www.mktbtk.com Open in urlscan Pro
107.180.25.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mktbtk.com/
Effective URL:
https://www.mktbtk.com/
Submission: On December 16 via api (December 16th 2024, 7:25:10 pm UTC) from US — Scanned from US

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 63 HTTP transactions. The main IP is 107.180.25.104, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.mktbtk.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 30th 2024. Valid for: a year.

This is the only time www.mktbtk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	107.180.25.104 107.180.25.104	400754 (GO-DADDY-...) (GO-DADDY-COM-LLC)
4	2607:f8b0:400... 2607:f8b0:400d:c0d::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1 2	23.43.85.29 23.43.85.29	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2607:f8b0:400... 2607:f8b0:4004:c17::64	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:400d:c00::9a	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c06::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:11::17cd:6b45	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::67	15169 (GOOGLE) (GOOGLE)
4	2600:1408:ec0... 2600:1408:ec00:28a::228b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
63	14

22 107.180.25.104 (Ashburn, United States)

ASN400754 (GO-DADDY-COM-LLC, US)
PTR: 104.25.180.107.host.secureserver.net

www.mktbtk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mktbtk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0d::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.85.29 (Edison, United States) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-43-85-29.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c00::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c06::8a (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:11::17cd:6b45 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::67 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1408:ec00:28a::228b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mktbtk.com www.mktbtk.com mktbtk.com	560 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	76 KB
6	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13900 csp.secureserver.net — Cisco Umbrella Rank: 13675	564 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	270 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 10742	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	99 KB
63	10

	Domain	Requested by
17	mktbtk.com	www.mktbtk.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	www.mktbtk.com	www.mktbtk.com
4	csp.secureserver.net	img1.wsimg.com
4	pagead2.googlesyndication.com	www.mktbtk.com pagead2.googlesyndication.com
3	www.google-analytics.com	www.mktbtk.com www.google-analytics.com www.googletagmanager.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects www.mktbtk.com
2	fonts.googleapis.com	www.mktbtk.com
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
63	14

This site contains links to these domains. Also see Links.

Domain
brjmf.com
mktbtk.com

Subject Issuer	Validity	Valid
mktbtk.com Go Daddy Secure Certificate Authority - G2	`2024-04-30` - `2025-06-01`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2024-07-15` - `2025-08-16`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2024-10-17` - `2025-11-18`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.mktbtk.com/
Frame ID: 582FA79416BBEA39B88952926DD6BFC7
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 0AB352900A4DABA62A201681202B09AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3365205834637670&output=html&adk=2789807549&adf=3978377772&abgtt=9&lmt=1703885622&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.mktbtk.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734377105699&bpp=8&bdt=264&idt=98&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1605339845930&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088580%2C31089339%2C95344789%2C95345966&oid=2&pvsid=2190742043493170&tmod=1323223520&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=133
Frame ID: 4CCF03D9FD97FE38BBA2CE28A4D38E9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 286184D465F5C98BAEA4ED4E633357F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 98AA95BF7C636EBE3D43922F79FECD6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 960BC1FB5847CF72ECBF90A84E933F4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: F13E1DDBEF0F3AB932DB53D6761F0E32
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 4B1289F8309180A3DC6A724E1640140A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD9984F2A2ED83E93646B14510C908E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

موسوعة تفسير الأحلام

Page URL History Show full URLs

http://www.mktbtk.com/ HTTP 307
https://www.mktbtk.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

63
Requests

97 %
HTTPS

85 %
IPv6

10
Domains

14
Subdomains

14
IPs

1
Countries

1069 kB
Transfer

2097 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://brjmf.com/ar

Search URL Search Domain Scan URL

URL: https://mktbtk.com/

Search URL Search Domain Scan URL

URL: https://mktbtk.com/search.htm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mktbtk.com/ HTTP 307
https://www.mktbtk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mktbtk.com/
Redirect Chain

http://www.mktbtk.com/
https://www.mktbtk.com/

30 KB
5 KB

385ms
74ms

Document
text/html

107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: b4a91a0a6241543365f5b9a7e7e82d19ed943993b79a2ddb1261f32c99b7cbdd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 5010
content-type: text/html; charset=windows-1256
date: Mon, 16 Dec 2024 19:25:05 GMT
etag: "2db79b2-76c0-60dacc93cb980-br"
last-modified: Fri, 29 Dec 2023 21:33:42 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://www.mktbtk.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 redirection-mobile.js Show response
mktbtk.com/js/ 12 KB
4 KB 204ms
201ms Script
text/javascript 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://mktbtk.com/js/redirection-mobile.js
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: c5773a0e103cc0b2b0a7f107f57dc1cc0c29d5f361b7f5d3ce3fe9a3ed2ddbc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: "2db79c9-2fa5-555022c4b9640-br"
accept-ranges: bytes
content-length: 3687
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Sun, 23 Jul 2017 20:45:05 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 87ms
38ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.mktbtk.com
URL: https://www.mktbtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acfe89e6a7cb4f6586be747174776ddb72059e3fbd6c22b762ed32d541ec0f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: 2993365117944309419
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 19:25:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53295
x-xss-protection: 0
server: cafe

GET
H2 200 css
fonts.googleapis.com/ 3 KB
884 B 63ms
32ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Reem+Kufi|Scheherazade&subset=arabic

Requested by

Host: www.mktbtk.com
URL: https://www.mktbtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5bace6373f3bdde18043fdd0dafdcf26994144f6763e584401694da5b45e3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:05 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 16 Dec 2024 19:25:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 Main-sap.png
mktbtk.com/imgs/ 44 KB
44 KB 137ms
135ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/Main-sap.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: a724a9bf6b8a197f409e88984840e2f4b8ac2cd72c90aa48e59dee8ab587ae77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 44800
etag: "2db772b-af00-5471534023b00"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 27 Jan 2017 15:34:36 GMT
content-type: image/png
server: Apache

GET
H2 200 icon3.gif
mktbtk.com/imgs/ 1 KB
1 KB 74ms
70ms Image
image/gif 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/icon3.gif
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 4deff4d13ed8f5bca684185c23cbc6d6a4c4e6e8a49b735b9dce77ef0120f521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 1053
etag: "2db78ce-41d-54275316717c0"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Tue, 29 Nov 2016 18:59:51 GMT
content-type: image/gif
server: Apache

GET
H2 200 icon4.bmp
mktbtk.com/imgs/ 3 KB
2 KB 79ms
76ms Image
image/bmp 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/icon4.bmp
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: df5183de5bc14ebae270a50a8df4e4bb4ad00852ec7039421dbdbc585d165454

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: "2db78d7-a30-542976ce51280-br"
accept-ranges: bytes
content-length: 1944
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Thu, 01 Dec 2016 11:50:18 GMT
vary: Accept-Encoding
server: Apache
content-type: image/bmp

GET
H2 200 Arabic.jpg
mktbtk.com/imgs/ 17 KB
17 KB 71ms
70ms Image
image/jpeg 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/Arabic.jpg
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 63e255c22bc2106b7dab49d954461cb992da2835ea66e36804f20daa7fb7fffb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 17406
etag: "2db76c8-43fe-542973ef08bc0"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Thu, 01 Dec 2016 11:37:27 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 Brg.png
mktbtk.com/imgs/ 8 KB
8 KB 128ms
128ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/Brg.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 0c2a8d3030ccd80f73553744360964e6d387a3debe4ba0d2094ba67bfc1a83e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 8587
etag: "2db76dc-218b-5429720e61dc0"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Thu, 01 Dec 2016 11:29:03 GMT
content-type: image/png
server: Apache

GET
H2 200 icon33.gif
mktbtk.com/imgs/ 1 KB
1 KB 71ms
71ms Image
image/gif 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/icon33.gif
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 665551ea5d5296d9f3872ae9fc19086336bc1241f3491b339782f56f7dfcade8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 1053
etag: "2db78d5-41d-5468a01ab7bc0"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 20 Jan 2017 17:30:31 GMT
content-type: image/gif
server: Apache

GET
H2 200 224.png
mktbtk.com/imgs/ 5 KB
5 KB 72ms
71ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/224.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: d7159219da2b9ebe1e61631337e521a11d4d4fc8123fd49f8f8edb939d85e390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 5383
etag: "2db7711-1507-546877b236600"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 20 Jan 2017 14:29:44 GMT
content-type: image/png
server: Apache

GET
H2 200 dr2.png
mktbtk.com/imgs/ 10 KB
10 KB 79ms
76ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/dr2.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 19ec5983f26ed42ab6e545fb100678a01c931998ad8e8b6239ebace89dc64aa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 10466
etag: "2db786f-28e2-54649f1de7c00"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Tue, 17 Jan 2017 13:04:48 GMT
content-type: image/png
server: Apache

GET
H2 200 225.png
mktbtk.com/imgs/ 7 KB
7 KB 77ms
75ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/225.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 76d1a43af9acd39647daee45c8c30726df7622d05429f5cf3ee6a7d82f709d8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 7243
etag: "2db76fe-1c4b-5471782de9b40"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 27 Jan 2017 18:19:49 GMT
content-type: image/png
server: Apache

GET
H2 200 235.png
mktbtk.com/imgs/ 12 KB
12 KB 76ms
75ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/235.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: ec45fdfa104e15b4fced8f79fcadd524f63f3fed8b79d831eabdb42b0795535c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 12005
etag: "2db77f3-2ee5-54717695bd840"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 27 Jan 2017 18:12:41 GMT
content-type: image/png
server: Apache

GET
H2 200 226.png
mktbtk.com/imgs/ 7 KB
7 KB 110ms
109ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/226.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: b20685ca84ddec17a46d189f609497c46ab8faf3e976d31c67fee761b5c17339

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 7596
etag: "2db7727-1dac-54689d759be40"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 20 Jan 2017 17:18:41 GMT
content-type: image/png
server: Apache

GET
H2 200 icon5.png
mktbtk.com/imgs/ 5 KB
5 KB 110ms
108ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/icon5.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: a0600ab9b632575fa3ff49aafae4293ce1cd8a2fc32aad2465df50da77ef3a8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 5243
etag: "2db78e5-147b-542976afcca80"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Thu, 01 Dec 2016 11:49:46 GMT
content-type: image/png
server: Apache

GET
H2 200 search2.gif
mktbtk.com/imgs/ 2 KB
2 KB 121ms
119ms Image
image/gif 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/search2.gif
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: e681a1bbe396bacf031d3d5b492194484c796e01426827e1ecd3841c7de6e13e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 1570
etag: "2db7939-622-541a36a277a00"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Sat, 19 Nov 2016 08:43:20 GMT
content-type: image/gif
server: Apache

GET
H2 200 008.jpg
mktbtk.com/imgs/ 91 KB
91 KB 119ms
117ms Image
image/jpeg 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/008.jpg
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: e6868e5783a97d482452d3ce0b2b476d0a207671378829e91e423cbdb950df3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 93154
etag: "2db774f-16be2-546b0edb7fe00"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Sun, 22 Jan 2017 15:56:40 GMT
content-type: image/jpeg
server: Apache

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

17ms
16ms

Script
text/javascript

23.43.85.29
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Server: 23.43.85.29 Edison, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-43-85-29.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-amz-meta-version: 0.4.7
etag: "6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id: 4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires: Mon, 16 Dec 2024 19:55:05 GMT
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Tue, 24 Sep 2024 20:55:06 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-id-2: 9vGw9MUGD2gY+uxzS2O4Fe/f8d+GJS36TxRtfHPK81eNLiUMLTGzoyKzvQuLIHNIMVPK35LXgRg=
cache-control: max-age=1800
timing-allow-origin: *
x-amz-request-id: H8WEN0MZHRM6C9WN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20968
x-amz-server-side-encryption: AES256

Redirect headers

expires: Tue, 16 Dec 2025 19:25:05 GMT
cache-control: max-age=31536000
location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length: 0
access-control-allow-origin: *
date: Mon, 16 Dec 2024 19:25:05 GMT
timing-allow-origin: *

GET
H2 200 s.css
www.mktbtk.com/ 919 B
325 B 79ms
78ms Stylesheet
text/css 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mktbtk.com/s.css
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 23a6a9d35f4e050aec4a375f805b8f73dc718f458ecbbd5fbb39a62b1ecfb4f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: "2dbb619-397-5f0ff4797a300-br"
accept-ranges: bytes
content-length: 237
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Thu, 29 Dec 2022 22:48:12 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 41ms
31ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Reem+Kufi

Requested by

Host: www.mktbtk.com
URL: https://www.mktbtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96d0e88260328b798a25686f875ef6caea86397975709cae02aecbb7a657fbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:05 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 16 Dec 2024 19:24:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon3.gif
www.mktbtk.com/img/ 1 KB
1 KB 76ms
74ms Image
image/gif 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mktbtk.com/img/icon3.gif
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 4deff4d13ed8f5bca684185c23cbc6d6a4c4e6e8a49b735b9dce77ef0120f521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 1053
etag: "2db75d0-41d-545e404168cc0"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Thu, 12 Jan 2017 11:28:27 GMT
content-type: image/gif
server: Apache

GET
H2 200 Na_bulsi.jpg
www.mktbtk.com/img/ 32 KB
33 KB 73ms
72ms Image
image/jpeg 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mktbtk.com/img/Na_bulsi.jpg
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: ffc39b4bbb759d0dfed3ed4a0015d5b1dd9684e67e96bc46a76d3518d14e5e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 33268
etag: "2db7483-81f4-545f5b6478dc0"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Fri, 13 Jan 2017 08:35:11 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
14ms Script
text/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mktbtk.com
URL: https://www.mktbtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
age: 6099
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:43:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 17:43:26 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 009.png
mktbtk.com/imgs/ 15 KB
15 KB 112ms
110ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/009.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 0f0a8dfb3396aca7ed4d5092063a8317bcfa7933b92b7b2494ec102fadeb9ae8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 14896
etag: "2db76c6-3a30-546b0e1cc3c00"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Sun, 22 Jan 2017 15:53:20 GMT
content-type: image/png
server: Apache

GET
H2 200 02.png
mktbtk.com/imgs/ 288 KB
288 KB 112ms
111ms Image
image/png 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mktbtk.com/imgs/02.png
Requested by: Host: www.mktbtk.com
URL: https://www.mktbtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: f827f15c862ed551917d8af332c406ba55c5e976eaac7878cc9b3e7aa1d5526b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

accept-ranges: bytes
content-length: 294688
etag: "2db776b-47f20-546b0e133a580"
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Sun, 22 Jan 2017 15:53:10 GMT
content-type: image/png
server: Apache

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 435 KB
144 KB 29ms
29ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: 4174761130244020438
age: 10333
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:32:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 16:32:52 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147831
x-xss-protection: 0
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
434 B 26ms
23ms XHR
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=91357578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mktbtk.com%2F&ul=en-us&de=windows-1256&dt=%D9%85%D9%88%D8%B3%D9%88%D8%B9%D8%A9%20%D8%AA%D9%81%D8%B3%D9%8A%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AD%D9%84%D8%A7%D9%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=378056268&gjid=1800792305&cid=1891725487.1734377106&tid=UA-10994983-1&_gid=829127636.1734377106&_r=1&_slc=1&z=1639492094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

31c2ab4ea78d5df85ec7352c8e19742ead4dcfd9c9c20f98585a06d745171c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.mktbtk.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
99 KB 72ms
34ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LFSY0FRJLF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6cd981409a361b60a4635854ba7f6bce2c98dc51e320abb0f8da7ea92e1d044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 19:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100604
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 0AB3 0
0 62ms
21ms Document
text/html 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 85516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 19:39:49 GMT
etag: 17661348622971093804
expires: Sun, 29 Dec 2024 19:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4CCF 0
0 585ms
571ms Document
text/html 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3365205834637670&output=html&adk=2789807549&adf=3978377772&abgtt=9&lmt=1703885622&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.mktbtk.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734377105699&bpp=8&bdt=264&idt=98&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1605339845930&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088580%2C31089339%2C95344789%2C95345966&oid=2&pvsid=2190742043493170&tmod=1323223520&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=133

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 130375
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 19:25:06 GMT
expires: Mon, 16 Dec 2024 19:25:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 22ms
22ms Fetch
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LFSY0FRJLF&gtm=45je4cc1v9135296021za200&_p=1734377105788&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=en-us&sr=1600x1200&cid=1891725487.1734377106&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.mktbtk.com%2F&dt=%D9%85%D9%88%D8%B3%D9%88%D8%B9%D8%A9%20%D8%AA%D9%81%D8%B3%D9%8A%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AD%D9%84%D8%A7%D9%85&sid=1734377105&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=957
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LFSY0FRJLF&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mktbtk.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:05 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 177 KB
59 KB 23ms
22ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: 1667813206267593936
age: 9796
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:41:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 16:41:50 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60482
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-3365205834637670 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 93ms
54ms Script
application/javascript 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3365205834637670?href=https%3A%2F%2Fwww.mktbtk.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c726eff94b8cec9ac1af154841818b9ff32fb8824fbf9306cee933eb82d15ffb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ACnqUt3KrUB3SbWZ_Ilz0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:06 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcEz627ibTeDF8b4uJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQyNDIz0Dw_gCAwCN5kV7"
content-security-policy: script-src 'report-sample' 'nonce-ACnqUt3KrUB3SbWZ_Ilz0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVE6Gdlj2rc-wXKyMAEhhn_HPRZITf_v7SQdrHiu7-kE-8dH7K5QAaH2suigtFvPwEGUW4TykVO0OezWpa1o0cbLykkbEEbi3oO0cMKyLmkZuHgerxH86xoefe54mvvwij7PkCnzA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 77ms
76ms Script
application/javascript 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVE6Gdlj2rc-wXKyMAEhhn_HPRZITf_v7SQdrHiu7-kE-8dH7K5QAaH2suigtFvPwEGUW4TykVO0OezWpa1o0cbLykkbEEbi3oO0cMKyLmkZuHgerxH86xoefe54mvvwij7PkCnzA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0Mzc3MTA2LDY2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubWt0YnRrLmNvbS8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3df3488a7bb83d0c9470e04d8d1568a4ac9f3085e9403d8766a36e16f0eec91

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qWz-StelOD6QzxlkyIP4Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:06 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOB2GjteVYXIE76d561BIgNFS6xOgOxY9ElVk8gVu25xGoOxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wtQMzw9QorBxAL8XBM-tu4m01gwtHH15mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDI30DAzjCwwA5chK0A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qWz-StelOD6QzxlkyIP4Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 2861 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 85516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 19:39:49 GMT
etag: 17661348622971093804
expires: Sun, 29 Dec 2024 19:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 98AA 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 85516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 19:39:49 GMT
etag: 17661348622971093804
expires: Sun, 29 Dec 2024 19:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 960B 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 85516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 19:39:49 GMT
etag: 17661348622971093804
expires: Sun, 29 Dec 2024 19:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame F13E 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 85516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 19:39:49 GMT
etag: 17661348622971093804
expires: Sun, 29 Dec 2024 19:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad-ina. Show response
fundingchoicesmessages.google.com/f/AGSKWxWi_XpnhhVNzDSJMnTxFkOolKy2weV6TlUvd4cNCrUS-BUt6OwtBmj0SNBtunR06E8TvWPV27hgqXegaTPJKu7WY8W3izzK2OtrNL2R59pAhsdBEK3Uvzw4nXEdpwVd_EIIsCeJUpn4QFL7jkq0gRDaq-9c4... 54 B
109 B 38ms
37ms Script
application/javascript 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWi_XpnhhVNzDSJMnTxFkOolKy2weV6TlUvd4cNCrUS-BUt6OwtBmj0SNBtunR06E8TvWPV27hgqXegaTPJKu7WY8W3izzK2OtrNL2R59pAhsdBEK3Uvzw4nXEdpwVd_EIIsCeJUpn4QFL7jkq0gRDaq-9c43aGcylqj1HqHKNRWKpPD41Q2qlR-ROy/__banner_ad./sponsor-ad-side-ad./boxad3./ad-ina.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5809634e3a940f9f236aea3dbf87b6f24e48a81f36e11c3101df6d1a62443a62

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-a3BgHePPLunl2ANmcEr0Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcEz-27ibTWDHnSObGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACb1EXC"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-a3BgHePPLunl2ANmcEr0Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 22ms
21ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: 2157040660662159465
age: 677
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 20:13:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 19:13:50 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15113
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
46ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WQN4O5ezZnfckNwAhR-xAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj8t_G3WwCMxoe7mVUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAPLFKr8"
content-security-policy: script-src 'report-sample' 'nonce-WQN4O5ezZnfckNwAhR-xAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
29ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r5K8rw0mg5V6w15v-Taecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj8t_G3WwCD2b92suo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMABBxKyw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r5K8rw0mg5V6w15v-Taecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
35ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5XYM4HHrpZPXM7Jy2mGvsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1pBiWMS_i8kpfQZrCBB_qL_M-gOIGb5eYeUAYiEejsl_G3ezCVx403yUUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoZGukZmMUXGAAApuksbg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5XYM4HHrpZPXM7Jy2mGvsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
31ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5QrUQAFLEBgG0fQDOJLaBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj8t_G3WwCC3puHGZUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAPZkKs0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5QrUQAFLEBgG0fQDOJLaBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXxEgO_LK8n-UJskXTnd3C9hLwbrQiuwnAOqsD1bSj6NkOXCoLQC3bNqavrl07prrWrwlg67oDZ7FOacjvfIMUwizCzIUY5FBFHaCKdoP2O4WQsa2BaElru0IHEGGPB34LpqSjXrQ== Show response
fundingchoicesmessages.google.com/f/ 6 KB
2 KB 88ms
88ms Script
application/javascript 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxEgO_LK8n-UJskXTnd3C9hLwbrQiuwnAOqsD1bSj6NkOXCoLQC3bNqavrl07prrWrwlg67oDZ7FOacjvfIMUwizCzIUY5FBFHaCKdoP2O4WQsa2BaElru0IHEGGPB34LpqSjXrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0Mzc3MTA3LDM5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1rdGJ0ay5jb20vIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95d8a48e79dad199bd74cbff8a6bb8a1109fa940d51fbc8dc59904e438f642c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cmZeAj_12fyRoCH2sU2wSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcEz-27ibTWBF168bjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkaGRnoGhvEFBgCYQkW5"
content-security-policy: script-src 'report-sample' 'nonce-cmZeAj_12fyRoCH2sU2wSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
30ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v92A0PvzC4OqwCMkQg3JmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj8t_G3WwCCxa__cio5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAAkGKxc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v92A0PvzC4OqwCMkQg3JmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXrUkyOS7VmmTkU9gitHeSVrO9278pi6efC5k-q3qPWScFEZktBlg_iOvBbDRmfJMjDIVB-MjCe_-GqZlVM_IrPpDo9HMh9h7pbglcW0_pdTe3sPg6R98x84iQ_YdwNe6C_B_1hiw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 55ms
55ms Script
application/javascript 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrUkyOS7VmmTkU9gitHeSVrO9278pi6efC5k-q3qPWScFEZktBlg_iOvBbDRmfJMjDIVB-MjCe_-GqZlVM_IrPpDo9HMh9h7pbglcW0_pdTe3sPg6R98x84iQ_YdwNe6C_B_1hiw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0Mzc3MTA3LDQ5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1rdGJ0ay5jb20vIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

847122b7d38f3f8e67b501db31b241d70c164be177236caea96e1486321bfc68

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3gVPkR0HGMtPHHFObBW4mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcEz-27ibTeBA27NfjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkaGRnoGhvEFBgClUkXm"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3gVPkR0HGMtPHHFObBW4mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxV4BXxdJr42b5XonEPrVFpY-rWMObLQexduLrxxQE72YCyA_mW4zPsh2BK_h20yIKuhTl4NTBD39aN2eTOhcfUT-JLVbmiVW2z5B5Cq0au4k-ujKXJLurXEHXXmP57ufS3BHur83w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 48ms
46ms Script
application/javascript 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV4BXxdJr42b5XonEPrVFpY-rWMObLQexduLrxxQE72YCyA_mW4zPsh2BK_h20yIKuhTl4NTBD39aN2eTOhcfUT-JLVbmiVW2z5B5Cq0au4k-ujKXJLurXEHXXmP57ufS3BHur83w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0Mzc3MTA3LDU1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWt0YnRrLmNvbS8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0c6f7dc3450321bd8174cf59967c2352ca0993cdbd134c934bfd2f3ab35b8bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NCSy6uYmOfuu3T-1GWfDrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcEz-27ibTeDGtZ2zmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACc1EW-"
content-security-policy: script-src 'report-sample' 'nonce-NCSy6uYmOfuu3T-1GWfDrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXJ6BAkBt2QtLcfvZ_X-SwH0uPXXoM7daP8d_z7LqwLvWO7jFSn84sILzBU1M08-mD7_71j-NTOofmKKWoYxdVCuvmjILAJRSicVPgCWnQ5fK5BOrr2ouOXNIsSFlDTbvxBxUe-7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJ6BAkBt2QtLcfvZ_X-SwH0uPXXoM7daP8d_z7LqwLvWO7jFSn84sILzBU1M08-mD7_71j-NTOofmKKWoYxdVCuvmjILAJRSicVPgCWnQ5fK5BOrr2ouOXNIsSFlDTbvxBxUe-7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sn2ju-IX5JS7XWlLlIq6Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj8t_G3WwCK_4uWsek5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAAAeKvI"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sn2ju-IX5JS7XWlLlIq6Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
29ms XHR
text/html 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1Y9JSzIKVQaDbT7VE3fWbxcWVjbut2wwumOhkgWo7XFauX7qR9JQAgHcaimzIguf-764UE-t9upQ70Obh0hmXAJlACT-akdYvSbDDFx4tEBbN_9z9042E7g3mVBoXya9ChHEeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fKU5419r2hWNZuEL5Vp5Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mktbtk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj8t_G3WwCG9YuWMek5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAO6VKrE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fKU5419r2hWNZuEL5Vp5Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mktbtk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 52ms
31ms XHR
application/json 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2cad6d9cb10ce00f1fd20208eabae03782b1d53cbf989bc760ac6bd9490093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13218
date: Mon, 16 Dec 2024 19:25:07 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
282 B 125ms
68ms Fetch
image/gif 2600:1408:c400:11::17cd:6b45
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:11::17cd:6b45 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex, nofollow
cache-control: private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.mktbtk.com
content-length: 43
x-xss-protection: 1; mode=block
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: image/gif
x-frame-options: DENY

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
282 B 93ms
40ms Fetch
image/gif 2600:1408:c400:11::17cd:6b45
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=www.mktbtk.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=d1d98cfc-e0e9-42c9-9fd2-5e58c76e4726&vtg=d1d98cfc-e0e9-42c9-9fd2-5e58c76e4726&dp=%2F&trace_id=918771d6c2ff4640a2a1a7c60c161d12&cts=2024-12-16T19%3A25%3A07.621Z&hit_id=157cab72-68d4-4ad9-a3a9-f7f02b67b636&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl506879%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%221523218%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=1007719889&z=693317438&tce=1734377105328&tcs=1734377105194&tdc=1734377107617&tdclee=1734377105790&tdcles=1734377105790&tdi=1734377105790&tdl=1734377105435&tdle=1734377105194&tdls=1734377105017&tfs=1734377105015&tns=1734377104991&trqs=1734377105328&tre=1734377105405&trps=1734377105402&tles=1734377107617&tlee=0&nt=navigate&LCP=707&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:11::17cd:6b45 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex, nofollow
cache-control: private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.mktbtk.com
content-length: 43
x-xss-protection: 1; mode=block
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: image/gif
x-frame-options: DENY

GET
H2 200 favicon.ico
www.mktbtk.com/ 1 KB
1004 B 72ms
71ms Other
image/x-icon 107.180.25.104
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mktbtk.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.25.104 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS: 104.25.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 70187d3ae9f731498df7759afc07f0980533676b679af0e42e7f06ebec8d7146

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: br
etag: "2db7408-57e-517b2a37c4080-br"
accept-ranges: bytes
content-length: 889
date: Mon, 16 Dec 2024 19:25:07 GMT
last-modified: Thu, 04 Jun 2015 15:14:58 GMT
vary: Accept-Encoding
server: Apache
content-type: image/x-icon

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 69ms
23ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mktbtk.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:25:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 19:25:07 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4B12 0
0 66ms
21ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 18:53:38 GMT
expires: Mon, 16 Dec 2024 19:43:38 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame DD99 0
0 78ms
32ms Document
text/html 2607:f8b0:400d:c00::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kjgO4bol00CS1nVXmOMYhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mktbtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kjgO4bol00CS1nVXmOMYhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 19:25:07 GMT
expires: Mon, 16 Dec 2024 19:25:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ Frame 0
0 103ms
31ms Preflight
application/json 2600:1408:ec00:28a::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.mktbtk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 16 Dec 2024 19:25:07 GMT
Expires: Mon, 16 Dec 2024 19:25:07 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: C5i3LETTIAMEudg=
x-amzn-requestid: 55aec77e-6f32-408d-b620-af9048951b25
x-amzn-trace-id: Root=1-67607e93-61a272641773426b1784b970
x-envoy-upstream-service-time: 6

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 136ms
136ms Fetch
application/json 2600:1408:ec00:28a::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
Referer: https://www.mktbtk.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
Cache-Control: max-age=0, no-cache, no-store
x-amz-apigw-id: C5i3LERTIAMEVAA=
x-envoy-upstream-service-time: 93
Pragma: no-cache
x-amzn-trace-id: Root=1-67607e93-433ea41573318a8b6b2a484a
Connection: keep-alive
x-amzn-requestid: 4516a901-d859-4aac-accc-6f5b4b7f0cdb
Expires: Mon, 16 Dec 2024 19:25:08 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 16 Dec 2024 19:25:08 GMT
Content-Type: application/json

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 118ms
116ms Fetch
application/json 2600:1408:ec00:28a::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
Referer: https://www.mktbtk.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
Cache-Control: max-age=0, no-cache, no-store
x-amz-apigw-id: C5i3LEdVIAMEutg=
x-envoy-upstream-service-time: 97
Pragma: no-cache
x-amzn-trace-id: Root=1-67607e93-486fadad0a82edea054eb88b
Connection: keep-alive
x-amzn-requestid: 917d1934-1622-4368-85fb-57d7c2146c7d
Expires: Mon, 16 Dec 2024 19:25:08 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 16 Dec 2024 19:25:08 GMT
Content-Type: application/json

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ Frame 0
0 109ms
38ms Preflight
application/json 2600:1408:ec00:28a::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.mktbtk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 16 Dec 2024 19:25:07 GMT
Expires: Mon, 16 Dec 2024 19:25:07 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: C5i3LH44IAMEsrg=
x-amzn-requestid: d564a723-649e-4a68-af34-222197781991
x-amzn-trace-id: Root=1-67607e93-7c79cb2351b891053692041c
x-envoy-upstream-service-time: 6

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=2190742043493170&bg=!wsGlwY7NAAbtGp3CzRo7ADQBe5WfOI_fGNFax5i9OISR_nefajdvi-4BKpDYtCnoC3HT1PJxAfqkiiAutmVyMt6ZwrGFAgAAAExSAAAAA2gBB34ANmQvBjNJvlm0ZEsOl7ZDRDcycjDRQ3CoLp9bPbj0BK9oStFmdMLCkpeWM4oIHg_BYcPHIuFdDAoAecD4hM0qelkBXUqecsPtdDrfLIO26ttC8ILqACed3uqrMpeCpdbX2FJdjVnsj92zR1gppUs94tCl1GvzjY1gz6yoHnonVCsnyQeMX4OjXG7XApRt4M79dYSS5LEohiRB27epC_tRjGstIK2Zmz1s6WaW9OlIcaUpRSiZAq1-ejG4nLTTwMGaTHoWkNKGagMpIDiX5o9P1FS-raYHpwpkuyfOvs67Hp2fQgPDBA3Mj8RkyxnJZ2aaGpHawK_-pZ_t4h6boGNakAPPzWtiyMUBeDEr6cMLf048cGbjA1vpu86Gxq1TcwiEDmXA8_xgqL2wZ3zD3qqidwSCx9JntKs6c0ihJn1K35WYrKZE4HaO0hLtt1VWAzz44UeBAQhb0h39dLjp6mQ3oicPxE_xDju6vpeb7fptVkYkSDPP8QWMie2uG1icAoH7Al_Y3mECKbONGgHSJS57gltHbMqiwsu5bSINBX5wq3KskGRhxfR7NibSKQfUqwKmaHRuP2DPoJxQSoy_epXI5oiF97fO2cKiFxTEh4pzRxSVHfuZZi-Lrpe_VN_bnPDQnuMfkFagNMBsEd2KKCk0Q_ymzE6uGgQDdBEgyolz0XATwAUj3HZgtQ7QxVtl9LnDYIqVax8HFJfiiLvYNodUSpMb20igvaMFJUP_M60LW3fbGHCtP8X-fDLIFV4dPvNoXj2-O8ibtf9BV7WD6w1KL_RxDfa_NhU5RlmDaD4VvK54DCZEdG8FoGZd7r90D8-C1RzNusf9tdU6KEAlwbZRDTPf28KVXnIVXvJ1Cq-napU07w9iJ3KPJ6x8O4XAvIzV7NRZuim9bzJg6_1cGczp5HIJ9kP3kJD9-W9fAJ8Q3XURDveAiGFJelwmbXVHqRxmCZsRG831yrWyfeFp8Di9oJ7WitvFeyDIhpkuHAaxlqifEO3xt7-ppf980S5UhNiytZu2GggX1xbnkCctbpnSWAgSmrxTx8eogtf9odtdhY0e3gWD-WHYJ9mjh8PorB8PHQW8hC3gBvwlfIfkLrVyLz5r4eDw-p0j-MUszfowTSpSWCMSMBp_QtMcHMG6FwlFWOem

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mktbtk.com/	1970-01-21 11:22:17	Name: _ga Value: GA1.2.1891725487.1734377106
.mktbtk.com/	1970-01-21 01:47:43	Name: _gid Value: GA1.2.829127636.1734377106
.mktbtk.com/	1970-01-21 01:46:17	Name: _gat Value: 1
.mktbtk.com/	1970-01-21 10:31:53	Name: _tccl_visitor Value: d1d98cfc-e0e9-42c9-9fd2-5e58c76e4726
.mktbtk.com/	1970-01-21 01:46:18	Name: _tccl_visit Value: d1d98cfc-e0e9-42c9-9fd2-5e58c76e4726
.mktbtk.com/	1970-01-21 01:46:18	Name: _scc_session Value: pc=1&C_TOUCH=2024-12-16T19:25:05.771Z
.mktbtk.com/	1970-01-21 11:22:17	Name: _ga_LFSY0FRJLF Value: GS1.2.1734377105.1.0.1734377105.0.0.0
.doubleclick.net/	1970-01-21 11:22:17	Name: IDE Value: AHWqTUn4bvgPy9VCRagdxHh8EBsiUtzlR3MBA8xoxHxcbIcmpOU7J9qlicZP9-BP
.mktbtk.com/	1970-01-21 11:07:53	Name: __gads Value: ID=904337320475123f:T=1734377105:RT=1734377105:S=ALNI_Ma3XgS5LjvsSDslB7FHNGYvPozJQg
.mktbtk.com/	1970-01-21 11:07:53	Name: __gpi Value: UID=00000fb66096c177:T=1734377105:RT=1734377105:S=ALNI_Mb7lF2WTEL4sM9ZnHT9VZeKRiNmWA
.mktbtk.com/	1970-01-21 06:05:29	Name: __eoi Value: ID=91cb9f8be8ffa3c6:T=1734377105:RT=1734377105:S=AA-AfjZGI5pohkWRU-3R6-BuCujm
.adnxs.com/	1970-01-21 11:22:17	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:55:53	Name: CMPS Value: 1330
.teads.tv/	1970-01-21 10:30:26	Name: tt_viewer Value: 70f7e4c5-cb56-45f8-8f2b-700f29935144
.doubleclick.net/	1970-01-21 02:29:29	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 06:05:29	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 10:31:53	Name: CMID Value: Z2B.ktHM66wAADbHA934sAAA
.casalemedia.com/	1970-01-21 03:55:53	Name: CMPRO Value: 1330
.mktbtk.com/	1970-01-21 10:31:53	Name: FCNEC Value: %5B%5B%22AKsRol9y7Bx2IWvHjKqRwAyg4TfuP6ygEc4Hccjgp6Zo9GLNA0IIwOeNi2y-4dTZEae7UK5SvUxXJ6OSlpa1oujvmP8ngCiNh_xZ5YBB9wgTA2AaffHrG47q56_ho9Vz2U49EiqVKW9mS_hHwMz98j_llylmGJnlUA%3D%3D%22%5D%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.mktbtk.com/ Message: Mixed Content: The page at 'https://www.mktbtk.com/' was loaded over HTTPS, but requested an insecure element 'http://www.mktbtk.com/img/icon3.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.mktbtk.com/ Message: Mixed Content: The page at 'https://www.mktbtk.com/' was loaded over HTTPS, but requested an insecure element 'http://www.mktbtk.com/img/Na_bulsi.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.secureserver.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
events.api.secureserver.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
img1.wsimg.com
mktbtk.com
pagead2.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.mktbtk.com
ep1.adtrafficquality.google
107.180.25.104
23.43.85.29
2600:1408:c400:11::17cd:6b45
2600:1408:ec00:28a::228b
2607:f8b0:4004:c06::8a
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::64
2607:f8b0:4004:c19::61
2607:f8b0:400d:c00::67
2607:f8b0:400d:c00::9a
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0d::9c
0c2a8d3030ccd80f73553744360964e6d387a3debe4ba0d2094ba67bfc1a83e1
0c2cad6d9cb10ce00f1fd20208eabae03782b1d53cbf989bc760ac6bd9490093
0f0a8dfb3396aca7ed4d5092063a8317bcfa7933b92b7b2494ec102fadeb9ae8
139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930
19ec5983f26ed42ab6e545fb100678a01c931998ad8e8b6239ebace89dc64aa2
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
23a6a9d35f4e050aec4a375f805b8f73dc718f458ecbbd5fbb39a62b1ecfb4f5
31c2ab4ea78d5df85ec7352c8e19742ead4dcfd9c9c20f98585a06d745171c14
4deff4d13ed8f5bca684185c23cbc6d6a4c4e6e8a49b735b9dce77ef0120f521
5809634e3a940f9f236aea3dbf87b6f24e48a81f36e11c3101df6d1a62443a62
63e255c22bc2106b7dab49d954461cb992da2835ea66e36804f20daa7fb7fffb
665551ea5d5296d9f3872ae9fc19086336bc1241f3491b339782f56f7dfcade8
70187d3ae9f731498df7759afc07f0980533676b679af0e42e7f06ebec8d7146
76d1a43af9acd39647daee45c8c30726df7622d05429f5cf3ee6a7d82f709d8b
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
847122b7d38f3f8e67b501db31b241d70c164be177236caea96e1486321bfc68
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
95d8a48e79dad199bd74cbff8a6bb8a1109fa940d51fbc8dc59904e438f642c5
96d0e88260328b798a25686f875ef6caea86397975709cae02aecbb7a657fbe5
a0600ab9b632575fa3ff49aafae4293ce1cd8a2fc32aad2465df50da77ef3a8c
a724a9bf6b8a197f409e88984840e2f4b8ac2cd72c90aa48e59dee8ab587ae77
acfe89e6a7cb4f6586be747174776ddb72059e3fbd6c22b762ed32d541ec0f78
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20685ca84ddec17a46d189f609497c46ab8faf3e976d31c67fee761b5c17339
b4a91a0a6241543365f5b9a7e7e82d19ed943993b79a2ddb1261f32c99b7cbdd
b5bace6373f3bdde18043fdd0dafdcf26994144f6763e584401694da5b45e3c2
c0c6f7dc3450321bd8174cf59967c2352ca0993cdbd134c934bfd2f3ab35b8bf
c5773a0e103cc0b2b0a7f107f57dc1cc0c29d5f361b7f5d3ce3fe9a3ed2ddbc6
c726eff94b8cec9ac1af154841818b9ff32fb8824fbf9306cee933eb82d15ffb
d7159219da2b9ebe1e61631337e521a11d4d4fc8123fd49f8f8edb939d85e390
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5183de5bc14ebae270a50a8df4e4bb4ad00852ec7039421dbdbc585d165454
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e681a1bbe396bacf031d3d5b492194484c796e01426827e1ecd3841c7de6e13e
e6868e5783a97d482452d3ce0b2b476d0a207671378829e91e423cbdb950df3a
ec45fdfa104e15b4fced8f79fcadd524f63f3fed8b79d831eabdb42b0795535c
f3df3488a7bb83d0c9470e04d8d1568a4ac9f3085e9403d8766a36e16f0eec91
f6cd981409a361b60a4635854ba7f6bce2c98dc51e320abb0f8da7ea92e1d044
f827f15c862ed551917d8af332c406ba55c5e976eaac7878cc9b3e7aa1d5526b
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffc39b4bbb759d0dfed3ed4a0015d5b1dd9684e67e96bc46a76d3518d14e5e3e

www.mktbtk.com Open in urlscan Pro 107.180.25.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

85 %IPv6

10 Domains

14 Subdomains

14 IPs

1 Countries

1069 kBTransfer

2097 kBSize

19 Cookies

3 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mktbtk.com Open in urlscan Pro
107.180.25.104 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

85 %
IPv6

10
Domains

14
Subdomains

14
IPs

1
Countries

1069 kB
Transfer

2097 kB
Size

19
Cookies

63 HTTP transactions
0 data transactions