechecksum: 1181910189
date: Fri, 06 May 2022 14:45:18 GMT
x-fb-trip-id: 917726464
last-modified: Sun, 20 Mar 2022 14:11:14 GMT
x-content-cdn-origin-ts: 1651647138767
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4209879853
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1091945018
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1364

GET
H2 200 279067773_107897001908556_1648681276236436965_n.jpg
scontent-frx5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 846E 1 KB
2 KB 28ms
6ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-2.xx.fbcdn.net/v/t39.30808-1/279067773_107897001908556_1648681276236436965_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-6&_nc_sid=dbb9e7&_nc_ohc=2to9Ni6fA5QAX_t3js-&_nc_ht=scontent-frx5-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT_KKNV_qFG7pXEDcH95yyvhSiV3mB5YixrmBzPOmhYEAQ&oe=627A50FE
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7d1c7f8f93a5d38b6bcc8b2d93f7f18f62ef2180ff35d11103f318cfe2c7a7ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-haystack-needlechecksum: 3486399159
date: Fri, 06 May 2022 14:45:18 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 26 Apr 2022 15:36:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3777140851
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1267556898
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1345

GET
H2 200 84688533_170842440872810_7559275468982059008_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/ Frame 846E 955 B
1 KB 23ms
8ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/84688533_170842440872810_7559275468982059008_n.jpg?stp=c14.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=1&ccb=1-6&_nc_sid=dbb9e7&_nc_ohc=09U76oQMpfMAX9c4945&_nc_ht=scontent-frx5-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9V_rziP58WSzvzEaUO9NRjePekXuVBVXhY-tYJfc_W-A&oe=629960C1
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 316d7d1c93a25aa64054c5e7aba20e7d0e8be8267b80d651b62df74f11177718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-haystack-needlechecksum: 2746681416
date: Fri, 06 May 2022 14:45:18 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1579869232
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2495507561
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 955

GET
H2 200 84241059_189132118950875_4138507100605120512_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/ Frame 846E 943 B
1 KB 23ms
8ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/84241059_189132118950875_4138507100605120512_n.jpg?stp=c14.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=1&ccb=1-6&_nc_sid=dbb9e7&_nc_ohc=08lej0vYVjwAX8TsKJO&_nc_ht=scontent-frx5-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9Aykr1n-3cAUTqAgqnGi7osAGD7LsNDPNhpZXGfFmyCA&oe=629B3811
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1026262167543273&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35ce2b99d827ec%26domain%3Dmkomsel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmkomsel.com%252Ff1083d9d88f91b%26relation%3Dparent.parent&container_width=539&height=100&href=https%3A%2F%2Fmkomsel.com%2Fdownload%2FETAZ2x8f7HWZvUQ&locale=en_US&numposts=5&sdk=joey&version=v10.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-haystack-needlechecksum: 2005931516
date: Fri, 06 May 2022 14:45:18 GMT
x-fb-trip-id: 917726464
last-modified: Thu, 30 Jan 2020 18:41:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3648183006
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3771084146
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 943

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 106ms
105ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=185182322039607&bg=!WlmlWR3NAAZX5TVhd-U7ACkAdvg8WuSrC-5UjLdnUTnhmAmYUEDWVSZ3IkTrT3VILpikKYZphBEPgwIAAABHUgAAAANoAQeZAptXmPuq6-CnbVQl-cQ14FtvHjmlCA4JsPhayQaewX7G5-GhV_GbULsDDA9wwgBYmePN5r87Z3KA-lfNWJ2757OjuMO0VkN0rVGK64rNiAcvRTRw56Xyf-Awy3HI6HvF-53X97FJLvHI9vyH1fZSb21fflE_fSMmuMBml9Nbq8akLL-qI7HMkP32vc0haDjrmveng47cAJxhZmXIDXzdUa8BaqdXQ_GaLCDc_E_Cs8Qfj6Uag88I6gRpPjeX0lmlMBZVvENf8A6mYSwbpj13eT674taBS9NEOH_ATKz1ZvyK7L6SVF5nFgKnwZgWG8CRwzs5pFxA3HI4cYU0jRp2rsqg6qs2AKP7Qv-oVTvzlBJ5SPf7ImTZ6go8JruNOB7hEfcl4R5PI9T2e6vjqI22uKkIWk2vahoGPzLfYlbWjB4S7N0TTtE50aKX0xXtDp2OJGOJaOs7Ds55h_bFdTsoE-uqWIcPjsc5D9Ao5iKhqK_fhHiwt6uBv8wDRYWRABr6fg62SGLYhe2KywZGZc79dQ1Nuq993f-_qkfrZuI1OogMkHi0G8_6GEmaqLsX5ckPWS5_QpG2sfogCx7REKCnnH4Xq8QdKX5xgpQrHlZN9oJdf51jQrMBVBR_LIojb5g968XowgHts9UzVSokIiyFJEcTM0vuYwyGMBQG6fGuG3V0QxAC0GaX2Zube6YTD2XkZ6lzqcyfNgAHJaO1sKmlmDoRXoMi-8fROOr0B_OpeH6w8nvf0Pw3tBbuW9XQ6d0axRDGbYPntcgxqjWoKEKb-ktoPYIApYWbM9cAD6MQyn4Tx6gU7lpxOHijqg1YK2htXKmXKjUupVxI1w5i053x8FQeT6VzUkQ2-7XaboswXOraDwGUL1D5NXQ4AnwW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkomsel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safefileku.com/	1970-01-20 02:50:55	Name: XSRF-TOKEN Value: eyJpdiI6ImM2SUFrVVVxK3k4Qk1FcVpxVWJST2c9PSIsInZhbHVlIjoiMUNjdGg2RDNNK0YwOFMvNlo1aHNkYzB3b0VGSFVGYjVFYVI5dzMrTXJKNGliMURqK2xvVXc0VGQzQ0YweWNqcWdpNUdhMEdMcjdTeEJVVnNsUGdnYUVTc0pSNFNVL0NDNTZxam4zRXprZy9BaW1id3FQQzhlTTI3a010dlBmRGciLCJtYWMiOiJkODBmMTZhZWJhZjNkY2I2YTJmMDZjOGVlZTVhYjFjYWZjZDkxNjlmNDA5OWJmZGVmYWViZGVlODQ0NzlkOTM5IiwidGFnIjoiIn0%3D
safefileku.com/	1970-01-20 02:50:55	Name: safefileku_session Value: eyJpdiI6InJRK1AvV0ZENFU3STYzZlRSK0NHc3c9PSIsInZhbHVlIjoiZUZHWnZsVS9ocHl6dVNBbHNkZXFFR1h4Ykg5Z3BPLzRRSklRQ0V2UGxBeXVxalJFQzBubkN2S0xrNHk2REZ0TmZFMC9JdDh4dW8wUUx3eTF6VC9naldoOVRKUkxBL3JpTzdsNXIxZk1GQlBOKzBSQnBlRmdpWCs0UlR5a2hHK1UiLCJtYWMiOiIwZTM5NGUzNzZjNjllYzgyMGNmOWZkMGY4MzA3ZmIzNjgyOTRhMWJlOGQ5OTU2MjhkMTZiZmI0ZjQxNGIxZmI4IiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 02:52:14	Name: visitor Value: eyJpdiI6IkR0eWpKNGE0anQyNnFLcWw0anMxbXc9PSIsInZhbHVlIjoidFRieGRJTmNHYlBkaWQxK29zbVlzTG9LQy9rRmo5aVRqdmxkWGEyblFMdEx5OGdkZlJjaE5zNE5vTkxwMW82Uk9HcXdHaVN3OFQrRmorRUg4Sm5BNmc9PSIsIm1hYyI6IjNkODJmMTQ3NzQ2OTI2Y2Y0MWE5M2RmNmVhMjVjMmY3YTdmNjJmNjM1ZjU3NTJhY2MwYWI3NjcxZDM1NTRkYjYiLCJ0YWciOiIifQ%3D%3D
mkomsel.com/	1970-01-20 02:50:55	Name: XSRF-TOKEN Value: eyJpdiI6IjZhYW9uZU5relJVWTY4enhWSm5tNmc9PSIsInZhbHVlIjoicXhRdUhKMzY4RFkydUxFaEUzWmtoTWlnOVpBNHJKRVlEdGUyWGhtUVB6MFBpaDdhRnJtVVBzeGI3a2ZHWmlDTW5lSzZFNVVHZTVNZWVXd2xqUHVmOWwvdmhOdjZuN2UvRS9hV0hqQWVkcG1oZVhNY1MvbUR1eWxhZHlVQ1hXam0iLCJtYWMiOiI3ZWQyNmU3MjIyNzQwOTg2ZWIyZGRlM2FiZjk3YWI2ZDBiMjlkOTM4Mzc2MTAxOGUyYzQzNWNjNmRkMzdhOTg5IiwidGFnIjoiIn0%3D
mkomsel.com/	1970-01-20 02:50:55	Name: safefileku_session Value: eyJpdiI6ImM2b2tCMWpnK3dIZFFNS2llRHZkL2c9PSIsInZhbHVlIjoiWHA0MStoQjZGL2JENkFSMlJZSjV6VStmVGNqZWhuTFVoOUNHQnZiSElXc0dwNnkzcE9VMURET0pVY1h3Y3BSM2RidnBBODVJdkUyeW43S3kvd3JxM1Y0dFgvdEI0ZWFmVU02cDZ1am1yUG9QZjVRUUxiZlJ0Nk9kd05sdVltZmQiLCJtYWMiOiJmODY1NDJjZTg1MTZhODYxMTA2MWM0YmY2ODAzNzI5MDE4MDYzOThjMTQ5MTAwNmIzNjlkOWQyZmRlN2RlZWQyIiwidGFnIjoiIn0%3D
.mkomsel.com/	1970-01-20 20:22:00	Name: _ga_J72KJ758XE Value: GS1.1.1651848317.1.0.1651848317.0
.mkomsel.com/	1970-01-20 20:22:00	Name: _ga Value: GA1.1.59187274.1651848317
.facebook.com/	1970-01-20 05:00:24	Name: fr Value: 0VbRg2t0AFuLxVwS2..BidTR9...1.0.BidTR9.
.mkomsel.com/	1970-01-20 12:12:24	Name: __gads Value: ID=1aaa95790acdf51d-225b82cb8dcd00b2:T=1651848317:RT=1651848317:S=ALNI_Mah2aFWbnJ1CgMOzzKIDQV7GflyAw
.doubleclick.net/	1970-01-20 02:50:49	Name: test_cookie Value: CheckForPermission
.mkomsel.com/	1970-01-20 02:50:50	Name: __cf_bm Value: RlYoB60ldn4wjrueFMOkUS87p05oiCukN7ZXP.WZtOk-1651848317-0-AbS9vVsksiAIbf3Q7tZWFZU7qdZtH5BmcAZ+txvEmY9BrlP++7MrWU0moAEdzBm+50o/qVKXn5+W0oIrqNTMdwFEw5CV740+8SOempbHC9CHauLHOZb1kw+o9LAkx4SWOw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
is.gd
mkomsel.com
pagead2.googlesyndication.com
partner.googleadservices.com
safefileku.com
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
scontent-frx5-2.xx.fbcdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.212.202.252
142.250.184.194
2606:4700:20::6819:ea35
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::a
00c2cf8a3c39fb2890f08bf69cec08c60a9da764ab694903824de7be409894b4
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
0dd99285cda241649432f3200cd124dca9f18e7f2ca9990a86697941b38102da
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16ecba0a1120768eaa3832f603d58d6e89a0b8abe4f3991857365116c55f416c
193acdf05c21c4d3ed0104ab6e91c922a14e905feaeb12279f4eca54b01b9fbd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d1a5f0e5eca890f219d887b0e980f79d19ba2e8640b6df35a5ba9ea8925e73e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f60faf88bd9cd7d81daac015c93c8d5ffa539de986067567d4240502139ac26
316d7d1c93a25aa64054c5e7aba20e7d0e8be8267b80d651b62df74f11177718
3bfd9825c76a167cc0a0c41d756418de51ec1799b6c2099f56185033d77652c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f51c359c70477db482257d9a1ee19286d5aff56a47391d3af3a03963740c321
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42d5057c8e5f0dedc452c01f0f94e4461e869a8d9e23f434c9395368f3c40ec4
43d30eabd06744e3026e3a27469d42f6882ffc99f58e1119c7bb9cc19d192e25
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
48510c2601ba479f354bd399317442d41e8c745de57b9e8bc44c9730e231e799
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
5444a7ec66deeea599de9c7805ded6f04ae20a5d1e4fe3988a8cbdde04ba2118
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587c7ecf6b628b8f4ab7a3cffd3e92778e2f975cfeffcaa4f31ef53e0730f47f
5bfe91dc4d217a6c929a6809e843e51a3a7b4d73f14d1f2d19fa6fd7631c3327
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6fa41ba9b4b153c2ba9acf92413543d00d390148463637a5fc7687fb76a19c01
75f23e1c66295abc4e6c5db6b47d7332ca1b877272eacfaa15f7c016e1824d17
7bfa0a0cab3fb4460557191a3f0730141c0a9b55720488036e030f061a404eed
7d1c7f8f93a5d38b6bcc8b2d93f7f18f62ef2180ff35d11103f318cfe2c7a7ba
8c3c01509188d0d1c0e8b4e2cd8a065135b7417d42ccb975927d9178635ca17c
9c6e92c72ec73f6856a2fdafcc4a4e384907ad4ed03d4550713cf311e6155b75
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b07b74f93591a6a796d65cabcee824359b8f18572103a6ed02c804edbd8435d3
be57d39bf89187f9e47a0c38b6f035a307d039c31a96a102ca6234d27155876f
bf2162a0e41b44921f6f5436b733ca72d433d5cbc7259a69163de52e71b66460
c1207bbec831195624c9933523737f6dcf41c048cc7e594732d53449d47c54e8
c16dac787db1f870cd7d6d3f1a2149eda730acd69501b6af64804eee07fbb793
ce50118412318b910daf2c755e380fff3897e8bf4861d30cfc024ceaae82514f
cea5297eef92504dac741d537e93a4d1271607be29bdfdd9aa23258d1ef2e8aa
cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
d41d60b69ef560cf53d4c4747d642d4d2360da6578fd883c7aa044b4e4eb7b39
d54f548de0285d0884b36ee7a797a9af64dd5e135920f659ceae78827541faaa
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3
e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd734c5ec0ce8e7a5542e5a38f0c9c1b9af3818024f9f204567ab366ab19292f

mkomsel.com Open in urlscan Pro 2a06:98c1:3121::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

89 %IPv6

14 Domains

20 Subdomains

19 IPs

3 Countries

1791 kBTransfer

5217 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mkomsel.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

89 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

1791 kB
Transfer

5217 kB
Size

11
Cookies

58 HTTP transactions
2 data transactions