group-fs.com Open in urlscan Pro
2606:4700::6810:1130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://group-fs.com/
Submission: On February 03 via manual (February 3rd 2022, 11:34:32 am UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 29 domains to perform 103 HTTP transactions. The main IP is 2606:4700::6810:1130, located in United States and belongs to CLOUDFLARENET, US. The main domain is group-fs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.

This is the only time group-fs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	2606:4700::68... 2606:4700::6810:1130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	3.232.242.170 3.232.242.170	14618 (AMAZON-AES) (AMAZON-AES)
3 12	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.132.130.160 142.132.130.160	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.150 80.64.106.150	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2	159.69.59.100 159.69.59.100	24940 (HETZNER-AS) (HETZNER-AS)
2 2	91.220.120.21 91.220.120.21	202173 (MAXIMATEL...) (MAXIMATELECOM)
1 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	116.202.236.172 116.202.236.172	24940 (HETZNER-AS) (HETZNER-AS)
3 3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	81.163.17.245 81.163.17.245	49505 (SELECTEL) (SELECTEL)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	82.148.20.2 82.148.20.2	49505 (SELECTEL) (SELECTEL)
2 3	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
1 1	176.122.21.226 176.122.21.226	48096 (ITGRAD) (ITGRAD)
1 1	193.232.151.161 193.232.151.161	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
103	21

63 2606:4700::6810:1130 (United States)

ASN13335 (CLOUDFLARENET, US)

group-fs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 193.232.150.45 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp18.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.132.130.160 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.160.130.132.142.clients.your-server.de

sync.mediatoday.iae.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.150 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru

instreamvideo-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.59.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.220.120.21 (Moscow, Russian Federation) 2 redirects

ASN202173 (MAXIMATELECOM, RU)

tms.dmp.wi-fi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.236.172 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.172.236.202.116.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.163.17.245 (Russian Federation) 2 redirects

ASN49505 (SELECTEL, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

mediainstinct-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.148.20.2 (Russian Federation)

ASN49505 (SELECTEL, RU)

essitydmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.216.101.186 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.183.20 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.226 (Novorossiysk, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.151.161 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)

id.uma.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	group-fs.com group-fs.com	751 KB
12	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	17 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	337 KB
5	google.com www.google.com — Cisco Umbrella Rank: 13	38 KB
4	iae.one 4 redirects sync.mediatoday.iae.one — Cisco Umbrella Rank: 81417	1 KB
4	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	2 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3286	665 B
2	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	whiteboxdigital.ru 2 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 30411	1 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	1 KB
2	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	935 B
2	wi-fi.ru 2 redirects tms.dmp.wi-fi.ru — Cisco Umbrella Rank: 105549	1 KB
2	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 21128	139 B
2	rutarget.ru 2 redirects instreamvideo-sync.rutarget.ru — Cisco Umbrella Rank: 446314 mediainstinct-sync.rutarget.ru — Cisco Umbrella Rank: 142914	875 B
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 404	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	487 B
1	uma.media 1 redirects id.uma.media — Cisco Umbrella Rank: 239691	502 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 56157	165 B
1	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 46144	230 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 816	348 B
1	essitydmp.ru essitydmp.ru	797 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 25947	163 B
1	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 13446	201 B
1	google.se www.google.se — Cisco Umbrella Rank: 20475	501 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3497	216 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	42 KB
103	29

	Domain	Requested by
63	group-fs.com	group-fs.com
12	px.adhigh.net	3 redirects group-fs.com px.adhigh.net
5	www.google.com	group-fs.com www.gstatic.com www.google.com
4	sync.mediatoday.iae.one	4 redirects
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com group-fs.com
3	sync.1dmp.io	2 redirects px.adhigh.net
3	cm.g.doubleclick.net	3 redirects
2	an.yandex.ru	1 redirects px.adhigh.net
2	ads.betweendigital.com	1 redirects px.adhigh.net
2	x.bidswitch.net	2 redirects
2	mitdmp.whiteboxdigital.ru	2 redirects
2	dmg.digitaltarget.ru	1 redirects px.adhigh.net
2	x01.aidata.io	1 redirects px.adhigh.net
2	tms.dmp.wi-fi.ru	2 redirects
2	sync.dmp.otm-r.com	px.adhigh.net
2	secure.adnxs.com	1 redirects px.adhigh.net
2	redirect.frontend.weborama.fr	2 redirects
2	fonts.gstatic.com	www.google.com
1	id.uma.media	1 redirects
1	ads.adlook.me	1 redirects
1	prodmp.ru	px.adhigh.net
1	ce.lijit.com	px.adhigh.net
1	essitydmp.ru	px.adhigh.net
1	mediainstinct-sync.rutarget.ru	1 redirects
1	exchange.buzzoola.com	1 redirects
1	instreamvideo-sync.rutarget.ru	1 redirects
1	ssp.adriver.ru	px.adhigh.net
1	www.google.se	group-fs.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.ipify.org	www.googletagmanager.com
1	www.googletagmanager.com	group-fs.com
103	32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
ltmse.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
prodmp.ru R3	`2021-12-14` - `2022-03-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://group-fs.com/
Frame ID: 1DC0CB91E1F27B1600DB6F7BDF4100F6
Requests: 76 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&co=aHR0cHM6Ly9ncm91cC1mcy5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8oyouy17v0zq
Frame ID: 9B8895384345241495CBFF635C766FB5
Requests: 8 HTTP requests in this frame

Frame: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Frame ID: 007C9BD1295B1C4E3C2AFA7BBAC82120
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Послуги кібербезпеки: замовити інформаційну безпеку | FSG

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

84 %
HTTPS

28 %
IPv6

29
Domains

32
Subdomains

21
IPs

6
Countries

1212 kB
Transfer

2415 kB
Size

50
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GroupFS

Search URL Search Domain Scan URL

URL: https://twitter.com/_FS_GROUP_

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/14857933/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf=&pl=443304750 HTTP 302
https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf=&pl=443304750&bounced=1

Request Chain 55

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fweborama%3Fu%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fweborama%3Fu%3D%7BWEBO_CID%7D&bounce=1&random=1410543883 HTTP 302
https://px.adhigh.net/p/cm/weborama?u=n89uVtmaO1Yw1Sbl2vSJ/u

Request Chain 56

https://secure.adnxs.com/setuid?entity=381&code=M7chO6wsaZP.AikABlF-v11FwQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D381%26code%3DM7chO6wsaZP.AikABlF-v11FwQ

Request Chain 57

https://sync.mediatoday.iae.one/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ HTTP 302
https://sync.mediatoday.iae.one/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ&chk=1 HTTP 302
https://instreamvideo-sync.rutarget.ru/sync HTTP 302
https://sync.mediatoday.iae.one/match/segmento?id=3NjvjZj32N0O HTTP 302
https://px.adhigh.net/p/cm/traffaret?u=NGM1ODQ3YTNhYWMyYjFkOA HTTP 302
https://sync.mediatoday.iae.one/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ HTTP 302
https://sync.dmp.otm-r.com/match/mediatoday?id=NGM1ODQ3YTNhYWMyYjFkOA

Request Chain 58

https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=M7chO6wsaZP.AikABlF-v11FwQ&ru=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fqvntstr%3Fu%3D[UID] HTTP 302
https://px.adhigh.net/p/cm/qvntstr?u=V5E8z9BsSCaEW-pa_awPRQ

Request Chain 60

https://x01.aidata.io/0.gif?pid=GETINTENT&id=M7chO6wsaZP.AikABlF-v11FwQ HTTP 302
https://x01.aidata.io/0.gif?pid=GETINTENT&id=M7chO6wsaZP.AikABlF-v11FwQ&bounce=1

Request Chain 61

https://exchange.buzzoola.com/cookiesync/redirect/getintent?redirect_url=https://px.adhigh.net/p/cm/buzzoola?u=M7chO6wsaZP.AikABlF-v11FwQ HTTP 301
https://px.adhigh.net/p/cm/buzzoola?u=M7chO6wsaZP.AikABlF-v11FwQ

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_cm&google_hm=ReTtoBMHVAsAAikABlF-v11FwQ%3D%3D&google_ula= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_cm=&google_hm=ReTtoBMHVAsAAikABlF-v11FwQ%3D%3D&google_ula=&google_tc= HTTP 302
https://px.adhigh.net/p/cm/goog_rub?google_ula=,5&google_gid=CAESEJOGOD9snmRMkdTspKSMhSc&google_cver=1

Request Chain 63

https://dmg.digitaltarget.ru/1/3164/i/i?a=164&e=M7chO6wsaZP.AikABlF-v11FwQ&i=1643888068141 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&a=164&e=M7chO6wsaZP.AikABlF-v11FwQ&i=1643888068141

Request Chain 64

https://mitdmp.whiteboxdigital.ru/pixel?id=M7chO6wsaZP.AikABlF-v11FwQ&source=getintent&redirect=true HTTP 302
https://mediainstinct-sync.rutarget.ru/sync HTTP 302
https://mitdmp.whiteboxdigital.ru/pixel?id=19-REk07wfXA&source=segmento&redirect=true HTTP 302
https://essitydmp.ru/pixel?source=mi&id=ccb69bd1-f269-4780-8ebd-17914a7e1f5e

Request Chain 65

https://sync.1dmp.io/pixel.gif?cid=5a6708a9-7d96-46f1-b264-b6dc4617f958&pid=w&uid=M7chO6wsaZP.AikABlF-v11FwQ HTTP 302
https://sync.1dmp.io/pixel.gif?cid=5a6708a9-7d96-46f1-b264-b6dc4617f958&pid=w&uid=M7chO6wsaZP.AikABlF-v11FwQ&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_gid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_cver=1

Request Chain 66

https://x.bidswitch.net/sync?dsp_id=9&user_id=M7chO6wsaZP.AikABlF-v11FwQ&expires=30&user_group=2 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=9&user_id=M7chO6wsaZP.AikABlF-v11FwQ&expires=30&user_group=2 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=02a7cdc2-80fe-4a01-8f6e-505b30fe5d76

Request Chain 67

https://ads.betweendigital.com/match?bidder_id=37&external_user_id=M7chO6wsaZP.AikABlF-v11FwQ HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=M7chO6wsaZP.AikABlF-v11FwQ&crf=1

Request Chain 69

https://ads.adlook.me/csync?url=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fadlook%3Fu%3D%7BuserId%7D HTTP 302
https://px.adhigh.net/p/cm/adlook?u=b35b24577e7f40fab748341133f6bbcd

Request Chain 70

https://id.uma.media/return?to=https://px.adhigh.net/p/cm/uma_cid_store?a=b&b=c&z= HTTP 302
https://px.adhigh.net/p/cm/uma_cid_store?a=b?b=c&z=&_uma_cid=oZfoAcS9-2Fkq_ONI3sC-w HTTP 302
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=M7chO6wsaZP.AikABlF-v11FwQ&ru=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fqvntstr%3Fu%3D[UID] HTTP 302
https://px.adhigh.net/p/cm/qvntstr?u=doc9JawXR7ijhWzLuzP-vg

Request Chain 71

https://an.yandex.ru/mapuid/getintentis/M7chO6wsaZP.AikABlF-v11FwQ HTTP 302
https://an.yandex.ru/mapuid/getintentis/M7chO6wsaZP.AikABlF-v11FwQ?redir-setuniq=1

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
group-fs.com/ 86 KB
17 KB 656ms
590ms Document
text/html 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21cf2fc8bed1710902f90a594579088d78a484f8d6d02b666f3b60ed99221635

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-type: text/html; charset=UTF-8
link: <https://group-fs.com/>; rel=shortlink
strict-transport-security: max-age=604800
content-security-policy: frame-ancestors 'self';
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d7b59a249fc92ad-FRA
content-encoding: gzip

GET
H2 200 style.min.css
group-fs.com/wp-includes/css/dist/block-library/ 77 KB
14 KB 91ms
89ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jan 2022 03:53:49 GMT
server: cloudflare
etag: W/"61f0c5cd-1357b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a61b5d92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 styles.css
group-fs.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 106ms
105ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Nov 2021 07:16:32 GMT
server: cloudflare
etag: W/"619c9550-aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a61b5f92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 style.css
group-fs.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 2 KB
692 B 91ms
89ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/style.css?ver=1

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6168a87576d63180b04a0ba72f816c50fb89ff565bf01fd362eb37cba7773

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:50 GMT
server: cloudflare
etag: W/"60f56b52-716"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a61b6192ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 vendor.min.css
group-fs.com/wp-content/themes/fsg/packed/ 195 KB
33 KB 89ms
88ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/packed/vendor.min.css

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b751fe45a64a3d7307394186dac463a819c2b5554acefc23360d7f215a1a3465

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-30b70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a61b6292ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 swiper.min.css
group-fs.com/wp-content/themes/fsg/vendor/swiper/css/ 17 KB
3 KB 105ms
104ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/swiper/css/swiper.min.css

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-455f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a61b6692ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 magnific-popup.min.css
group-fs.com/wp-content/themes/fsg/vendor/magnific/ 5 KB
2 KB 98ms
97ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/magnific/magnific-popup.min.css

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-1473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a61b6892ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 menu.css
group-fs.com/wp-content/themes/fsg/vendor/mobileMenu/ 801 B
369 B 112ms
112ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/mobileMenu/menu.css

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2faf96a05508611583e6270219a9062369883119226b12e598e6355ba8e911

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-321"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a62b8192ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 animate.min.css
group-fs.com/wp-content/themes/fsg/vendor/animate/ 52 KB
5 KB 104ms
103ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/animate/animate.min.css

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a62b8392ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 style.css
group-fs.com/wp-content/themes/fsg/ 60 KB
13 KB 103ms
102ms Stylesheet
text/css 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732cfac336118cd59d2b1a40b85d92abf901d6cd14db16de8b2064ba7ea624a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Aug 2021 06:33:22 GMT
server: cloudflare
etag: W/"610791b2-ef9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a62b8692ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 script.js Show response
group-fs.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 2 KB
783 B 104ms
104ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/script.js?ver=1

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b2d1114a960c43692ad2909005aa641bc406fb1f6c5714bc2d2185b5c3b2129

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:50 GMT
server: cloudflare
etag: W/"60f56b52-768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a62b8a92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 jquery.min.js Show response
group-fs.com/wp-includes/js/jquery/ 87 KB
35 KB 105ms
105ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Jul 2021 03:55:13 GMT
server: cloudflare
etag: W/"60f79aa1-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a63b9d92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
group-fs.com/wp-includes/js/jquery/ 11 KB
5 KB 108ms
108ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:45 GMT
server: cloudflare
etag: W/"60f56b4d-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a63b9f92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 logo.png
group-fs.com/wp-content/uploads/2020/12/ 4 KB
4 KB 118ms
116ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/logo.png

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f382ed5d72cef34d27861a21b645da0e1eeacde63a7adf646c129d13ee2867

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-fb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6ed6692ad-FRA
content-length: 4021
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 loadImg.gif
group-fs.com/wp-content/themes/fsg/img/ 9 KB
9 KB 106ms
105ms Image
image/gif 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/loadImg.gif

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7983d92d94ac1327a01aae67c2713fef1f541d59ce98cb3b7535b3a69beeb86f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-2557"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6ed6892ad-FRA
content-length: 9559
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
42 KB 85ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRR7T72

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72e46fd5d17abc688a1c6f5d7a7a417e0c065435649da912220ea1d1688c5153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42998
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:34:27 GMT

GET
H2 200 wp-emoji-release.min.js Show response
group-fs.com/wp-includes/js/ 18 KB
6 KB 107ms
106ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Jul 2021 03:55:13 GMT
server: cloudflare
etag: W/"60f79aa1-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6ed6a92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 email-decode.min.js Show response
group-fs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
831 B 20ms
19ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 10:01:18 GMT
server: cloudflare
etag: W/"61f26d6e-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6d7b59a6dd1992ad-FRA
vary: Accept-Encoding
expires: Sat, 05 Feb 2022 11:34:27 GMT

GET
H2 200 regenerator-runtime.min.js Show response
group-fs.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 68ms
68ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jan 2022 03:53:49 GMT
server: cloudflare
etag: W/"61f0c5cd-195e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6dd1a92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 wp-polyfill.min.js Show response
group-fs.com/wp-includes/js/dist/vendor/ 19 KB
8 KB 136ms
134ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jan 2022 03:53:49 GMT
server: cloudflare
etag: W/"61f0c5cd-4b3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6ed5392ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 index.js Show response
group-fs.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 97ms
95ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Nov 2021 07:16:32 GMT
server: cloudflare
etag: W/"619c9550-2e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6ed5e92ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 swiper.js Show response
group-fs.com/wp-content/themes/fsg/vendor/swiper/js/ 119 KB
37 KB 121ms
119ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/swiper/js/swiper.js

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ae6761ac91196e73320597482170b0ba7da45a1fdd9352cb98f9a99fb3882f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-1dd37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6ed6392ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 72ms
28ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&ver=3.0

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f77d165c6567f0b1423f13bb947f747aa738cfc47b756e7a9e607704b89e2766

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:34:27 GMT

GET
H2 200 index.js Show response
group-fs.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 934 B
633 B 106ms
105ms Script
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.2

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Nov 2021 07:16:32 GMT
server: cloudflare
etag: W/"619c9550-3a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6ed6592ad-FRA
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 search.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 717 B
531 B 38ms
38ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/search.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67d96813245094cee07ec20801cd9841169c897bf01c0e845cebf82541546d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 143784
etag: W/"60f56b4f-2cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd6f92ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 close.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 847 B
557 B 36ms
35ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/close.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc9c2be4bad46bb814d9140a74058bfd0e742355b287ba5be2d5283df2d9ef2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 143784
etag: W/"60f56b4f-34f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd7292ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 swiper-arrow.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 172 B
230 B 102ms
101ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/swiper-arrow.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfab62196eb19987b3648aa51aa4f8f39a774e575a1474ddd0417e85ae36a1fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd7492ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 circle-okey.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 594 B
412 B 112ms
112ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/circle-okey.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce84c7ecdbd5b581a278fe4f45914dc21999d6b5cac5984c476320a5ab37d838

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-252"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd7792ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 down.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 151 B
219 B 111ms
111ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/down.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e48f1f5bc8761a4c6e51322670c5f3db68a23612a7d24d11f42bf501fb8661

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd7b92ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 phone.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 968 B
694 B 31ms
30ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/phone.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c063f47934e04a1227c5cc07f35ea8b53191361a89f4f4b1b4035578cf78005

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 143783
etag: W/"60f56b4f-3c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd7f92ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 email.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 1 KB
825 B 32ms
32ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/email.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3263afbe6691b78101dfe92ffde5049513d10b89ee4945081b6e953fef6153ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 143782
etag: W/"60f56b4f-5ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd8492ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 adres.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 765 B
500 B 31ms
31ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/adres.svg

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8ac05287b7a59bf590e5b3f9b5c4936aad3883f7a0039425cd444184584ceec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 143782
etag: W/"60f56b4f-2fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59a6fd8592ad-FRA
expires: Sun, 01 Feb 2032 11:34:27 GMT

GET
H2 200 Montserrat-Regular.woff2
group-fs.com/wp-content/themes/fsg/fonts/Montserrat/ 90 KB
90 KB 99ms
99ms Font
application/octet-stream 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/fonts/Montserrat/Montserrat-Regular.woff2

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98d1ae4d7949176f58e71462bb4510e1db689a7c64186f05bcebd10f0bddae3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
Origin: https://group-fs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-166a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6fd8792ad-FRA
content-length: 91816
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 Roboto.woff2
group-fs.com/wp-content/themes/fsg/fonts/Roboto/ 27 KB
27 KB 113ms
113ms Font
application/octet-stream 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/fonts/Roboto/Roboto.woff2

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
Origin: https://group-fs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-6d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6fd8a92ad-FRA
content-length: 28036
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 Montserrat-SemiBold.woff2
group-fs.com/wp-content/themes/fsg/fonts/Montserrat/ 89 KB
89 KB 110ms
109ms Font
application/octet-stream 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/fonts/Montserrat/Montserrat-SemiBold.woff2

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221ee8bc64ab6762a177ef30dcc2110157e8221de058085c6624cebeefdb19f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
Origin: https://group-fs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-1650c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6fd8b92ad-FRA
content-length: 91404
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 Robotobold.woff2
group-fs.com/wp-content/themes/fsg/fonts/Roboto/ 28 KB
28 KB 107ms
107ms Font
application/octet-stream 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/fonts/Roboto/Robotobold.woff2

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae821332b2141308414524648b5586844ed652408275feed7c4ad71e7b91b10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
Origin: https://group-fs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-6ee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6fd8d92ad-FRA
content-length: 28384
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 Montserrat-Bold.woff2
group-fs.com/wp-content/themes/fsg/fonts/Montserrat/ 90 KB
90 KB 122ms
122ms Font
application/octet-stream 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/fonts/Montserrat/Montserrat-Bold.woff2

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91a0098ef8c674c2fd774fa1822c9c8b796cc640b7c4427e864368ada4775cf2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://group-fs.com/wp-content/themes/fsg/style.css?ver=1.0.0
Origin: https://group-fs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-16680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59a6fd8f92ad-FRA
content-length: 91776
expires: Thu, 03 Feb 2022 15:34:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRR7T72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7173
date: Thu, 03 Feb 2022 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Feb 2022 11:34:54 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 32 B
216 B 310ms
101ms Script
application/javascript 3.232.242.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRR7T72
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-242-170.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 0af68c79fafbd45b6514fb7823270eb98f448b79df3d658dd467fa38edd2d9f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:34:28 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 32
Vary: Origin
Content-Type: application/javascript

GET
H2 200 p.js Show response
px.adhigh.net/ 10 KB
10 KB 165ms
50ms Script
application/javascript 193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/p.js
Requested by: Host: group-fs.com
URL: https://group-fs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: f4936ba2c4b3b4ace0f6355ea8c53e64b2996f5d12aa1a2f91fb5b624da5cdd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:27 GMT
last-modified: Tue, 21 Dec 2021 13:10:20 GMT
server: nginx
etag: "61c1d23c-291e"
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10526

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ 355 KB
141 KB 59ms
18ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://group-fs.com/
Origin: https://group-fs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 11:34:13 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Feb 2022 12:07:58 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 72ms
24ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-171275119-1&cid=1976345566.1643888068&jid=1201126102&gjid=2121370925&_gid=146337819.1643888068&_u=aGBAgAAjAAAAAE~&z=1399078356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://group-fs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 03 Feb 2022 11:34:27 GMT
content-type: text/plain
access-control-allow-origin: https://group-fs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=785393831&t=pageview&_s=1&dl=https%3A%2F%2Fgroup-fs.com%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%BA%D1%96%D0%B1%D0%B5%D1%80%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8%3A%20%D0%B7%D0%B0%D0%BC%D0%BE%D0%B2%D0%B8%D1%82%D0%B8%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D1%83%20%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D1%83%20%7C%20FSG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=1201126102&gjid=2121370925&cid=1976345566.1643888068&tid=UA-171275119-1&_gid=146337819.1643888068&gtm=2wg220MRR7T72&cd1=%D0%94%D0%B0%D1%82%D0%B0%3A%203.02.2022%20%7C%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%3A%2011%3A34%3A27%20%7C%20UTC%20%2B00%3A00&cd2=1976345566.1643888068&z=1107994581

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 09:52:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9B88 40 KB
20 KB 66ms
40ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&co=aHR0cHM6Ly9ncm91cC1mcy5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8oyouy17v0zq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3031454aef7efb0a9726dac4c21204e04049776dd670f55f3f084ad6fedbe4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WvlEcgr1LmwkQpHLwQHd1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 03 Feb 2022 11:34:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-WvlEcgr1LmwkQpHLwQHd1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20654
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
41ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-171275119-1&cid=1976345566.1643888068&jid=1201126102&_u=aGBAgAAjAAAAAE~&z=2026227115

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 83ms
41ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-171275119-1&cid=1976345566.1643888068&jid=1201126102&_u=aGBAgAAjAAAAAE~&z=2026227115

Requested by

Host: group-fs.com
URL: https://group-fs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tracking.js Show response
px.adhigh.net/p/
Redirect Chain

https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf...
https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf...

493 B
685 B

52ms
52ms

Script
text/javascript

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf=&pl=443304750&bounced=1
Requested by: Host: group-fs.com
URL: https://group-fs.com/
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: ebdcbc31f234d9751250298a32eb0b10409346f3ed3e3e3a35f753bb016e9ceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
content-encoding: gzip
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/javascript;charset=utf-8
content-length: 376
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf=&pl=443304750&bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 9B88 51 KB
24 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&co=aHR0cHM6Ly9ncm91cC1mcy5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8oyouy17v0zq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 11:34:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 9B88 355 KB
140 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 11:34:13 GMT

GET
H2 200 sync.html Show response
px.adhigh.net/p/ Frame 007C 3 KB
3 KB 51ms
51ms Document
text/html 193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/tracking.js?site_id=7204&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=&scr=1600x1200x24&uit=1643888068008&ifr=0&tz=0&url=https%3A%2F%2Fgroup-fs.com%2F&rf=&pl=443304750
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: 3f8d07a19f3b1c5c251835e9fd28131ea91892f24db5f897e4ebdb0c97ced9b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/

Response headers

server: nginx
date: Thu, 03 Feb 2022 11:34:28 GMT
content-type: text/html;charset=utf-8
content-length: 934
x-backend-id: f18-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache no-store
content-encoding: gzip

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9B88 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 146080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 08 Feb 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B88 15 KB
15 KB 59ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 152867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B88 15 KB
16 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 162994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9B88 102 B
134 B 26ms
25ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&co=aHR0cHM6Ly9ncm91cC1mcy5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8oyouy17v0zq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:34:28 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 007C 42 B
201 B 294ms
80ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=112&external_id=M7chO6wsaZP.AikABlF-v11FwQ
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:34:28 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

weborama
px.adhigh.net/p/cm/ Frame 007C
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fweborama%3Fu%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fweborama%3Fu%3D%7BWEBO_CID%7D&bounce=1&random=1410543883
https://px.adhigh.net/p/cm/weborama?u=n89uVtmaO1Yw1Sbl2vSJ/u

49 B
326 B

51ms
50ms

Image
image/gif

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/weborama?u=n89uVtmaO1Yw1Sbl2vSJ/u
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
via: 1.1 google
last-modified: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx/1.12.0
location: https://px.adhigh.net/p/cm/weborama?u=n89uVtmaO1Yw1Sbl2vSJ/u
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 007C
Redirect Chain

https://secure.adnxs.com/setuid?entity=381&code=M7chO6wsaZP.AikABlF-v11FwQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D381%26code%3DM7chO6wsaZP.AikABlF-v11FwQ

43 B
848 B

23ms
23ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D381%26code%3DM7chO6wsaZP.AikABlF-v11FwQ

Requested by

Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:34:28 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c61063e0-758f-4924-a293-2ca3e12a60b8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:34:28 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e443d3f-6974-4b35-a880-2701e94de0d1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D381%26code%3DM7chO6wsaZP.AikABlF-v11FwQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

mediatoday
sync.dmp.otm-r.com/match/ Frame 007C
Redirect Chain

https://sync.mediatoday.iae.one/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ
https://sync.mediatoday.iae.one/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ&chk=1
https://instreamvideo-sync.rutarget.ru/sync
https://sync.mediatoday.iae.one/match/segmento?id=3NjvjZj32N0O
https://px.adhigh.net/p/cm/traffaret?u=NGM1ODQ3YTNhYWMyYjFkOA
https://sync.mediatoday.iae.one/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ
https://sync.dmp.otm-r.com/match/mediatoday?id=NGM1ODQ3YTNhYWMyYjFkOA

0
69 B

21ms
21ms

Image
text/plain

159.69.59.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/mediatoday?id=NGM1ODQ3YTNhYWMyYjFkOA
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx/1.17.10

Redirect headers

date: Thu, 03 Feb 2022 11:34:28 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://sync.dmp.otm-r.com/match/mediatoday?id=NGM1ODQ3YTNhYWMyYjFkOA
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

qvntstr
px.adhigh.net/p/cm/ Frame 007C
Redirect Chain

https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=M7chO6wsaZP.AikABlF-v11FwQ&ru=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2...
https://px.adhigh.net/p/cm/qvntstr?u=V5E8z9BsSCaEW-pa_awPRQ

49 B
326 B

52ms
52ms

Image
image/gif

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/qvntstr?u=V5E8z9BsSCaEW-pa_awPRQ
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache, no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
location: https://px.adhigh.net/p/cm/qvntstr?u=V5E8z9BsSCaEW-pa_awPRQ
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 0
expires: 0, 0

GET
H2 204 getintent
sync.dmp.otm-r.com/match/ Frame 007C 0
70 B 80ms
21ms Image
text/plain 159.69.59.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/getintent?id=M7chO6wsaZP.AikABlF-v11FwQ
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx/1.17.10

GET
H2

204

0.gif
x01.aidata.io/ Frame 007C
Redirect Chain

https://x01.aidata.io/0.gif?pid=GETINTENT&id=M7chO6wsaZP.AikABlF-v11FwQ
https://x01.aidata.io/0.gif?pid=GETINTENT&id=M7chO6wsaZP.AikABlF-v11FwQ&bounce=1

0
432 B

50ms
50ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=GETINTENT&id=M7chO6wsaZP.AikABlF-v11FwQ&bounce=1
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
last-modified: Thu, 03 Feb 2022 11:34:27 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 03 Feb 2022 11:34:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
last-modified: Thu, 03 Feb 2022 11:34:27 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=GETINTENT&id=M7chO6wsaZP.AikABlF-v11FwQ&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 03 Feb 2022 11:34:27 GMT

GET
H2

200

buzzoola
px.adhigh.net/p/cm/ Frame 007C
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/getintent?redirect_url=https://px.adhigh.net/p/cm/buzzoola?u=M7chO6wsaZP.AikABlF-v11FwQ
https://px.adhigh.net/p/cm/buzzoola?u=M7chO6wsaZP.AikABlF-v11FwQ

49 B
326 B

51ms
50ms

Image
image/gif

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/buzzoola?u=M7chO6wsaZP.AikABlF-v11FwQ
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://px.adhigh.net/p/cm/buzzoola?u=M7chO6wsaZP.AikABlF-v11FwQ
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
content-length: 99
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

goog_rub
px.adhigh.net/p/cm/ Frame 007C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_cm&google_hm=ReTtoBMHVAsAAikABlF-v11FwQ%3D%3D&google_ula=
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_cm=&google_hm=ReTtoBMHVAsAAikABlF-v11FwQ%3D%3D&google_ula=&google_tc=
https://px.adhigh.net/p/cm/goog_rub?google_ula=,5&google_gid=CAESEJOGOD9snmRMkdTspKSMhSc&google_cver=1

49 B
326 B

52ms
51ms

Image
image/gif

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/goog_rub?google_ula=,5&google_gid=CAESEJOGOD9snmRMkdTspKSMhSc&google_cver=1
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://px.adhigh.net/p/cm/goog_rub?google_ula=,5&google_gid=CAESEJOGOD9snmRMkdTspKSMhSc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/3164/i/ Frame 007C
Redirect Chain

https://dmg.digitaltarget.ru/1/3164/i/i?a=164&e=M7chO6wsaZP.AikABlF-v11FwQ&i=1643888068141
https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&a=164&e=M7chO6wsaZP.AikABlF-v11FwQ&i=1643888068141

49 B
602 B

60ms
60ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&a=164&e=M7chO6wsaZP.AikABlF-v11FwQ&i=1643888068141

Requested by

Protocol

HTTP/1.1

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:34:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 8
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 03 Feb 2022 11:34:28 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&a=164&e=M7chO6wsaZP.AikABlF-v11FwQ&i=1643888068141
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
Ok

pixel
essitydmp.ru/ Frame 007C
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?id=M7chO6wsaZP.AikABlF-v11FwQ&source=getintent&redirect=true
https://mediainstinct-sync.rutarget.ru/sync
https://mitdmp.whiteboxdigital.ru/pixel?id=19-REk07wfXA&source=segmento&redirect=true
https://essitydmp.ru/pixel?source=mi&id=ccb69bd1-f269-4780-8ebd-17914a7e1f5e

807 B
797 B

163ms
51ms

Image
image/gif

82.148.20.2
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essitydmp.ru/pixel?source=mi&id=ccb69bd1-f269-4780-8ebd-17914a7e1f5e
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: HTTP/1.1
Server: 82.148.20.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:34:28 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: image/gif
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 60

Redirect headers

Date: Thu, 03 Feb 2022 11:34:28 GMT
Server: nginx/1.21.0
Location: https://essitydmp.ru/pixel?source=mi&id=ccb69bd1-f269-4780-8ebd-17914a7e1f5e
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 007C
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=5a6708a9-7d96-46f1-b264-b6dc4617f958&pid=w&uid=M7chO6wsaZP.AikABlF-v11FwQ
https://sync.1dmp.io/pixel.gif?cid=5a6708a9-7d96-46f1-b264-b6dc4617f958&pid=w&uid=M7chO6wsaZP.AikABlF-v11FwQ&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_gid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_cver=1

35 B
477 B

40ms
40ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_gid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_cver=1
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:28 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_gid=CAESEA4xYWDwAV3qlnkirYZgJVY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 007C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=9&user_id=M7chO6wsaZP.AikABlF-v11FwQ&expires=30&user_group=2
https://x.bidswitch.net/ul_cb/sync?dsp_id=9&user_id=M7chO6wsaZP.AikABlF-v11FwQ&expires=30&user_group=2
https://ce.lijit.com/merge?pid=26&3pid=02a7cdc2-80fe-4a01-8f6e-505b30fe5d76

0
348 B

81ms
25ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=02a7cdc2-80fe-4a01-8f6e-505b30fe5d76
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: HTTP/1.1
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:34:28 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=26&3pid=02a7cdc2-80fe-4a01-8f6e-505b30fe5d76
Date: Thu, 03 Feb 2022 11:34:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 007C
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=37&external_user_id=M7chO6wsaZP.AikABlF-v11FwQ
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=M7chO6wsaZP.AikABlF-v11FwQ&crf=1

68 B
607 B

106ms
106ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=M7chO6wsaZP.AikABlF-v11FwQ&crf=1
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=37&external_user_id=M7chO6wsaZP.AikABlF-v11FwQ&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 getIntent
prodmp.ru/ Frame 007C 0
230 B 228ms
56ms Image
text/html 193.106.93.124
ITSOFT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prodmp.ru/getIntent?uid=M7chO6wsaZP.AikABlF-v11FwQ
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:28 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

adlook
px.adhigh.net/p/cm/ Frame 007C
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fadlook%3Fu%3D%7BuserId%7D
https://px.adhigh.net/p/cm/adlook?u=b35b24577e7f40fab748341133f6bbcd

49 B
326 B

50ms
50ms

Image
image/gif

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/adlook?u=b35b24577e7f40fab748341133f6bbcd
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:31 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://px.adhigh.net/p/cm/adlook?u=b35b24577e7f40fab748341133f6bbcd
date: Thu, 03 Feb 2022 11:34:31 GMT
server: Kestrel
content-length: 0

GET
H2

200

qvntstr
px.adhigh.net/p/cm/ Frame 007C
Redirect Chain

https://id.uma.media/return?to=https://px.adhigh.net/p/cm/uma_cid_store?a=b&b=c&z=
https://px.adhigh.net/p/cm/uma_cid_store?a=b?b=c&z=&_uma_cid=oZfoAcS9-2Fkq_ONI3sC-w
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=M7chO6wsaZP.AikABlF-v11FwQ&ru=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2...
https://px.adhigh.net/p/cm/qvntstr?u=doc9JawXR7ijhWzLuzP-vg

49 B
326 B

51ms
51ms

Image
image/gif

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/qvntstr?u=doc9JawXR7ijhWzLuzP-vg
Requested by: Host: px.adhigh.net
URL: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache, no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
location: https://px.adhigh.net/p/cm/qvntstr?u=doc9JawXR7ijhWzLuzP-vg
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 0
expires: 0, 0

GET
H2

200

M7chO6wsaZP.AikABlF-v11FwQ
an.yandex.ru/mapuid/getintentis/ Frame 007C
Redirect Chain

https://an.yandex.ru/mapuid/getintentis/M7chO6wsaZP.AikABlF-v11FwQ
https://an.yandex.ru/mapuid/getintentis/M7chO6wsaZP.AikABlF-v11FwQ?redir-setuniq=1

43 B
108 B

41ms
41ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/M7chO6wsaZP.AikABlF-v11FwQ?redir-setuniq=1

Requested by

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://px.adhigh.net/p/sync.html?u=M7chO6wsaZP.AikABlF-v11FwQ&l=adriver,weborama,appnexus,mediatoday,traffaret,qvnt,otm_video,aidata,buzzoola,goog_rub,amberdata,media_instinct,cleverdata,bsw,btw,adspend,adlook,uma_cid_init,yandexssp&site_id=7204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:34:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:34:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:34:28 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:34:28 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/getintentis/M7chO6wsaZP.AikABlF-v11FwQ?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:34:28 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9B88 29 KB
16 KB 64ms
63ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd88b37fc4154ece51aa5f32f99dc49a953095293a6782090cd073de18886d5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkjtQbAAAAANwgb5mZE6U69Nl4ceDRJFo4NEBF&co=aHR0cHM6Ly9ncm91cC1mcy5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8oyouy17v0zq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 03 Feb 2022 11:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16773
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:34:28 GMT

GET
H2 200 popupCookie.min.js Show response
group-fs.com/wp-content/themes/fsg/js/ 494 B
343 B 95ms
95ms XHR
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/js/popupCookie.min.js?_=1643888067656

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbadef768cb8dfe00c1c6c72152e0eab50126e1ec1bfa3e90a486dcd88eb500

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://group-fs.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-1ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c0daa692ad-FRA
expires: Thu, 03 Feb 2022 15:34:31 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
group-fs.com/wp-content/themes/fsg/vendor/magnific/ 20 KB
8 KB 69ms
69ms XHR
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/magnific/jquery.magnific-popup.min.js?_=1643888067657

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://group-fs.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-4ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c0daad92ad-FRA
expires: Thu, 03 Feb 2022 15:34:31 GMT

GET
H2 200 menu.min.js Show response
group-fs.com/wp-content/themes/fsg/vendor/mobileMenu/ 1 KB
637 B 67ms
67ms XHR
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/mobileMenu/menu.min.js?_=1643888067658

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e22f386588bf2072b259a15b0c625c0fc1479b2d1fc88d4fd779d280cb56c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://group-fs.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-44d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c0daaf92ad-FRA
expires: Thu, 03 Feb 2022 15:34:31 GMT

GET
H2 200 wow.min.js Show response
group-fs.com/wp-content/themes/fsg/vendor/wow/ 8 KB
3 KB 68ms
68ms XHR
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/wow/wow.min.js?_=1643888067659

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://group-fs.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-1ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c0dab192ad-FRA
expires: Thu, 03 Feb 2022 15:34:31 GMT

GET
H2 200 network.min.js Show response
group-fs.com/wp-content/themes/fsg/vendor/network/ 4 KB
2 KB 82ms
82ms XHR
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/vendor/network/network.min.js?_=1643888067660

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398fc8c208460b6feccaacea0bd330c2dd4c93c71af17298ced8578adb2e0f90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://group-fs.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c0dab392ad-FRA
expires: Thu, 03 Feb 2022 15:34:31 GMT

GET
H2 200 app.min.js Show response
group-fs.com/wp-content/themes/fsg/js/ 5 KB
2 KB 62ms
62ms XHR
application/javascript 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://group-fs.com/wp-content/themes/fsg/js/app.min.js?_=1643888067661

Requested by

Host: group-fs.com
URL: https://group-fs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0672af07034f1c05e98a425810cec2ecf354c7fef18590301a0dca4300e7b247

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://group-fs.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-14ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c0dab692ad-FRA
expires: Thu, 03 Feb 2022 15:34:31 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=785393831&t=timing&_s=2&dl=https%3A%2F%2Fgroup-fs.com%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%BA%D1%96%D0%B1%D0%B5%D1%80%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8%3A%20%D0%B7%D0%B0%D0%BC%D0%BE%D0%B2%D0%B8%D1%82%D0%B8%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D1%83%20%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D1%83%20%7C%20FSG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4953&pdt=2&dns=28&rrt=0&srt=589&tcp=39&dit=999&clt=999&_gst=963&_gbt=1032&_cst=683&_cbt=935&_u=aGBAgAAjAAAAAE~&jid=&gjid=&cid=1976345566.1643888068&tid=UA-171275119-1&_gid=146337819.1643888068&gtm=2wg220MRR7T72&cd1=%D0%94%D0%B0%D1%82%D0%B0%3A%203.02.2022%20%7C%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%3A%2011%3A34%3A27%20%7C%20UTC%20%2B00%3A00&cd2=1976345566.1643888068&z=1361576299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 09:52:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6142
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h1.svg
group-fs.com/wp-content/uploads/2020/12/ 5 KB
2 KB 120ms
116ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/h1.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4513e98a4c15a492fcbab0dbf9cf73a9e51328a7981c4a1821b626ea9edd6ec7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-14ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c14bb292ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 h3.svg
group-fs.com/wp-content/uploads/2020/12/ 3 KB
1 KB 57ms
53ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/h3.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e115aae75b41002d6431962134b5921a61e7809cc2a2e873ececb3a6b51db1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 85415
etag: W/"60f56b4f-dc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c14bb592ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 h2.svg
group-fs.com/wp-content/uploads/2020/12/ 7 KB
3 KB 39ms
35ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/h2.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da06a1e134ad0933f83d122139a41835d5c1111306f95a5bc1539799ec352895

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 143785
etag: W/"60f56b4f-1d09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c14bb792ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 direction.png
group-fs.com/wp-content/themes/fsg/pic/ 55 KB
55 KB 126ms
122ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/pic/direction.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c1034ac2941995053b1553d666ae31b1d6edfbe9a76c539113cb585b9d3562

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-da3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c14bba92ad-FRA
content-length: 55869
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 do.svg
group-fs.com/wp-content/themes/fsg/img/icons/ 6 KB
2 KB 110ms
106ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/do.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b56607bfc24e9e62e39b30a1ac95e869957820640bfb8d48728948eec34ca9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-1765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c14bbb92ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 pexels-cottonbro-5473957.jpg
group-fs.com/wp-content/uploads/2020/12/ 19 KB
19 KB 116ms
112ms Image
image/jpeg 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/pexels-cottonbro-5473957.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e540c098085891e96b7fc67b5764b4d1492173507bb7c27077e73b1a3f5fb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-4a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c14bbf92ad-FRA
content-length: 18944
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 pexels-pixabay-209695-1.jpg
group-fs.com/wp-content/uploads/2021/01/ 8 KB
9 KB 34ms
31ms Image
image/jpeg 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/pexels-pixabay-209695-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3123af022a1815ea20af6f712e1ad983d2176a1162fb9d1df39627360c38e67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 85415
content-length: 8545
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-2161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
expires: Sun, 01 Feb 2032 11:34:31 GMT
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
cf-ray: 6d7b59c14bc092ad-FRA
cf-bgj: h2pri

GET
H2 200 pexels-pixabay-50987.jpg
group-fs.com/wp-content/uploads/2020/12/ 13 KB
13 KB 107ms
104ms Image
image/jpeg 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/pexels-pixabay-50987.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e781707a3af659487c1aa09d4f653b5e1e02730d595e1ad9819fe8d6e2b84039

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-345a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c15bc592ad-FRA
content-length: 13402
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 1-1.svg
group-fs.com/wp-content/uploads/2020/12/ 2 KB
907 B 116ms
113ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/1-1.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e0212aa057693cc665e15ab5cf3bd1c7ee03a749ad893cbd9b96cd751112130

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: W/"60f56b4f-69c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c15bc892ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 fs-mng.png
group-fs.com/wp-content/uploads/2021/01/ 4 KB
4 KB 111ms
108ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/fs-mng.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80db351b48a3365d1df324d0744f9c41a98db5466c7a4995c14638319a035a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c15bca92ad-FRA
content-length: 3764
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 osint-lab.png
group-fs.com/wp-content/uploads/2021/01/ 5 KB
5 KB 119ms
117ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/osint-lab.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b1bd1325d8f4004476b13e5d77c990c9ec256abcee45be4ea5831eb3816e79

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-13c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c15bce92ad-FRA
content-length: 5065
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 fs-phishing.png
group-fs.com/wp-content/uploads/2021/01/ 5 KB
5 KB 112ms
110ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/fs-phishing.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63259aba979dddd102ba29a43d0303da3450c4675d9ea12b688751bb90417ea2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-1560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c15bd192ad-FRA
content-length: 5472
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 irt.png
group-fs.com/wp-content/uploads/2021/01/ 4 KB
5 KB 113ms
111ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/irt.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d3cac8808cb86cc07fd5bafbb8f411a00e1b831142efdbda647f3f8a080cac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-11e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c15bd392ad-FRA
content-length: 4579
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 array.png
group-fs.com/wp-content/themes/fsg/img/background/ 58 KB
58 KB 52ms
50ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/background/array.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b94c83f0f7f051caa62ecae9b36bc51816384235e4fe22cb46cc03253538b29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 85415
content-length: 59290
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-e79a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
cf-ray: 6d7b59c16c0492ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 skills-1-1.png
group-fs.com/wp-content/uploads/2021/01/ 877 B
1023 B 134ms
132ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/skills-1-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f089c2873e86ce3f234f85038f3bfa71e5551a941196a3ec6fc01a901a14d664

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:32 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-36d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c16c0692ad-FRA
content-length: 877
expires: Sun, 01 Feb 2032 11:34:32 GMT

GET
H2 200 medal.png
group-fs.com/wp-content/uploads/2021/01/ 1 KB
1 KB 112ms
110ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/medal.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a452dbc3065d79a3bbaab8ca09ce418fccf9b1a349165c8b77165be2cdff92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-432"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c16c0792ad-FRA
content-length: 1074
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 configuration.png
group-fs.com/wp-content/uploads/2021/01/ 660 B
776 B 150ms
148ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2021/01/configuration.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

399d36f82f08de89f9d814bfd42dd9db623ee19881a7e3a767874585983679a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:32 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c16c0892ad-FRA
content-length: 660
expires: Sun, 01 Feb 2032 11:34:32 GMT

GET
H2 200 top_arrow.png
group-fs.com/wp-content/themes/fsg/img/icons/ 10 KB
10 KB 55ms
54ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/themes/fsg/img/icons/top_arrow.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af0bcbb76a8a54b85eb45bd48713a1026b05de27b1a2f159ef4e10e6156aae5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 85415
content-length: 9817
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-2659"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
cf-ray: 6d7b59c16c0a92ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 logo-footer.png
group-fs.com/wp-content/uploads/2020/12/ 8 KB
8 KB 121ms
120ms Image
image/png 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/logo-footer.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa4a12dd9bb3abf425f26cadbf71b2876a879877155cb77e8cd193efd75c463

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
etag: "60f56b4f-1f6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
accept-ranges: bytes
cf-ray: 6d7b59c16c0c92ad-FRA
content-length: 8046
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 fb.svg
group-fs.com/wp-content/uploads/2020/12/ 660 B
506 B 46ms
45ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/fb.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

570b791cd8cb706cc7e5bbf3a7c31a4fb19037ef14eb834cfbe56af718443e83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 85415
etag: W/"60f56b4f-294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c16c0f92ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 tw.svg
group-fs.com/wp-content/uploads/2020/12/ 1 KB
831 B 67ms
66ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/tw.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89cbb8bdb78a4f134518004a8d3d71dac8cb16609e2a348b0c1a1f69ffc419e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 25218
etag: W/"60f56b4f-585"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c16c1292ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

GET
H2 200 in.svg
group-fs.com/wp-content/uploads/2020/12/ 975 B
600 B 55ms
54ms Image
image/svg+xml 2606:4700::6810:1130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://group-fs.com/wp-content/uploads/2020/12/in.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a18fef97fc2f588a4d7c2da5cfd5419aab1247401d556be205bc9944117aadc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://group-fs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 12:08:47 GMT
server: cloudflare
age: 85415
etag: W/"60f56b4f-3cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self';
strict-transport-security: max-age=604800
cf-ray: 6d7b59c16c1492ad-FRA
expires: Sun, 01 Feb 2032 11:34:31 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:57:20	Name: _GRECAPTCHA Value: 09APj96hRNfRd6hjrapt6DyaWeQl4VwY3aW19FOUVqWw03Mb8LSX-vyHfwGK06ATkiIBkcHEZPZfBUCoe8jHOuVfI
.group-fs.com/	1970-01-20 18:09:20	Name: _ga Value: GA1.2.1976345566.1643888068
.group-fs.com/	1970-01-20 00:39:34	Name: _gid Value: GA1.2.146337819.1643888068
.group-fs.com/	1970-01-20 00:38:08	Name: _dc_gtm_UA-171275119-1 Value: 1
.adhigh.net/	1970-01-20 09:23:44	Name: gi_u Value: M7chO6wsaZP.AikABlF-v11FwQ
.adhigh.net/	1970-01-20 09:23:44	Name: adriver_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: weborama_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: appnexus_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: mediatoday_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: traffaret_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: qvnt_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: otm_video_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: aidata_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: buzzoola_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: goog_rub_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: amberdata_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: media_instinct_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: cleverdata_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: bsw_ug_sync_2 Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: btw_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: adspend_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: adlook_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: uma_cid_init_sync Value: j0v
.adhigh.net/	1970-01-20 09:23:44	Name: yandexssp_sync Value: j0v
.weborama.fr/	1970-01-20 10:09:48	Name: AFFICHE_W Value: 7QsSsadcy9-t82
.adnxs.com/	1970-01-20 02:47:44	Name: uuid2 Value: 4979466658808522916
sync.mediatoday.iae.one/	1969-12-31 23:59:59	Name: chk Value: 1
.iae.one/	1970-01-20 13:44:22	Name: pid Value: NGM1ODQ3YTNhYWMyYjFkOA
.doubleclick.net/	1970-01-20 09:59:44	Name: IDE Value: AHWqTUly9MyKRrbRXCJU1aAqmjm7LWSEt_ceusRDGvIGaL3MrUM7b0vlqCM-z4H5Kbk
.1dmp.io/	1970-01-20 09:23:44	Name: uid Value: 3f2cf190-84e5-11ec-ad67-f832e4719dd9
.yandex.ru/	1970-01-23 16:14:08	Name: yuidss Value: 6628491431643888068
.yandex.ru/	1970-01-23 16:14:08	Name: yandexuid Value: 6628491431643888068
.dmg.digitaltarget.ru/	1970-01-21 02:33:20	Name: viuserid Value: WUaCB7-nE0H3G4b7fpSV
.aidata.io/	1970-01-20 18:09:20	Name: __upin Value: WErHqo9DItkLKbiY2/lw4A
.aidata.io/	1970-01-20 18:09:20	Name: __upints Value: 1643888068
.whiteboxdigital.ru/	1970-01-20 18:08:38	Name: MiId Value: ccb69bd1-f269-4780-8ebd-17914a7e1f5e
.uma.media/	1970-02-13 21:09:31	Name: _uma_cid Value: oZfoAcS9-2Fkq_ONI3sC-w
.1dmp.io/	1970-01-20 00:38:08	Name: ru-seq Value: 5a6708a9-7d96-46f1-b264-b6dc4617f958\|https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=3f2cf190-84e5-11ec-ad67-f832e4719dd9&ru=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3201865%3Bpid%3D3f2cf190-84e5-11ec-ad67-f832e4719dd9
.adhigh.net/	1970-01-20 09:23:44	Name: uma_cid_store_sync Value: j0v
prodmp.ru/	1970-01-20 02:47:44	Name: rai Value: c5d96ba52e396354abca80d0fc2b6c41
.betweendigital.com/	1970-01-20 09:23:44	Name: dc Value: was1
.betweendigital.com/	1970-01-20 09:23:44	Name: tuuid Value: 73c614f7-b8ba-5322-81c8-4dfce033f038
.betweendigital.com/	1970-01-20 09:23:44	Name: ss Value: 1
.wi-fi.ru/	1970-01-20 09:23:44	Name: dmpuid Value: doc9JawXR7ijhWzLuzP-vg
.bidswitch.net/	1970-01-20 09:23:44	Name: tuuid Value: 02a7cdc2-80fe-4a01-8f6e-505b30fe5d76
.bidswitch.net/	1970-01-20 09:23:44	Name: c Value: 1643888068
.bidswitch.net/	1970-01-20 09:23:44	Name: tuuid_lu Value: 1643888068
.rutarget.ru/	1970-01-20 04:57:20	Name: userId Value: 19-REk07wfXA
.betweendigital.com/	1970-01-20 09:23:44	Name: ut Value: Yfu9xAAKKZDhgG5uiJYdBJRq2hAlrLspFwE4Xw==
.essitydmp.ru/	1970-01-20 18:08:38	Name: MiId Value: b9d85bbc-b8e4-4114-8ce3-220ac1fc3ac8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adlook.me
ads.betweendigital.com
an.yandex.ru
api.ipify.org
ce.lijit.com
cm.g.doubleclick.net
dmg.digitaltarget.ru
essitydmp.ru
exchange.buzzoola.com
fonts.gstatic.com
group-fs.com
id.uma.media
instreamvideo-sync.rutarget.ru
mediainstinct-sync.rutarget.ru
mitdmp.whiteboxdigital.ru
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
secure.adnxs.com
ssp.adriver.ru
stats.g.doubleclick.net
sync.1dmp.io
sync.dmp.otm-r.com
sync.mediatoday.iae.one
tms.dmp.wi-fi.ru
www.google-analytics.com
www.google.com
www.google.se
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x01.aidata.io
116.202.236.172
142.132.130.160
142.250.185.130
159.69.59.100
176.122.21.226
185.15.175.130
193.106.93.124
193.232.150.45
193.232.151.161
2606:4700::6810:1130
2a00:1450:4001:802::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a02:6b8::90
3.232.242.170
35.190.16.14
35.211.178.172
37.252.172.250
72.251.249.9
80.64.106.147
80.64.106.150
81.163.17.245
81.222.128.213
82.148.20.2
89.108.119.28
91.220.120.21
95.216.101.186
96.46.183.20
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0672af07034f1c05e98a425810cec2ecf354c7fef18590301a0dca4300e7b247
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0af0bcbb76a8a54b85eb45bd48713a1026b05de27b1a2f159ef4e10e6156aae5
0af68c79fafbd45b6514fb7823270eb98f448b79df3d658dd467fa38edd2d9f8
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21cf2fc8bed1710902f90a594579088d78a484f8d6d02b666f3b60ed99221635
221ee8bc64ab6762a177ef30dcc2110157e8221de058085c6624cebeefdb19f0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a18fef97fc2f588a4d7c2da5cfd5419aab1247401d556be205bc9944117aadc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e0212aa057693cc665e15ab5cf3bd1c7ee03a749ad893cbd9b96cd751112130
3263afbe6691b78101dfe92ffde5049513d10b89ee4945081b6e953fef6153ea
398fc8c208460b6feccaacea0bd330c2dd4c93c71af17298ced8578adb2e0f90
399d36f82f08de89f9d814bfd42dd9db623ee19881a7e3a767874585983679a6
3ae821332b2141308414524648b5586844ed652408275feed7c4ad71e7b91b10
3b2d1114a960c43692ad2909005aa641bc406fb1f6c5714bc2d2185b5c3b2129
3b94c83f0f7f051caa62ecae9b36bc51816384235e4fe22cb46cc03253538b29
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3dc9c2be4bad46bb814d9140a74058bfd0e742355b287ba5be2d5283df2d9ef2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8d07a19f3b1c5c251835e9fd28131ea91892f24db5f897e4ebdb0c97ced9b9
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4513e98a4c15a492fcbab0dbf9cf73a9e51328a7981c4a1821b626ea9edd6ec7
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570b791cd8cb706cc7e5bbf3a7c31a4fb19037ef14eb834cfbe56af718443e83
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63259aba979dddd102ba29a43d0303da3450c4675d9ea12b688751bb90417ea2
71d3cac8808cb86cc07fd5bafbb8f411a00e1b831142efdbda647f3f8a080cac
71e48f1f5bc8761a4c6e51322670c5f3db68a23612a7d24d11f42bf501fb8661
72e46fd5d17abc688a1c6f5d7a7a417e0c065435649da912220ea1d1688c5153
732cfac336118cd59d2b1a40b85d92abf901d6cd14db16de8b2064ba7ea624a9
739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7
7983d92d94ac1327a01aae67c2713fef1f541d59ce98cb3b7535b3a69beeb86f
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
7fe6168a87576d63180b04a0ba72f816c50fb89ff565bf01fd362eb37cba7773
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89cbb8bdb78a4f134518004a8d3d71dac8cb16609e2a348b0c1a1f69ffc419e7
8dbadef768cb8dfe00c1c6c72152e0eab50126e1ec1bfa3e90a486dcd88eb500
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90a452dbc3065d79a3bbaab8ca09ce418fccf9b1a349165c8b77165be2cdff92
91a0098ef8c674c2fd774fa1822c9c8b796cc640b7c4427e864368ada4775cf2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98c1034ac2941995053b1553d666ae31b1d6edfbe9a76c539113cb585b9d3562
9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11
9c063f47934e04a1227c5cc07f35ea8b53191361a89f4f4b1b4035578cf78005
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a7e115aae75b41002d6431962134b5921a61e7809cc2a2e873ececb3a6b51db1
a8ac05287b7a59bf590e5b3f9b5c4936aad3883f7a0039425cd444184584ceec
aa2faf96a05508611583e6270219a9062369883119226b12e598e6355ba8e911
b1f382ed5d72cef34d27861a21b645da0e1eeacde63a7adf646c129d13ee2867
b751fe45a64a3d7307394186dac463a819c2b5554acefc23360d7f215a1a3465
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd88b37fc4154ece51aa5f32f99dc49a953095293a6782090cd073de18886d5d
bfab62196eb19987b3648aa51aa4f8f39a774e575a1474ddd0417e85ae36a1fc
c1e540c098085891e96b7fc67b5764b4d1492173507bb7c27077e73b1a3f5fb8
c4ae6761ac91196e73320597482170b0ba7da45a1fdd9352cb98f9a99fb3882f
ce84c7ecdbd5b581a278fe4f45914dc21999d6b5cac5984c476320a5ab37d838
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d67d96813245094cee07ec20801cd9841169c897bf01c0e845cebf82541546d5
da06a1e134ad0933f83d122139a41835d5c1111306f95a5bc1539799ec352895
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3123af022a1815ea20af6f712e1ad983d2176a1162fb9d1df39627360c38e67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e781707a3af659487c1aa09d4f653b5e1e02730d595e1ad9819fe8d6e2b84039
e80db351b48a3365d1df324d0744f9c41a98db5466c7a4995c14638319a035a3
ebdcbc31f234d9751250298a32eb0b10409346f3ed3e3e3a35f753bb016e9ceb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f089c2873e86ce3f234f85038f3bfa71e5551a941196a3ec6fc01a901a14d664
f0e22f386588bf2072b259a15b0c625c0fc1479b2d1fc88d4fd779d280cb56c6
f1b56607bfc24e9e62e39b30a1ac95e869957820640bfb8d48728948eec34ca9
f3031454aef7efb0a9726dac4c21204e04049776dd670f55f3f084ad6fedbe4e
f4936ba2c4b3b4ace0f6355ea8c53e64b2996f5d12aa1a2f91fb5b624da5cdd3
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f77d165c6567f0b1423f13bb947f747aa738cfc47b756e7a9e607704b89e2766
f98d1ae4d7949176f58e71462bb4510e1db689a7c64186f05bcebd10f0bddae3
f9b1bd1325d8f4004476b13e5d77c990c9ec256abcee45be4ea5831eb3816e79
ffa4a12dd9bb3abf425f26cadbf71b2876a879877155cb77e8cd193efd75c463

group-fs.com Open in urlscan Pro 2606:4700::6810:1130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

84 %HTTPS

28 %IPv6

29 Domains

32 Subdomains

21 IPs

6 Countries

1212 kBTransfer

2415 kBSize

50 Cookies

3 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

group-fs.com Open in urlscan Pro
2606:4700::6810:1130 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

84 %
HTTPS

28 %
IPv6

29
Domains

32
Subdomains

21
IPs

6
Countries

1212 kB
Transfer

2415 kB
Size

50
Cookies

103 HTTP transactions
0 data transactions