grouple.co Open in urlscan Pro
213.152.186.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://grouple.co/
Submission: On November 26 via api (November 26th 2021, 8:03:01 pm UTC) from GB — Scanned from NL

Summary HTTP 133 Redirects Links 134 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 35 domains to perform 133 HTTP transactions. The main IP is 213.152.186.44, located in Netherlands and belongs to GLOBALLAYER, NL. The main domain is grouple.co.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 18th 2021. Valid for: a year.

This is the only time grouple.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.152.186.44 213.152.186.44	49453 (GLOBALLAYER) (GLOBALLAYER)
18	195.201.114.28 195.201.114.28	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	88.99.234.26 88.99.234.26	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
13	138.201.157.161 138.201.157.161	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
1 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2 8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
1	159.69.72.5 159.69.72.5	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	193.232.148.140 193.232.148.140	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1 2	195.201.87.224 195.201.87.224	24940 (HETZNER-AS) (HETZNER-AS)
1	116.202.51.238 116.202.51.238	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
2 20	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
1 1	212.11.155.166 212.11.155.166	8901 (Moscow Ma...) (Moscow Mayors Office)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
2 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	91.192.150.30 91.192.150.30	42481 (BEGUN-AS) (BEGUN-AS)
1 2	34.248.242.4 34.248.242.4	16509 (AMAZON-02) (AMAZON-02)
1	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2 2	148.251.236.115 148.251.236.115	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
2 3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
133	37

1 213.152.186.44 (Netherlands)

ASN49453 (GLOBALLAYER, NL)

grouple.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 195.201.114.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.114.201.195.clients.your-server.de

resgr.rmr.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res.grouple.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 138.201.157.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.157.201.138.clients.your-server.de

staticgr.rmr.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.grouple.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

rj.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.72.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.72.69.159.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.140 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.87.224 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.224.87.201.195.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.51.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1397156.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.11.155.166 (Moscow, Russian Federation) 1 redirects

ASN8901 (Moscow Mayors Office, RU)

stats.mos.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.133 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.242.4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-242-4.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.115 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.237.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

3569c87c-e4fd-4a7d-9d1c-7478080c2102.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	yandex.ru 3 redirects yandex.ru mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru ysa-static.passport.yandex.ru	277 KB
29	rmr.rocks resgr.rmr.rocks staticgr.rmr.rocks	856 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	11 KB
8	google.com 2 redirects adservice.google.com www.google.com	2 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	182 KB
7	google.nl adservice.google.nl www.google.nl	2 KB
7	revolvermaps.com rj.revolvermaps.com	51 KB
6	yastatic.net yastatic.net	204 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
4	googleadservices.com 2 redirects partner.googleadservices.com www.googleadservices.com	16 KB
3	upravel.com 3 redirects sync.upravel.com 3569c87c-e4fd-4a7d-9d1c-7478080c2102.sync.upravel.com	2 KB
3	yandex.net avatars.mds.yandex.net	19 KB
3	criteo.net static.criteo.net	39 KB
3	grouple.co grouple.co static.grouple.co res.grouple.co	64 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	496 B
2	1dmp.io 2 redirects sync.1dmp.io	1019 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru yandex-sync.rutarget.ru	847 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	semantiqo.com 1 redirects sonar.semantiqo.com	976 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	849 B
2	adhigh.net 1 redirects px.adhigh.net	727 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru	386 B
1	hybrid.ai dm.hybrid.ai	238 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru	244 B
1	adriver.ru ssp.adriver.ru	201 B
1	yadro.ru 1 redirects counter.yadro.ru	332 B
1	mos.ru 1 redirects stats.mos.ru	182 B
1	sape.ru ssp-rtb.sape.ru	449 B
1	bidvol.com ssp.bidvol.com	2 KB
1	creativecdn.com adfox-c2s-ams.creativecdn.com	204 B
1	mail.ru ad.mail.ru	333 B
1	otm-r.com yhb.p.otm-r.com	249 B
1	digitalcaramel.com ads.digitalcaramel.com	972 B
133	35

	Domain	Requested by
20	an.yandex.ru	2 redirects yandex.ru
17	resgr.rmr.rocks	grouple.co resgr.rmr.rocks
14	mc.yandex.ru	1 redirects grouple.co mc.yandex.ru yastatic.net
12	staticgr.rmr.rocks	grouple.co
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.googleadservices.com
7	www.google.com	2 redirects tpc.googlesyndication.com
7	rj.revolvermaps.com	grouple.co rj.revolvermaps.com
6	www.google.nl
6	yastatic.net	yandex.ru yastatic.net grouple.co
6	pagead2.googlesyndication.com	grouple.co pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.googleadservices.com	2 redirects yastatic.net
3	avatars.mds.yandex.net
3	static.criteo.net	yandex.ru
3	yandex.ru	grouple.co yastatic.net
2	sync.upravel.com	2 redirects
2	dpm.demdex.net	1 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	sonar.semantiqo.com	1 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	bidder.criteo.com	static.criteo.net
2	exchange.buzzoola.com	1 redirects grouple.co
2	px.adhigh.net	1 redirects
2	matchid.adfox.yandex.ru	yandex.ru
1	3569c87c-e4fd-4a7d-9d1c-7478080c2102.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	dm.hybrid.ai
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	ssp.adriver.ru
1	counter.yadro.ru	1 redirects
1	stats.mos.ru	1 redirects
1	ysa-static.passport.yandex.ru
1	mug.criteo.com
1	ssp-rtb.sape.ru	yandex.ru
1	ssp.bidvol.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	ad.mail.ru	yandex.ru
1	yhb.p.otm-r.com	yandex.ru
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	res.grouple.co	grouple.co
1	static.grouple.co	grouple.co
1	ads.digitalcaramel.com	grouple.co
1	grouple.co
133	51

This site contains links to these domains. Also see Links.

Domain
readmanga.io
mintmanga.live
findanime.net
doramatv.live
librebook.me
selfmanga.live
selflib.me
mose.live
readmanga.live
selfmanga.ru
rumix.me
stats.uptimerobot.com

Subject Issuer	Validity	Valid
www.grouple.co Sectigo RSA Domain Validation Secure Server CA	`2021-06-18` - `2022-06-25`	a year	crt.sh
*.rmr.rocks Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
caramel.am R3	`2021-10-31` - `2022-01-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
static.grouple.co R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
res.grouple.co R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.revolvermaps.com R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ssp.bidvol.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.sape.ru R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://grouple.co/
Frame ID: FBE86E106871FBF4353071590A4E7546
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: C430E72F7520CD006660A7FD694D3550
Requests: 1 HTTP requests in this frame

Frame: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
Frame ID: 8F854A7FC30D613FBE8BDFFDF096A9F2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6485958324769063&output=html&adk=1812271804&adf=3025194257&lmt=1637956975&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgrouple.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637956975853&bpp=3&bdt=293&idt=114&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6170169058052&frm=20&pv=2&ga_vid=1393382370.1637956976&ga_sid=1637956976&ga_hid=1561228970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062938%2C31063735%2C31063738%2C31063792%2C31061690%2C31063182&oid=2&pvsid=4095356513465594&pem=312&tmod=1924613500&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129
Frame ID: F128545C9AA5126C8B5042909809BD6E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=grouple.co
Frame ID: 810B66EC0C4989BCC5F726DDF7DFA2F9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6D0FAE8947B32402D4D5109FF817E8DD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9B056F99279F1049A279621FE19C85C
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 0913B86510B65F072FFB5C31168C76F8
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Читай мангу, смотри аниме и дораму не один! Пиши посты! Поделись с друзьями своими интересами GroupLe

Page Statistics

133
Requests

86 %
HTTPS

40 %
IPv6

35
Domains

51
Subdomains

37
IPs

7
Countries

1730 kB
Transfer

4164 kB
Size

40
Cookies

134 Outgoing links

These are links going to different origins than the main page.

URL: https://readmanga.io/
Title: Read Manga

Search URL Search Domain Scan URL

URL: https://mintmanga.live/
Title: Mint Manga

Search URL Search Domain Scan URL

URL: https://findanime.net/
Title: Find Anime

Search URL Search Domain Scan URL

URL: https://doramatv.live/
Title: Dorama TV

Search URL Search Domain Scan URL

URL: https://librebook.me/
Title: Libre Book

Search URL Search Domain Scan URL

URL: https://selfmanga.live/
Title: Self Manga

Search URL Search Domain Scan URL

URL: https://selflib.me/
Title: Self Lib

Search URL Search Domain Scan URL

URL: https://mose.live/
Title: MoSe

Search URL Search Domain Scan URL

URL: https://readmanga.live/
Title: Манга

Search URL Search Domain Scan URL

URL: https://selfmanga.live/u_vseh_ne_vse_doma
Title: У всех не все домаБез главНовое

Search URL Search Domain Scan URL

URL: https://selfmanga.live/u_vseh_ne_vse_doma/vol1/1
Title: 1 - 1 7я

Search URL Search Domain Scan URL

URL: https://doramatv.live/zamok_iz_peska_2021
Title: Замок из песка (2021)Обновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/zamok_iz_peska_2021/series2
Title: Серия 2

Search URL Search Domain Scan URL

URL: https://doramatv.live/melanholiia__2021_
Title: Меланхолия (2021)Обновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/melanholiia__2021_/series6
Title: Серия 6

Search URL Search Domain Scan URL

URL: https://doramatv.live/narisovano_s_liuboviu
Title: Нарисовано с любовьюОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/narisovano_s_liuboviu/series1
Title: Серия 1

Search URL Search Domain Scan URL

URL: https://doramatv.live/psiholog
Title: ПсихологОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/psiholog/series9
Title: Серия 9

Search URL Search Domain Scan URL

URL: https://doramatv.live/psiholog/series10
Title: Серия 10

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat
Title: Сказочная печать Выпуск завершенОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series101
Title: Серия 101

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series102
Title: Серия 102

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series103
Title: Серия 103

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series104
Title: Серия 104

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series105
Title: Серия 105

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series106
Title: Серия 106

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series107
Title: Серия 107

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series108
Title: Серия 108

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series109
Title: Серия 109

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series110
Title: Серия 110

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series111
Title: Серия 111

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series112
Title: Серия 112

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series113
Title: Серия 113

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series114
Title: Серия 114

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series115
Title: Серия 115

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series116
Title: Серия 116

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series117
Title: Серия 117

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series118
Title: Серия 118

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series119
Title: Серия 119

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series120
Title: Серия 120

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series121
Title: Серия 121

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series122
Title: Серия 122

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series123
Title: Серия 123

Search URL Search Domain Scan URL

URL: https://doramatv.live/skazochnaia_pechat/series124
Title: Серия 124

Search URL Search Domain Scan URL

URL: https://doramatv.live/krasivyi_paren_2021
Title: Красивый пареньОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/krasivyi_paren_2021/series2
Title: Серия 2

Search URL Search Domain Scan URL

URL: https://doramatv.live/inspektor_gu
Title: Инспектор ГуОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/inspektor_gu/series8
Title: Серия 8

Search URL Search Domain Scan URL

URL: https://doramatv.live/universalnaia_jena
Title: Универсальная женаОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/universalnaia_jena/series21
Title: Серия 21

Search URL Search Domain Scan URL

URL: https://doramatv.live/universalnaia_jena/series22
Title: Серия 22

Search URL Search Domain Scan URL

URL: https://readmanga.io/aire__A5238
Title: АйреОбновлено

Search URL Search Domain Scan URL

URL: https://readmanga.io/aire__A5238/vol1/23
Title: 1 - 23

Search URL Search Domain Scan URL

URL: https://doramatv.live/himera
Title: ХимераОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/himera/series8
Title: Серия 8

Search URL Search Domain Scan URL

URL: https://doramatv.live/serdcebienie_liubvi
Title: Сердцебиение любвиБез серийНовое

Search URL Search Domain Scan URL

URL: https://doramatv.live/serdcebienie_liubvi/series-1
Title: Трейлер

Search URL Search Domain Scan URL

URL: https://doramatv.live/eternal_love
Title: Три жизни, три мира: Десять миль персиковых цветков завершёнОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/eternal_love/series27
Title: Серия 27

Search URL Search Domain Scan URL

URL: https://doramatv.live/eternal_love/series28
Title: Серия 28

Search URL Search Domain Scan URL

URL: https://doramatv.live/eternal_love/series29
Title: Серия 29

Search URL Search Domain Scan URL

URL: https://doramatv.live/v_odin_obychnyi_den
Title: В один обычный деньОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/v_odin_obychnyi_den/series1
Title: Серия 1

Search URL Search Domain Scan URL

URL: https://doramatv.live/besstrashnyi_shepot
Title: Бесстрашный шёпот Выпуск завершенОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/besstrashnyi_shepot/series30
Title: Серия 30

Search URL Search Domain Scan URL

URL: https://findanime.net/kafe_iz_drugogo_mira_2
Title: Кафе из другого мира 2OnlineОбновлено

Search URL Search Domain Scan URL

URL: https://findanime.net/kafe_iz_drugogo_mira_2/series9
Title: Серия 9

Search URL Search Domain Scan URL

URL: https://doramatv.live/vozrojdenie_dlia_tebia
Title: Возрождение для тебяОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/vozrojdenie_dlia_tebia/series22
Title: Серия 22

Search URL Search Domain Scan URL

URL: https://doramatv.live/eto_liubov__huligan_i_devushka_s_beloi_trostiu
Title: Это любовь: Хулиган и девушка с белой тростьюОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/eto_liubov__huligan_i_devushka_s_beloi_trostiu/series6
Title: Серия 6

Search URL Search Domain Scan URL

URL: https://doramatv.live/krasnyi_manjet_rukava
Title: Красный манжет рукаваОбновлено

Search URL Search Domain Scan URL

URL: https://doramatv.live/krasnyi_manjet_rukava/series5
Title: Серия 5

Search URL Search Domain Scan URL

URL: https://readmanga.io/kogda_plachut_cikady__prikaz___glava_o_sojjenii_demonov
Title: Когда плачут цикады: Приказ — Глава о Сожжении ДемоновБез главНовое

Search URL Search Domain Scan URL

URL: https://readmanga.io/kogda_plachut_cikady__prikaz___glava_o_sojjenii_demonov/vol1/0
Title: 1 - 0 Пролог

Search URL Search Domain Scan URL

URL: https://librebook.me/avatar_korolia
Title: Аватар КороляOnlineОбновлено

Search URL Search Domain Scan URL

URL: https://librebook.me/avatar_korolia/vol0/0
Title: Полностью

Search URL Search Domain Scan URL

URL: https://readmanga.io/fazzi
Title: ФаззиОбновлено

Search URL Search Domain Scan URL

URL: https://readmanga.io/fazzi/vol3/134
Title: 3 - 134 Священный Камень Лемпо

Search URL Search Domain Scan URL

URL: https://selfmanga.ru/
Title: SelfManga

Search URL Search Domain Scan URL

URL: https://readmanga.io/ia_ne_zolushka
Title: Я не Золушка

Search URL Search Domain Scan URL

URL: https://readmanga.io/demon_obnimaet_po_nocham
Title: Демон обнимает по ночам

Search URL Search Domain Scan URL

URL: https://readmanga.io/u_menia_problema__potomu_chto_moi_muj_slishkom_mil
Title: У меня проблема, потому что мой муж слишком мил

Search URL Search Domain Scan URL

URL: https://readmanga.io/bessmyslenno_byt_priviazannoi_2021
Title: Бессмысленно быть привязанной

Search URL Search Domain Scan URL

URL: https://readmanga.io/vpered__kupim_schaste_za_dengi_
Title: Вперёд, купим счастье за деньги!

Search URL Search Domain Scan URL

URL: https://readmanga.io/nuritas__falshivaia_gercoginia
Title: Нуритас: фальшивая герцогиня

Search URL Search Domain Scan URL

URL: https://readmanga.io/ia_stala_jenoi_glavnogo_geroia
Title: Я стала женой главного героя

Search URL Search Domain Scan URL

URL: https://mintmanga.live/tebe_nravlius_ia__a_ne_moia_doch__
Title: Тебе нравлюсь я, а не моя дочь?!

Search URL Search Domain Scan URL

URL: https://mintmanga.live/posle_pererojdeniia_korol_demonov_vliubilsia_v_menia
Title: После перерождения Король Демонов влюбился в меня

Search URL Search Domain Scan URL

URL: https://mintmanga.live/sumasshedshaia_isporchennaia_zlodeika__milyi_seksualnyi_obekt___eto_sluga_
Title: Сумасшедшая испорченная злодейка: милый сексуальный объект — это слуга.

Search URL Search Domain Scan URL

URL: https://mintmanga.live/pojiratel_lji
Title: Пожиратель Лжи

Search URL Search Domain Scan URL

URL: https://mintmanga.live/vzrosloe_vremia
Title: Взрослое время

Search URL Search Domain Scan URL

URL: https://mintmanga.live/nenavid_menia
Title: Ненавидь меня

Search URL Search Domain Scan URL

URL: https://mintmanga.live/prosto_liubvi_nedostatochno_2020
Title: Просто любви недостаточно

Search URL Search Domain Scan URL

URL: https://selfmanga.live/graped
Title: Graped

Search URL Search Domain Scan URL

URL: https://selfmanga.live/moi_djun
Title: Мой Джун

Search URL Search Domain Scan URL

URL: https://selfmanga.live/zavtra_opiat_rano_vstavat_
Title: Завтра опять рано вставать!

Search URL Search Domain Scan URL

URL: https://selfmanga.live/basketbol_kagami
Title: Баскетбол Кагами

Search URL Search Domain Scan URL

URL: https://selfmanga.live/klub
Title: Клуб

Search URL Search Domain Scan URL

URL: https://selfmanga.live/my_zdes_drug_dlia_druga
Title: Мы здесь друг для друга

Search URL Search Domain Scan URL

URL: https://selfmanga.live/morskaia_pelena
Title: Морская пелена

Search URL Search Domain Scan URL

URL: https://findanime.net/vedmak__koshmar_volka_
Title: Ведьмак. Кошмар волка.

Search URL Search Domain Scan URL

URL: https://findanime.net/belaia_zmeia_2__zlokliucheniia_zelenoi_zmei
Title: Белая змея 2: Злоключения Зелёной змеи

Search URL Search Domain Scan URL

URL: https://findanime.net/ekzorcist__risuiuchii_noch
Title: Экзорцист, рисующий ночь

Search URL Search Domain Scan URL

URL: https://findanime.net/klinok__rassekaiuchii_demonov__beskonechnyi_poezd__tv_
Title: Клинок, рассекающий демонов: Бесконечный поезд [ТВ]

Search URL Search Domain Scan URL

URL: https://findanime.net/dota__krov_drakona
Title: DOTA: кровь дракона

Search URL Search Domain Scan URL

URL: https://findanime.net/raskolotaia_bitvoi_sineva_nebes__trehletnee_soglashenie
Title: Расколотая битвой синева небес: Трехлетнее соглашение

Search URL Search Domain Scan URL

URL: https://findanime.net/liga_legend__taina
Title: Лига легенд: Тайна

Search URL Search Domain Scan URL

URL: https://doramatv.live/molodoi_master_cinchen
Title: Молодой мастер Цинчэн

Search URL Search Domain Scan URL

URL: https://doramatv.live/pen
Title: Пэн

Search URL Search Domain Scan URL

URL: https://doramatv.live/kusachie_sestrichki
Title: Кусачие сестрички

Search URL Search Domain Scan URL

URL: https://doramatv.live/vliubitsia_v_uchenogo
Title: Влюбиться в учёного

Search URL Search Domain Scan URL

URL: https://doramatv.live/dvuhstoronnii_detektiv
Title: Двухсторонний детектив

Search URL Search Domain Scan URL

URL: https://doramatv.live/vzroslyi_stajer
Title: Взрослый стажёр

Search URL Search Domain Scan URL

URL: https://doramatv.live/aidol__perevorot
Title: Айдол: Переворот

Search URL Search Domain Scan URL

URL: https://librebook.me/jena___prevyshe_vsego
Title: Жена - превыше всего

Search URL Search Domain Scan URL

URL: https://librebook.me/sistema__spasi_sebia_sam__dlia_glavnogo_zlodeia
Title: Система «Спаси-Себя-Сам» для главного злодея

Search URL Search Domain Scan URL

URL: https://librebook.me/blagoslovenie_nebojitelei
Title: Благословение небожителей

Search URL Search Domain Scan URL

URL: https://librebook.me/docheri_drakona
Title: Дочери дракона

Search URL Search Domain Scan URL

URL: https://librebook.me/vozrojdenie_klana_fuiao
Title: Возрождение клана Фуяо

Search URL Search Domain Scan URL

URL: https://librebook.me/legkaia_ulybka_pokoriaet_mir
Title: Лёгкая улыбка покоряет мир

Search URL Search Domain Scan URL

URL: https://selflib.me/katori___velikii_mag
Title: Катори - великий маг

Search URL Search Domain Scan URL

URL: https://selflib.me/hichnyi_brak
Title: Хищный брак

Search URL Search Domain Scan URL

URL: https://selflib.me/iaponskie_svitki
Title: Японские свитки

Search URL Search Domain Scan URL

URL: https://rumix.me/
Title: RuMix

Search URL Search Domain Scan URL

URL: https://rumix.me/psy_toski
Title: Псы Тоски

Search URL Search Domain Scan URL

URL: https://rumix.me/diadenka_plohomu____nauchit
Title: Дяденька плохому •• научит

Search URL Search Domain Scan URL

URL: https://mose.live/postuchis_v_moiu_dver__2_i_sezon
Title: Постучись в мою дверь, 2-й сезон

Search URL Search Domain Scan URL

URL: https://mose.live/bumajnyi_dom__2_i_sezon
Title: Бумажный дом, 2-й сезон

Search URL Search Domain Scan URL

URL: https://mose.live/liucifer__6_i_sezon
Title: Люцифер, 6-й сезон

Search URL Search Domain Scan URL

URL: https://mose.live/bumajnyi_dom__3_i_sezon
Title: Бумажный дом, 3-й сезон

Search URL Search Domain Scan URL

URL: https://mose.live/mujchina_v_oranjevoi_rubashke
Title: Мужчина в оранжевой рубашке

Search URL Search Domain Scan URL

URL: https://stats.uptimerobot.com/ywB8Zhq40
Title: Статус сайтов

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 53

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 63

https://mc.yandex.ru/watch/20813500?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A60127650195%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956976%3Ac%3A1%3Arn%3A279086563%3Arqn%3A1%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637956975435%3Ads%3A11%2C30%2C79%2C2%2C0%2C0%2C%2C219%2C19%2C%2C%2C%2C344%3Adsn%3A11%2C30%2C79%2C2%2C%2C0%2C%2C221%2C19%2C%2C%2C%2C344%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637956976%3At%3A%D0%A7%D0%B8%D1%82%D0%B0%D0%B9%20%D0%BC%D0%B0%D0%BD%D0%B3%D1%83%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%20%D0%B0%D0%BD%D0%B8%D0%BC%D0%B5%20%D0%B8%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%BE%D0%B4%D0%B8%D0%BD!%20%D0%9F%D0%B8%D1%88%D0%B8%20%D0%BF%D0%BE%D1%81%D1%82%D1%8B!%20%D0%9F%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%81%D1%8C%20%D1%81%20%D0%B4%D1%80%D1%83%D0%B7%D1%8C%D1%8F%D0%BC%D0%B8%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%B0%D0%BC%D0%B8%20GroupLe&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.ru/watch/20813500/1?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A60127650195%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956976%3Ac%3A1%3Arn%3A279086563%3Arqn%3A1%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637956975435%3Ads%3A11%2C30%2C79%2C2%2C0%2C0%2C%2C219%2C19%2C%2C%2C%2C344%3Adsn%3A11%2C30%2C79%2C2%2C%2C0%2C%2C221%2C19%2C%2C%2C%2C344%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637956976%3At%3A%D0%A7%D0%B8%D1%82%D0%B0%D0%B9%20%D0%BC%D0%B0%D0%BD%D0%B3%D1%83%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%20%D0%B0%D0%BD%D0%B8%D0%BC%D0%B5%20%D0%B8%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%BE%D0%B4%D0%B8%D0%BD%21%20%D0%9F%D0%B8%D1%88%D0%B8%20%D0%BF%D0%BE%D1%81%D1%82%D1%8B%21%20%D0%9F%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%81%D1%8C%20%D1%81%20%D0%B4%D1%80%D1%83%D0%B7%D1%8C%D1%8F%D0%BC%D0%B8%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%B0%D0%BC%D0%B8%20GroupLe&t=gdpr%2814%29ti%282%29

Request Chain 75

https://gum.criteo.com/sid/json?origin=publishertag&domain=grouple.co&sn=ChromeSyncframe&so=0&topUrl=grouple.co&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XGw3nXxSYTZteHF3SkoxdTNkMUVlWXZ2amc4MVM4QlZmb292RmZ6Q2ZWUnlweXVLWFlmSkcyL1JOdGRleWZNVkxEbDBlMnR0b3hHUnpTak0xVHhhYXRwM3pQd01Ca2FVSVlzakUveGFlUXRlc3lRd0RnemRwalk2ZENkVnFCTC82LzhndXdwcTY4Yys5ZlorRzBWd0dIT3RHTmN4MFRraFlNY3hGNTY3dG9GNUhsQjV5V2dET0M4UkNKSmlweUxrUmRsSnpiNHk4NWFiNUdqWjBhUG1oclFjR1E2UTVLT0cyMmpML1lId2J6ZHBNNDAwZ1E3M1hZSGhTM2tvN1ZabHRFOTBQWVFFaWNaMHFQQTRuNWx2TnJkUUV5QT09fA&cppv=2

Request Chain 91

https://stats.mos.ru/gc/ynd/ HTTP 302
https://an.yandex.ru/mapuid/ditmsk/?time=1637956976.894

Request Chain 92

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=2eed42e20f3e45ddb68b304783b1e991 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2eed42e20f3e45ddb68b304783b1e991

Request Chain 94

https://an.yandex.ru/mapuid/google/ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3201A179BAB9D0AF&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 95

https://dmg.digitaltarget.ru/1/119/i/i?i=1637956976 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1637956976 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/7JQV95mrx4wnnAx7f3no

Request Chain 96

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/__RrnvWYtZ8V?sign=3059080123

Request Chain 97

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/RZpq2FkXrkBe

Request Chain 98

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/ChotSVBLX%2Fyz1xmrrhVlHg?sign=3028070365

Request Chain 99

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/d9219940-4ef3-11ec-ad67-f832e4719dd9?sign=1808195833

Request Chain 100

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1866963320 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/gNpTAqWvAPa4aYQUuBs1f.

Request Chain 101

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 102

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=4A413FEFBA8055C6 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=4A413FEFBA8055C6

Request Chain 104

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/1f41d201141ffa3191ed702f28079af2582a8aa16a43f680d68f25491e08eafa

Request Chain 105

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://3569c87c-e4fd-4a7d-9d1c-7478080c2102.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/3569c87c-e4fd-4a7d-9d1c-7478080c2102

Request Chain 114

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cj2hYZW6M8fFx_APwK6e4Ag&random=1580687951&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1580687951&crd=&is_vtc=1&random=3181167122 HTTP 302
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1580687951&crd=&is_vtc=1&random=3181167122&ipr=y

Request Chain 115

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cj2hYZe6M-3Zx_AP4rmGoA0&random=1452458676&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1452458676&crd=&is_vtc=1&random=2829201262 HTTP 302
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1452458676&crd=&is_vtc=1&random=2829201262&ipr=y

133 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request / Show response
grouple.co/ 81 KB
19 KB 121ms
79ms Document
text/html 213.152.186.44
GLOBALLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://grouple.co/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

213.152.186.44 , Netherlands, ASN49453 (GLOBALLAYER, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3437a0d02c8361e13cf2763cead0fe09ec4418ff584ad91eda4aad3fada5727a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Nov 2021 20:02:55 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Language: nl-NL
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Encoding: gzip
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK application-b9e99130f2af755355fe19bbffc44097.css
resgr.rmr.rocks/static/ 328 KB
83 KB 92ms
31ms Stylesheet
text/css 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 7ae35521305205c6eda8e58426e4fb6b166723b818e4f5432b77309ac5012202

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: W/"615b0831-51f4e"
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: https://grouple.co
Cache-Control: max-age=4320000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK application-31b839c91a7974699d82e6216228e1d6.js Show response
resgr.rmr.rocks/static/ 171 KB
73 KB 102ms
41ms Script
application/javascript 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resgr.rmr.rocks/static/application-31b839c91a7974699d82e6216228e1d6.js
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: a3753238ae5b3e6fa0b48a3784e51d250126decdb72723a8f1762f7844ab7c36

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: W/"615b0831-2ad22"
Transfer-Encoding: chunked
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: https://grouple.co
Cache-Control: max-age=4320000
Connection: keep-alive
Content-Type: application/javascript
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 167 KB
45 KB 183ms
75ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

612cb4d1579e21f7fb4a9a3d4fe70e86a62f25f812bae8b9c1cad2aa3f2141c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 3072915944
x-yandex-req-id: 1637956975829983-970402958594718372-man1-2831-67b-man-l7-balancer-8080-BAL-970
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 26 Nov 2021 21:02:55 GMT

GET
H2 200 grouple.co.js Show response
ads.digitalcaramel.com/js/ 4 KB
972 B 93ms
24ms Script
application/javascript 88.99.234.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.digitalcaramel.com/js/grouple.co.js

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

digitalcaramel.com

Software

nginx /

Resource Hash

3476eb702ea3a20fda408a3c5cee93b40074fa99eb6a7eea2267701e8e050da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 05:43:27 GMT
server: nginx
etag: W/"610ccbff-e54"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 303 KB
82 KB 175ms
76ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

73258e5985a6c36570b2ff5708dae50b54620bd76b62d3d1245d6bc05c39ec7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 2328399777
x-yandex-req-id: 1637956975830308-4304348712601532215-man1-2831-67b-man-l7-balancer-8080-BAL-5923
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 26 Nov 2021 21:02:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 105ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96eda817305eaac17cfaa10bb8c7fb1f18e713485fcaede1ad96346fc68e8e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51218
x-xss-protection: 0
server: cafe
etag: 262803250822467990
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 20:02:55 GMT

GET
H/1.1 200
OK logo-c39664da2d6ae0502fcaeae8ba935e6d.png
resgr.rmr.rocks/static/ 4 KB
5 KB 23ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/logo-c39664da2d6ae0502fcaeae8ba935e6d.png
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 1bd6411f68b832aaea1178776f2242ec3b466e3a403cfe934ab133c7a1635d23

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-11b8"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4536
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK logo_m-30d9a64a148a65c1f30aa8e4ca29cc37.png
resgr.rmr.rocks/static/ 2 KB
2 KB 62ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/logo_m-30d9a64a148a65c1f30aa8e4ca29cc37.png
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 50557e846f915fe618b63dd4951b310b7102cd71dd19677ecc6c1b3739184a3b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-837"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2103
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK 078_p.jpg
staticgr.rmr.rocks/uploads/pics/13/22/ 27 KB
27 KB 105ms
35ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/13/22/078_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: d92f39864a371feff4a758479313437fcdaa61a2da70f958ef52b4299d27556c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Fri, 26 Nov 2021 17:05:00 GMT
Server: nginx/1.16.1
ETag: "61a113bc-6c69"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27753
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 993_p.jpg
staticgr.rmr.rocks/uploads/pics/13/21/ 61 KB
62 KB 109ms
35ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/13/21/993_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 547cd1e6e291046df9ca628fd34dbd78811e45598f87cdd8d6b2f0469a30809b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Fri, 26 Nov 2021 14:04:27 GMT
Server: nginx/1.16.1
ETag: "61a0e96b-f549"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62793
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 019_p.jpg
staticgr.rmr.rocks/uploads/pics/13/21/ 42 KB
42 KB 127ms
35ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/13/21/019_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 1c9e171107f0e88f256a7c7b686701435edfdd377b6738538d67c01fa6e1a51f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Tue, 23 Nov 2021 08:41:39 GMT
Server: nginx/1.16.1
ETag: "619ca943-a870"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43120
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 439_p.jpg
staticgr.rmr.rocks/uploads/pics/13/18/ 35 KB
36 KB 128ms
35ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/13/18/439_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 9e3d9aac8a31326e8305fdd83df8eb5b418f25a69bd0b462cc899a1a51a7b819

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 15 Nov 2021 11:33:51 GMT
Server: nginx/1.16.1
ETag: "6192459f-8cec"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36076
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 671_p.jpg
staticgr.rmr.rocks/uploads/pics/13/19/ 21 KB
22 KB 125ms
35ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/13/19/671_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 5c378e6b40b62362b330364a4ecc41344758358c88fe94f8d1b7cf9451871659

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Fri, 19 Nov 2021 06:22:42 GMT
Server: nginx/1.16.1
ETag: "619742b2-54ad"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21677
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 817_p.jpg
staticgr.rmr.rocks/uploads/pics/13/19/ 33 KB
33 KB 54ms
38ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/13/19/817_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 88fe79a8f7f34261047787e153b4288302a0d3d70081018f7bf20193f5a9bea7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Fri, 19 Nov 2021 16:57:11 GMT
Server: nginx/1.16.1
ETag: "6197d767-839d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33693
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 735_p.jpg
staticgr.rmr.rocks/uploads/pics/market/13/11/ 6 KB
7 KB 25ms
24ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/market/13/11/735_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 35558515a040d0868925a206fb5e385b5fb1572d51b36f6a4cbc0b049b5528ae

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Fri, 29 Oct 2021 12:07:23 GMT
Server: nginx/1.16.1
ETag: "617be3fb-1961"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6497
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 065_p.jpg
staticgr.rmr.rocks/uploads/pics/market/13/05/ 15 KB
15 KB 25ms
25ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/market/13/05/065_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: d0f3a345b4d4146c94841af8f7b9afffa5a4aca2a1f38c6ea88f1c337245c323

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Wed, 13 Oct 2021 17:36:40 GMT
Server: nginx/1.16.1
ETag: "61671928-3bc0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15296
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 210_p.jpg
staticgr.rmr.rocks/uploads/pics/market/13/02/ 8 KB
8 KB 24ms
23ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/market/13/02/210_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 8c8ef78717039d75451e95fb080bd35a4989c279f6fcc16a8dba84d68c4c9a15

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Sat, 02 Oct 2021 13:23:45 GMT
Server: nginx/1.16.1
ETag: "61585d61-2078"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8312
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 075_p.jpg
staticgr.rmr.rocks/uploads/pics/market/12/98/ 9 KB
9 KB 25ms
24ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/market/12/98/075_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: c87bda545eac48797860090376889d183a08375e241b5a51df64eb057edcd679

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Tue, 14 Sep 2021 16:47:10 GMT
Server: nginx/1.16.1
ETag: "6140d20e-22f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8950
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 144_o.png
static.grouple.co/uploads/pics/13/01/ 40 KB
41 KB 101ms
35ms Image
image/png 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.grouple.co/uploads/pics/13/01/144_o.png
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 91a143c3093ec6151278c58ae618ed7eeb19403ceb9757c6e27fe15639261d57

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 27 Sep 2021 14:05:00 GMT
Server: nginx/1.16.1
ETag: "6151cf8c-a11d"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41245
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 08-9c42591996530c5d6d4483d741b1dc01.png
resgr.rmr.rocks/static/mascot/ 80 KB
81 KB 33ms
33ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/mascot/08-9c42591996530c5d6d4483d741b1dc01.png
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 485f52d4200d8a826306421ad0e593f2b8edc47a5165987a12f9c252a8ea473d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-1413a"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 82234
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK 814_p.jpg
staticgr.rmr.rocks/uploads/pics/04/07/ 1 KB
2 KB 38ms
23ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/04/07/814_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 87707e5c46ec3d7ddd07e9dee8401f0cc34cebe4af77871a17ea1c2d0a7ae2fb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Tue, 10 Apr 2018 03:35:37 GMT
Server: nginx/1.16.1
ETag: "5acc3109-5dd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1501
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK BRONZE.3-615300d7c2005eb943f998cdcf46fe93.png
resgr.rmr.rocks/static/medals/ 14 KB
14 KB 23ms
22ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/medals/BRONZE.3-615300d7c2005eb943f998cdcf46fe93.png
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 5eea4732bfc6b64c8eac60743d15001c3dd4672b8ba9aaee6b5de6817f222035

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-370e"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 14094
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK 702_p.jpg
staticgr.rmr.rocks/uploads/pics/12/83/ 2 KB
2 KB 39ms
23ms Image
image/jpeg 138.201.157.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticgr.rmr.rocks/uploads/pics/12/83/702_p.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.157.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.157.201.138.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 5d2980caa97dde3170f5a160715e21c83b055ba05ca97953fc9ff1c0c6690074

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Tue, 20 Jul 2021 14:55:49 GMT
Server: nginx/1.16.1
ETag: "60f6e3f5-6b5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1717
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK no_avatar_small.png
res.grouple.co/static/ 3 KB
4 KB 87ms
22ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.grouple.co/static/no_avatar_small.png
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: dca0cb9d2ab7325de806281f394ab80fb7eddd11fcf2e39c46753f4085fc30e4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Wed, 10 Apr 2019 21:56:12 GMT
Server: nginx/1.16.1
ETag: "5cae667c-d56"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3414
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK 4.js Show response
rj.revolvermaps.com/0/0/ 2 KB
1 KB 76ms
20ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rj.revolvermaps.com/0/0/4.js?i=9l09okee274&m=5&h=140&c=ffc000&r=10
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: b98ba3cb2615785d15233cb2ca3038193fe4e841578724ac227b2007590e4eeb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Oct 2015 14:33:41 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 822

GET
H/1.1 200
OK application_deferred-e8d7233ee938514b2c03b1ecf154e724.js Show response
resgr.rmr.rocks/static/ 413 KB
143 KB 34ms
34ms Script
application/javascript 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resgr.rmr.rocks/static/application_deferred-e8d7233ee938514b2c03b1ecf154e724.js
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 46aa19321717d6d757b0dba70a3c940146d933117104306e2d0b8b1ca2275300

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 13:57:06 GMT
Server: nginx/1.16.1
ETag: W/"615b0832-67581"
Transfer-Encoding: chunked
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: https://grouple.co
Cache-Control: max-age=4320000
Connection: keep-alive
Content-Type: application/javascript
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK page_header_bg-dcdb07ebf28c1fe051dad694789ada66.png
resgr.rmr.rocks/static/ 561 B
979 B 33ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/page_header_bg-dcdb07ebf28c1fe051dad694789ada66.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 06fa80506c6fbcea127ce113bd1180beb1eb25f0fa6ddf8d703ac3b7396cff53

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-231"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 561
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK fa-regular-400-3e332211899360ab9380df4d50e1c33a.woff2
resgr.rmr.rocks/static/webfonts/ 169 KB
169 KB 79ms
31ms Font
application/octet-stream 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resgr.rmr.rocks/static/webfonts/fa-regular-400-3e332211899360ab9380df4d50e1c33a.woff2
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc

Request headers

Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Origin: https://grouple.co
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 13:57:06 GMT
Server: nginx/1.16.1
ETag: W/"615b0832-2a4a4"
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: https://grouple.co
Cache-Control: max-age=4320000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/plain
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK self_t-76756907a51a17a69da0392f7bf0da1f.png
resgr.rmr.rocks/static/icons/ 1 KB
1 KB 33ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/icons/self_t-76756907a51a17a69da0392f7bf0da1f.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 3b8daa6b3e267461ed419cb794a09eadaaa239c5ca436e1b09fd998aa6e49c58

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-414"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1044
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK picture-aada5a4ad6cb09a3788f8a8ede527848.png
resgr.rmr.rocks/static/ 452 B
870 B 31ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/picture-aada5a4ad6cb09a3788f8a8ede527848.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: e8347776c26f31a4fc9620eb0b1e2b75b7be24691b3d92eea3dbe148ce1d68cf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-1c4"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 452
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK dorama_t-c3bfbed94ac1a0bf69b315523cb3469e.png
resgr.rmr.rocks/static/icons/ 1 KB
2 KB 22ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/icons/dorama_t-c3bfbed94ac1a0bf69b315523cb3469e.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 83940dd8ef37c86ef168b30d2304b1be2032fb96d22e59389e39fdc9fef1cbac

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-4e9"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1257
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK adult_t-7caa3a557aeb07bbab631dac07b53610.png
resgr.rmr.rocks/static/icons/ 1 KB
2 KB 29ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/icons/adult_t-7caa3a557aeb07bbab631dac07b53610.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 6990373e2eb29837feec05813a7c9a551a3ce69d4329eebfc00cc165e2ee9658

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-472"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1138
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK manga_t-74f7e8fec394324bbb01c6ec99bd4701.png
resgr.rmr.rocks/static/icons/ 1 KB
2 KB 21ms
20ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/icons/manga_t-74f7e8fec394324bbb01c6ec99bd4701.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 94b471e880d0490427f9590ea60a3ff889f166ba3a6a80952c72835c5c857895

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:06 GMT
Server: nginx/1.16.1
ETag: "615b0832-540"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1344
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK anime_t-882ccc8814e2fc16b1f4bce2bbb703bb.png
resgr.rmr.rocks/static/icons/ 2 KB
2 KB 21ms
21ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/icons/anime_t-882ccc8814e2fc16b1f4bce2bbb703bb.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 009a95ba677c88d78d95b3a9ce0547747d051a2f7c0b95b259488870a34adec8

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:05 GMT
Server: nginx/1.16.1
ETag: "615b0831-773"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1907
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK book_t-e55c4bfef7cdb530a69da11ae9f6a40e.png
resgr.rmr.rocks/static/icons/ 916 B
1 KB 25ms
24ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/icons/book_t-e55c4bfef7cdb530a69da11ae9f6a40e.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 02fd426c86e86248a5d1c99cea5bf5b38374999969e2ae593ff4b8627de6c95e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:06 GMT
Server: nginx/1.16.1
ETag: "615b0832-394"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 916
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H/1.1 200
OK shadow-line-3cd085ff48ad6f1a2a1f302c855712f2.png
resgr.rmr.rocks/static/ 8 KB
9 KB 25ms
25ms Image
image/png 195.201.114.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgr.rmr.rocks/static/shadow-line-3cd085ff48ad6f1a2a1f302c855712f2.png
Requested by: Host: resgr.rmr.rocks
URL: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.114.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.114.201.195.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 17bd3eef9898dcc64df0fe76184b605eedf87d4f6ace985de6aa7171614427a1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://resgr.rmr.rocks/static/application-b9e99130f2af755355fe19bbffc44097.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Mon, 04 Oct 2021 13:57:06 GMT
Server: nginx/1.16.1
ETag: "615b0832-217a"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=4320000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 8570
Expires: Sat, 15 Jan 2022 20:02:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 204ms
89ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

66f5ad12b678679a1b9ea08d55d40e65640bbedf632bfb8299780d77ad18598a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:55 GMT
content-encoding: br
last-modified: Fri, 26 Nov 2021 15:51:55 GMT
etag: "61a0d86b-1019b"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65947
expires: Fri, 26 Nov 2021 21:02:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6485958324769063&plah=grouple.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8efb24dd4f3e97a19a8f2a3efe606c52fb1f9275acdc99ea55800aa0d788026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99573
x-xss-protection: 0
server: cafe
etag: 12550843045250099035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 20:02:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame C430 11 KB
5 KB 74ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 09:43:00 GMT
expires: Fri, 10 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 37195
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK c.php
rj.revolvermaps.com/js/ 43 B
289 B 30ms
30ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rj.revolvermaps.com/js/c.php?i=9l09okee274
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Last-Modified: Fri, 26 Nov 2021 20:02:55 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 43

GET
H/1.1 200
OK r.php
rj.revolvermaps.com/js/ 43 B
215 B 52ms
21ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rj.revolvermaps.com/js/r.php?i=9l09okee274&l=https%3A%2F%2Fgrouple.co%2F&r=1637956975884
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=98
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK f.php Show response
rj.revolvermaps.com/5/ Frame 8F85 5 KB
3 KB 27ms
20ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
Requested by: Host: rj.revolvermaps.com
URL: https://rj.revolvermaps.com/0/0/4.js?i=9l09okee274&m=5&h=140&c=ffc000&r=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: cf64184733e080faedbd7e7d2ecd92fb772b83c7e83c384c98430d3087038036

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

Date: Fri, 26 Nov 2021 20:02:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=290304000
Content-Length: 2864
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
636 B 76ms
28ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=grouple.co&callback=_gfp_s_&client=ca-pub-6485958324769063

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6485958324769063&plah=grouple.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3679dfe2660d617de85eb77594134b2157bd98218f0895ec81d4fa943dbd5906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 124ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=grouple.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grouple.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F128 603 B
67 B 79ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6485958324769063&output=html&adk=1812271804&adf=3025194257&lmt=1637956975&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgrouple.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637956975853&bpp=3&bdt=293&idt=114&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6170169058052&frm=20&pv=2&ga_vid=1393382370.1637956976&ga_sid=1637956976&ga_hid=1561228970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062938%2C31063735%2C31063738%2C31063792%2C31061690%2C31063182&oid=2&pvsid=4095356513465594&pem=312&tmod=1924613500&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 20:02:56 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 289ms
60ms Preflight 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://grouple.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials: true
date: Fri, 26 Nov 2021 20:02:56 GMT
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://grouple.co
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 240 B
423 B 187ms
65ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f3d63651f8f4e94c0075f68b3b2166753b88ea1f7559e0584d528f696b1576e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://grouple.co
date: Fri, 26 Nov 2021 20:02:56 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 240
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
249 B 92ms
23ms XHR
text/plain 159.69.72.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.72.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.72.69.159.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://grouple.co
date: Fri, 26 Nov 2021 20:02:56 GMT
access-control-allow-credentials: true
server: nginx/1.17.0
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
333 B 199ms
68ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://grouple.co
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
204 B 49ms
13ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://grouple.co
date: Fri, 26 Nov 2021 20:02:56 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
313 B

56ms
56ms

XHR
application/json

193.232.148.140
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Protocol: H2
Server: 193.232.148.140 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp1.sender.ltmse.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
server: nginx
x-backend-id: f1-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://grouple.co
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:55 GMT
server: nginx
access-control-allow-origin: https://grouple.co
x-backend-id: f1-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 4 KB
2 KB 219ms
98ms XHR
application/json 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 55acfeac9aacc1bd94290b8e938858ba566f5fe36ce58b8803d3aa109ccf40cb

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://grouple.co
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 06001e77-0c8b-4e6e-89d2-87b730593c46
expires: 0

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
314 B

67ms
66ms

XHR
text/plain

195.201.87.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: H2
Server: 195.201.87.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.87.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://grouple.co
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Fri, 26 Nov 2021 20:02:56 GMT
server: nginx
access-control-allow-origin: https://grouple.co
etag: W/"faa8437599912ccd49e6d6d7de5af5ed9c70d0fa28286ed91b69017a35c36d75"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H/1.1 200
OK adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
449 B 128ms
67ms XHR
application/json 116.202.51.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.51.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1397156.sapientru.net
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: openresty
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://grouple.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 11

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 55ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:13 GMT
server: nginx
etag: W/"618cb9a1-1d4ec"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Nov 2021 20:02:56 GMT

GET
DATA 200
OK truncated
/ Frame 8F85 786 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c23c07af6fbacbe4d12ab645f6b1a4c29f043ee69726f7c214096efce1acd2d7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 5.jpg
rj.revolvermaps.com/d/m/512/ Frame 8F85 38 KB
38 KB 20ms
20ms Image
image/jpeg 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rj.revolvermaps.com/d/m/512/5.jpg
Requested by: Host: grouple.co
URL: https://grouple.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7c964ca4714d81d634b96f2653e322ddeca3efb12821e02cb9470d82ea94e7e9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:56 GMT
Last-Modified: Sun, 20 Feb 2011 15:36:38 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=99
Content-Length: 38583

GET
H2 200 28cbefab76110c2a4a12.js Show response
yastatic.net/partner-code-bundles/49546/ 13 KB
5 KB 53ms
13ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/49546/28cbefab76110c2a4a12.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

092ba8d8406046d9dc03399304b164b3724bf0fed7446fbd5507d1b371bef431

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://grouple.co/
Origin: https://grouple.co
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4458
last-modified: Fri, 26 Nov 2021 16:05:06 GMT
server: nginx/1.17.9
etag: "7d189b42eb2ef1b66a26a19e2d3bc7b3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2051 02:36:59 GMT

GET
H2 200 9ef9b4841edfb319b17f.js Show response
yastatic.net/partner-code-bundles/49546/ 80 KB
17 KB 63ms
24ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/49546/9ef9b4841edfb319b17f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1e9790770f2761e989f338be8cd2560a696a4b3f0013219e91f357546eaf668

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://grouple.co/
Origin: https://grouple.co
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17100
last-modified: Fri, 26 Nov 2021 16:05:06 GMT
server: nginx/1.17.9
etag: "82f3bdea8e3f5c5b1ff21133cae1c99f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2051 02:37:05 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 81ms
42ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://grouple.co/
Origin: https://grouple.co
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2051 02:36:19 GMT

GET
H2 200 260558 Show response
an.yandex.ru/meta/ 124 KB
33 KB 515ms
394ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/260558?target-ref=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&pcode-test-ids=462894%2C0%2C5%3B461970%2C0%2C11%3B463068%2C0%2C57%3B426972%2C0%2C29%3B463034%2C0%2C51%3B460722%2C0%2C22%3B452124%2C0%2C10%3B461560%2C0%2C42%3B462727%2C0%2C70%3B463187%2C0%2C29%3B457740%2C0%2C64%3B462338%2C0%2C12%3B457667%2C0%2C51%3B457473%2C0%2C80%3B400734%2C0%2C75%3B451371%2C0%2C49%3B456499%2C0%2C33%3B204301%2C0%2C70%3B&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22462894%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22461970%22%2C%22testId%22%3A%22461970%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%5D%2C%22testId%22%3A%22426972%22%7D%5D%2C%22HORIZONTAL_SD_NO_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463034%22%7D%5D%2C%22HORIZONTAL_SD_NO_BIG_TITLE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463034%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22lead%22%2C%22testId%22%3A%22463034%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461560%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461560%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22461560%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461560%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22ADAPTIVE_SQUARE_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463187%22%7D%5D%2C%22ADAPTIVE_ROUND_BUTTON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22463187%22%7D%5D%2C%22POSTER_DISABLE_BUTTON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22463187%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_VERSION%22%3A%5B%7B%22value%22%3A%22smart-banner-adaptive_v3%22%2C%22testId%22%3A%22462338%22%7D%5D%2C%22REMOVE_DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457667%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457473%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=RLh7gXarjlHrW7SaTQJcPJyHbEBDg36XhnDUYUj9rWAITwBfiRSwS0VRQ2Y7ec0ErS8jaca0RZ3orL%2B0q2tz0j1ZFZE%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=216655330279426&ad-session-id=9470471637956976026&target-id=49041146&tga-with-creatives=1&pcode-version=49546&pcodever=49546&flash-ver=0&available-width=1140&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A1140%2C%22h%22%3A120%2C%22width%22%3A1140%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A230%2C%22top%22%3A82%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1272&grab=dNCn0LjRgtCw0Lkg0LzQsNC90LPRgywg0YHQvNC-0YLRgNC4INCw0L3QuNC80LUg0Lgg0LTQvtGA0LDQvNGDINC90LUg0L7QtNC40L0hINCf0LjRiNC4INC_0L7RgdGC0YshINCf0L7QtNC10LvQuNGB0Ywg0YEg0LTRgNGD0LfRjNGP0LzQuCDRgdCy0L7QuNC80Lgg0LjQvdGC0LXRgNC10YHQsNC80LggR3JvdXBMZQox0KHQtdGA0LLQuNGBINC30LDQutC70LDQtNC-0Log0Lgg0LHQu9C-0LPQvtCyIAozINCT0L7RgNGP0YfQuNC1INC_0L7RgdGC0Ysg0J_QvtGB0LvQtdC00L3QuNC1INC_0L7RgdGC0Ysg0JLQsNGIINCx0LvQvtCzINCU0L7QsdCw0LLQuNGC0Ywg0L_QvtGB0YIgCjMg0JzQvtC5INC70LXRgSAKMyDQn9C-0LvRg9GH0LXQvdC40LUg0LTQvtGB0YLRg9C_0LAg0Log0YHQsNC50YLRgyDRgSDQv9C-0LzQvtGJ0YzRjiBVc2VyIEFnZW50IAozIDIzINC90L7Rj9Cx0YDRjyAyMDIxOiDQotGD0L_QuNC6INC40LvQuCDRg9C00LDRh9CwPyEg0J_QtdGA0LjQvtC0IMKr0JTQvtGA0L7Qs9C4INGD0LTQsNGH0LjCuyAKMyDQlNC90LXQstC90LjQuiDRhNCw0L3QsNGC0LAgIlc6INCc0LXQtiDQtNCy0YPRhSDQvNC40YDQvtCyIiDQntCx0LfQvtGAINC00LXQstGP0YLQvtC5INGB0LXRgNC40LggCjMg0JrQvtGA0LjQtNC-0YAg0JfQsNGC0LzQtdC90LjQuSAxOS4xMSDigJMgMDQuMTIuMjAyMTog0YPQvdC40LrQsNC70YzQvdC-0LUg0LLRgNC10LzRjyDQtNC70Y8g0L_QvtC30LjRgtC40LLQvdC-0Lkg0YLRgNCw0L3RgdGE0L7RgNC80LDRhtC40Lgg0YHRg9C00YzQsdGLIAozINCd0LXQvNC90L7Qs9C-INC80YPQt9GL0LrQuCDQuCDQv9C-0L_Rg9Cz0LDQtdCyIAoz0J_QvtGB0LvQtdC00L3QuNC1INC-0LHQvdC-0LLQu9C10L3QuNGPINC90LAg0YHQsNC50YLQsNGFIAoz0J3QvtCy0LjQvdC60Lgg0L3QsCDQsdCw0LfQsNGA0LUg0JTQvtCx0LDQstC40YLRjCDRgtC-0LLQsNGAIAo%3D&uniformat=true&callback=Ya%5B2331353289720%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

70730a79923b9307b6e75d3dea5455b79205da236cb3aa7e6d6a277deb3ee4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1637956976194322-1780193828483074743600243-production-app-host-man-pcode-124
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
uniformat: true
expires: Fri, 26 Nov 2021 20:02:56 GMT

GET
H2 200 1321e0e50b1fc6d98706.js Show response
yastatic.net/partner-code-bundles/49546/ 639 KB
129 KB 41ms
28ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/49546/1321e0e50b1fc6d98706.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3352b69374004aa2dd4f33c6da65469997ac1e910fde6874be488fbfd9c739d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://grouple.co/
Origin: https://grouple.co
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 131548
last-modified: Fri, 26 Nov 2021 16:05:06 GMT
server: nginx/1.17.9
etag: "d9518b0d28b4c782db067ff775526f67"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2051 02:36:59 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/20813500/
Redirect Chain

https://mc.yandex.ru/watch/20813500?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.ru/watch/20813500/1?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

331 B
413 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/20813500/1?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A60127650195%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956976%3Ac%3A1%3Arn%3A279086563%3Arqn%3A1%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637956975435%3Ads%3A11%2C30%2C79%2C2%2C0%2C0%2C%2C219%2C19%2C%2C%2C%2C344%3Adsn%3A11%2C30%2C79%2C2%2C%2C0%2C%2C221%2C19%2C%2C%2C%2C344%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637956976%3At%3A%D0%A7%D0%B8%D1%82%D0%B0%D0%B9%20%D0%BC%D0%B0%D0%BD%D0%B3%D1%83%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%20%D0%B0%D0%BD%D0%B8%D0%BC%D0%B5%20%D0%B8%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%BE%D0%B4%D0%B8%D0%BD%21%20%D0%9F%D0%B8%D1%88%D0%B8%20%D0%BF%D0%BE%D1%81%D1%82%D1%8B%21%20%D0%9F%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%81%D1%8C%20%D1%81%20%D0%B4%D1%80%D1%83%D0%B7%D1%8C%D1%8F%D0%BC%D0%B8%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%B0%D0%BC%D0%B8%20GroupLe&t=gdpr%2814%29ti%282%29

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

03f16971423e39ca4c9083fb72a565674ec4df1d5c74f1818d9d511756b2e5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 26-Nov-2021 20:02:56 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Fri, 26-Nov-2021 20:02:56 GMT
location: /watch/20813500/1?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A60127650195%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956976%3Ac%3A1%3Arn%3A279086563%3Arqn%3A1%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637956975435%3Ads%3A11%2C30%2C79%2C2%2C0%2C0%2C%2C219%2C19%2C%2C%2C%2C344%3Adsn%3A11%2C30%2C79%2C2%2C%2C0%2C%2C221%2C19%2C%2C%2C%2C344%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637956976%3At%3A%D0%A7%D0%B8%D1%82%D0%B0%D0%B9%20%D0%BC%D0%B0%D0%BD%D0%B3%D1%83%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%20%D0%B0%D0%BD%D0%B8%D0%BC%D0%B5%20%D0%B8%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%BE%D0%B4%D0%B8%D0%BD%21%20%D0%9F%D0%B8%D1%88%D0%B8%20%D0%BF%D0%BE%D1%81%D1%82%D1%8B%21%20%D0%9F%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%81%D1%8C%20%D1%81%20%D0%B4%D1%80%D1%83%D0%B7%D1%8C%D1%8F%D0%BC%D0%B8%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%B0%D0%BC%D0%B8%20GroupLe&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:56 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif?t=ti(4)

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Fri, 26 Nov 2021 15:51:55 GMT
etag: "61a0d86b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 21:02:56 GMT

GET
H/1.1 200
OK t.php Show response
rj.revolvermaps.com/ Frame 8F85 36 B
223 B 21ms
20ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rj.revolvermaps.com/t.php?i=9l09okee274&r=yb1y
Requested by: Host: rj.revolvermaps.com
URL: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 09cbd8cf40baa9a7f1ac8e89418e5cab79f5f94c65ade875bad2e5daf8ad0dd7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=98
Content-Length: 36
Content-Type: text/plain;charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 47ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=43027430646
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://grouple.co
date: Fri, 26 Nov 2021 20:02:55 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK c.php Show response
rj.revolvermaps.com/ Frame 8F85 20 KB
8 KB 123ms
123ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rj.revolvermaps.com/c.php?i=9l09okee274&h=140&t=0
Requested by: Host: rj.revolvermaps.com
URL: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3fdd893b46f05baf8b945ce99a5ed09a8d1d32c1e3b4079647ad6dae1a8d1d95

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://rj.revolvermaps.com/5/f.php?i=9l09okee274&m=5&h=140&c=ffc000&r=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
Date: Fri, 26 Nov 2021 20:02:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: close

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 62ms
35ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473f47eb4596900e43b2828d59ee3b51e55262e24007450e0d950e41fca848cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9320
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 810B 11 KB
5 KB 44ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=grouple.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1798
date: Fri, 26 Nov 2021 20:02:55 GMT
content-length: 4683

POST
H2 204 events
bidder.criteo.com/csm/ 0
183 B 13ms
13ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://grouple.co
date: Fri, 26 Nov 2021 20:02:55 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 13ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 21 Nov 2022 20:02:56 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 17ms
17ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 21 Nov 2022 20:02:56 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/20813500/ 43 B
73 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/20813500/1?page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A1%3Als%3A60127650195%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956976%3Ac%3A1%3Arn%3A508401351%3Arqn%3A2%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637956975435%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C700%2C700%2C3%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C700%2C700%2C3%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637956976&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Fri, 26-Nov-2021 20:02:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 20:02:56 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 810B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=grouple.co&sn=ChromeSyncframe&so=0&topUrl=grouple.co&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=XGw3nXxSYTZteHF3SkoxdTNkMUVlWXZ2amc4MVM4QlZmb292RmZ6Q2ZWUnlweXVLWFlmSkcyL1JOdGRleWZNVkxEbDBlMnR0b3hHUnpTak0xVHhhYXRwM3pQd01Ca2FVSVlzakUveGFlUXRlc3lRd0RnemRwalk2ZENkVn...

444 B
629 B

542ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XGw3nXxSYTZteHF3SkoxdTNkMUVlWXZ2amc4MVM4QlZmb292RmZ6Q2ZWUnlweXVLWFlmSkcyL1JOdGRleWZNVkxEbDBlMnR0b3hHUnpTak0xVHhhYXRwM3pQd01Ca2FVSVlzakUveGFlUXRlc3lRd0RnemRwalk2ZENkVnFCTC82LzhndXdwcTY4Yys5ZlorRzBWd0dIT3RHTmN4MFRraFlNY3hGNTY3dG9GNUhsQjV5V2dET0M4UkNKSmlweUxrUmRsSnpiNHk4NWFiNUdqWjBhUG1oclFjR1E2UTVLT0cyMmpML1lId2J6ZHBNNDAwZ1E3M1hZSGhTM2tvN1ZabHRFOTBQWVFFaWNaMHFQQTRuNWx2TnJkUUV5QT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4b5f45148800f3a908c788c10b0f6296edeff201d9e87b967f65de87ae7b2fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 26 Nov 2021 20:02:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6385
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 26 Nov 2021 20:02:55 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=XGw3nXxSYTZteHF3SkoxdTNkMUVlWXZ2amc4MVM4QlZmb292RmZ6Q2ZWUnlweXVLWFlmSkcyL1JOdGRleWZNVkxEbDBlMnR0b3hHUnpTak0xVHhhYXRwM3pQd01Ca2FVSVlzakUveGFlUXRlc3lRd0RnemRwalk2ZENkVnFCTC82LzhndXdwcTY4Yys5ZlorRzBWd0dIT3RHTmN4MFRraFlNY3hGNTY3dG9GNUhsQjV5V2dET0M4UkNKSmlweUxrUmRsSnpiNHk4NWFiNUdqWjBhUG1oclFjR1E2UTVLT0cyMmpML1lId2J6ZHBNNDAwZ1E3M1hZSGhTM2tvN1ZabHRFOTBQWVFFaWNaMHFQQTRuNWx2TnJkUUV5QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2053
content-length: 541
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6D0F 12 KB
5 KB 48ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 18:36:17 GMT
expires: Sat, 26 Nov 2022 18:36:17 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9B0 783 B
1 KB 77ms
29ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db94a7667b59c8195198dbb69e1268f8825dd4f5cb42ac353f1530ce0f100761

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mwnTqiXqxp8MhwL98FHcKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 20:02:56 GMT
date: Fri, 26 Nov 2021 20:02:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mwnTqiXqxp8MhwL98FHcKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D0F 35 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 09:14:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9B0 0
0 59ms
59ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=4095356513465594&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=4095356513465594&bg=!SUqlSg7NAAZQLpa_UC47ACkAdvg8Wq2h5Pi3YxTtiTcGBieavHsmNUBYl0_njukWXhGA8Uln7BLvSwIAAABjUgAAAApoAQeZAn4zRbG_EDNSE7JnedgZprnemEdr5NLt6z6Lx5_u-7vNTAYSfngcmxZUxXyCvh9iwut2q7oYXpKVFdgWeBKzUj5boUPP4aXKsP35GSw2yJqFXyq0EvP60WXbj6dmTiSWAMvFWofPivCfOMsmjkE9c4_iMiI_qkA4e4CCr7LdPqjtb80YmkV_M0Ar7GdDK_sM5dVKAaPC3HR6CPOt6o2RVd182AJRPN746dzdmKc1cHdiVyXd3nKKAssDQKrKEy-t2iZylI0HQcAzCz9TEj7PDo2M0ND3S8d_CTgtS3smuF0gfyjo73jAC33h0JL2uv69hAM-7FfUoQuQW7DLltuleXLoc7iuxOXhdPwyDeS5LIvBH7NHfcAGOK0KXoQtvSYuvahnpBGCudDBkNKYI8Y2vsE_pJIBoZ20mGs2fURShyuQ0rPfOa3WYEyw1MN4djdZLH9HFuYt_s4Ags8DutnysynRKX-T1Ma_7pGCcN4g0r1QvRU8RnWYj2ATZtCFEFT7c0qDtZ681hZ15LP-ViLNBRGwCS8PCR_ZEwfMLnpPBHRnAhV9W6xq__IseAQUoQlK-gO1plhse5GMOiHfEqfUqw_TOLPDM97ORouz9yNd_e4Kl--1zUhxiHkXk2fXb5D-IFrRwUViQJkOjl4WNznrByYSqdN-12tbHvRT2Mu5XPn1jZcxd0DTJk0cpZr5HPYarfQGns4_8A4hdlYej4RojdcIVQ_udMd10DAwLQhXw7I0sV8nHIETRr_tEcxJeAEdKV9nvdEYzM6Cwvj0WBkH18DVRMAdMnOrRYiJpaxth7ih6-XFnDH1yv-W_z6fopcqjmMli1GPzaM3FoterzeFFw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 144ms
48ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://grouple.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 26 Nov 2021 20:02:56 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://grouple.co
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
112 B 90ms
89ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:56 GMT

GET
H2 200 260558 Show response
mc.yandex.ru/watch/ 295 B
330 B 49ms
48ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/260558?wmode=7&page-url=https%3A%2F%2Fgrouple.co%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A298740119517%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956977%3Ac%3A1%3Arn%3A29348926%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637956975435%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637956977%3At%3A%D0%A7%D0%B8%D1%82%D0%B0%D0%B9%20%D0%BC%D0%B0%D0%BD%D0%B3%D1%83%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%20%D0%B0%D0%BD%D0%B8%D0%BC%D0%B5%20%D0%B8%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%BE%D0%B4%D0%B8%D0%BD!%20%D0%9F%D0%B8%D1%88%D0%B8%20%D0%BF%D0%BE%D1%81%D1%82%D1%8B!%20%D0%9F%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%81%D1%8C%20%D1%81%20%D0%B4%D1%80%D1%83%D0%B7%D1%8C%D1%8F%D0%BC%D0%B8%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%B0%D0%BC%D0%B8%20GroupLe&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d296e3f59df073020339ed177273bc5e8f8ec12eacfafae19a2466be4644270f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 26-Nov-2021 20:02:56 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:56 GMT

GET
H2 200 y129
avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/ 6 KB
6 KB 149ms
47ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/y129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 8de0bdd2e46d412185ef05b92809d33a601ad783b360ed6135f3fa0228599332

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Thu, 08 Apr 2021 20:01:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 6108
x-request-id: fcb37fc5de4d3b1e

GET
H2 200 y129
avatars.mds.yandex.net/get-direct/363179/7oyxBVRuagpOWq25qHAOWw/ 5 KB
5 KB 150ms
48ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/363179/7oyxBVRuagpOWq25qHAOWw/y129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 974dbc0875df1395c14e8e42da2666ba527bac5cffafabb1a40c169e26baea7b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Wed, 01 Aug 2018 13:41:41 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 4900
x-request-id: f487073c1a1e9e2b

GET
H2 200 x160
avatars.mds.yandex.net/get-direct/2799312/exSXHY51MjEbnpJEhJIruw/ 7 KB
7 KB 149ms
48ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2799312/exSXHY51MjEbnpJEhJIruw/x160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: def07c59b3a697ac9b50163ffeb04c729cabdc23630f058079aa85114603e93e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Mon, 23 Dec 2019 16:04:30 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 7046
x-request-id: cc9adc09beff8eef

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 0913 24 KB
7 KB 41ms
14ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/

Response headers

server: nginx/1.17.9
date: Fri, 26 Nov 2021 20:02:56 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 27 Nov 2051 02:38:03 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

POST
H2 200 1 Show response
mc.yandex.ru/watch/260558/ 43 B
73 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/260558/1?page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A294%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A298740119517%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956977%3Ac%3A1%3Arn%3A696730807%3Arqn%3A1%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637956975435%3Ads%3A11%2C30%2C79%2C2%2C0%2C0%2C%2C219%2C19%2C700%2C700%2C3%2C344%3Adsn%3A11%2C30%2C79%2C2%2C%2C0%2C%2C221%2C19%2C700%2C700%2C3%2C344%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637956977&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Fri, 26-Nov-2021 20:02:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:56 GMT

GET
H2 200 260558 Show response
mc.yandex.ru/watch/ 43 B
73 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/260558?page-url=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A298740119517%3Ahid%3A601790350%3Az%3A0%3Ai%3A20211126200256%3Aet%3A1637956977%3Ac%3A1%3Arn%3A372789385%3Arqn%3A2%3Au%3A1637956976468719057%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637956975435%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637956977%3At%3A%D0%A7%D0%B8%D1%82%D0%B0%D0%B9%20%D0%BC%D0%B0%D0%BD%D0%B3%D1%83%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%20%D0%B0%D0%BD%D0%B8%D0%BC%D0%B5%20%D0%B8%20%D0%B4%D0%BE%D1%80%D0%B0%D0%BC%D1%83%20%D0%BD%D0%B5%20%D0%BE%D0%B4%D0%B8%D0%BD!%20%D0%9F%D0%B8%D1%88%D0%B8%20%D0%BF%D0%BE%D1%81%D1%82%D1%8B!%20%D0%9F%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%81%D1%8C%20%D1%81%20%D0%B4%D1%80%D1%83%D0%B7%D1%8C%D1%8F%D0%BC%D0%B8%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%B0%D0%BC%D0%B8%20GroupLe&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Fri, 26-Nov-2021 20:02:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:56 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 0913 95 B
400 B 199ms
47ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Sat, 27 Nov 2021 20:02:56 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ditmsk/ Frame 0913
Redirect Chain

https://stats.mos.ru/gc/ynd/
https://an.yandex.ru/mapuid/ditmsk/?time=1637956976.894

43 B
80 B

96ms
96ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ditmsk/?time=1637956976.894

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:56 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/ditmsk/?time=1637956976.894
date: Fri, 26 Nov 2021 20:02:56 GMT
server: nginx
content-length: 145
content-type: text/html

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 0913
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=2eed42e20f3e45ddb68b304783b1e991
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2eed42e20f3e45ddb68b304783b1e991

0
355 B

41ms
40ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2eed42e20f3e45ddb68b304783b1e991
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
server: nginx/1.20.1
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2eed42e20f3e45ddb68b304783b1e991
Date: Fri, 26 Nov 2021 20:03:07 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0913 42 B
201 B 266ms
64ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 0913
Redirect Chain

https://an.yandex.ru/mapuid/google/
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3201A179BAB9D0AF&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

93ms
93ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 20:02:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

7JQV95mrx4wnnAx7f3no
an.yandex.ru/mapuid/dmpamberdata/ Frame 0913
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1637956976
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1637956976
https://an.yandex.ru/mapuid/dmpamberdata/7JQV95mrx4wnnAx7f3no

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/7JQV95mrx4wnnAx7f3no

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

Date: Fri, 26 Nov 2021 20:02:57 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/7JQV95mrx4wnnAx7f3no
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 5
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

__RrnvWYtZ8V
an.yandex.ru/mapuid/dmpsegmento/ Frame 0913
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/__RrnvWYtZ8V?sign=3059080123

43 B
152 B

73ms
73ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/__RrnvWYtZ8V?sign=3059080123

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/__RrnvWYtZ8V?sign=3059080123
Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

RZpq2FkXrkBe
an.yandex.ru/mapuid/rutargetis/ Frame 0913
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/RZpq2FkXrkBe

43 B
80 B

99ms
98ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/RZpq2FkXrkBe

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/RZpq2FkXrkBe
Date: Fri, 26 Nov 2021 20:02:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

ChotSVBLX%2Fyz1xmrrhVlHg
an.yandex.ru/mapuid/dmpaidatame/ Frame 0913
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/ChotSVBLX%2Fyz1xmrrhVlHg?sign=3028070365

43 B
80 B

90ms
90ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/ChotSVBLX%2Fyz1xmrrhVlHg?sign=3028070365

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
last-modified: Fri, 26 Nov 2021 20:02:55 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/ChotSVBLX%2Fyz1xmrrhVlHg?sign=3028070365
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Fri, 26 Nov 2021 20:02:55 GMT

GET
H2

200

d9219940-4ef3-11ec-ad67-f832e4719dd9
an.yandex.ru/mapuid/dmpcleverdata/ Frame 0913
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/d9219940-4ef3-11ec-ad67-f832e4719dd9?sign=1808195833

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/d9219940-4ef3-11ec-ad67-f832e4719dd9?sign=1808195833

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:56 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/d9219940-4ef3-11ec-ad67-f832e4719dd9?sign=1808195833
date: Fri, 26 Nov 2021 20:02:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2

200

gNpTAqWvAPa4aYQUuBs1f.
an.yandex.ru/mapuid/dmpweborama/ Frame 0913
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1866963320
https://an.yandex.ru/mapuid/dmpweborama/gNpTAqWvAPa4aYQUuBs1f.

43 B
99 B

93ms
92ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/gNpTAqWvAPa4aYQUuBs1f.

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
via: 1.1 google
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
server: nginx/1.12.0
location: https://an.yandex.ru/mapuid/dmpweborama/gNpTAqWvAPa4aYQUuBs1f.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 0913
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

74ms
73ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

date: Fri, 26 Nov 2021 20:02:57 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 0bal2
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 0913
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=4A413FEFBA8055C6
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=4A413FEFBA8055C6

42 B
945 B

39ms
39ms

Image
image/gif

34.248.242.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=4A413FEFBA8055C6

Protocol

HTTP/1.1

Server

34.248.242.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-242-4.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v020-094fe0749.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OIRjOcB5TB0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v020-0c669b8ab.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DOcQvY+6SVs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=4A413FEFBA8055C6
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 0913 0
238 B 170ms
55ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 109
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

1f41d201141ffa3191ed702f28079af2582a8aa16a43f680d68f25491e08eafa
an.yandex.ru/mapuid/mediascope/ Frame 0913
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/1f41d201141ffa3191ed702f28079af2582a8aa16a43f680d68f25491e08eafa

43 B
80 B

73ms
72ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/1f41d201141ffa3191ed702f28079af2582a8aa16a43f680d68f25491e08eafa

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
server: ms-counter-3.2.14/1.20.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/1f41d201141ffa3191ed702f28079af2582a8aa16a43f680d68f25491e08eafa
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

3569c87c-e4fd-4a7d-9d1c-7478080c2102
an.yandex.ru/mapuid/upravelis/ Frame 0913
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://3569c87c-e4fd-4a7d-9d1c-7478080c2102.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/3569c87c-e4fd-4a7d-9d1c-7478080c2102

43 B
80 B

73ms
72ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/3569c87c-e4fd-4a7d-9d1c-7478080c2102

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:57 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:57 GMT

Redirect headers

date: Fri, 26 Nov 2021 20:02:57 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/3569c87c-e4fd-4a7d-9d1c-7478080c2102
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 48ms
48ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://grouple.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 26 Nov 2021 20:02:56 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://grouple.co
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 72ms
72ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:56 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:56 GMT

POST
H2 200 20813500 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/20813500?wmode=0&wv-part=1&wv-hit=601790350&page-url=https%3A%2F%2Fgrouple.co%2F&rn=973824326&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1637956978%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211126200258%3Au%3A1637956976468719057%3Avf%3A4bjmbg3ayomb49rglz%3Awe%3A1%3Ast%3A1637956978&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
last-modified: Fri, 26-Nov-2021 20:02:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:58 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 0913 105 KB
37 KB 18ms
18ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: grouple.co
URL: https://grouple.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 29 Nov 2021 08:00:47 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: e5075fd507a3fcfa

POST
H2 200 20813500 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 197ms
73ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/20813500?wmode=0&wv-part=1&wv-hit=601790350&page-url=https%3A%2F%2Fgrouple.co%2F&rn=236887563&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1637956979%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211126200258%3Au%3A1637956976468719057%3Avf%3A4bjmbg3ayomb49rglz%3Awe%3A1%3Ast%3A1637956979&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grouple.co/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
last-modified: Fri, 26-Nov-2021 20:02:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://grouple.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:58 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 0913 130 KB
46 KB 125ms
124ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1f75b50975fa775ad330267def21c59c07e495ba35387ae3afe68b95da0114a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: br
last-modified: Fri, 26 Nov 2021 15:51:55 GMT
etag: "61a0d86b-b7aa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47018
expires: Fri, 26 Nov 2021 21:02:58 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 0913 403 B
695 B 103ms
102ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgrouple.co%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

745cff35a28dbe94291bfa7d656a81f9052d57cf9447771bd3ec4f5fa9cac721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 0913 37 KB
14 KB 82ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 20:02:58 GMT

GET
H2

200

/
www.google.nl/pagead/1p-user-list/1014923426/ Frame 0913
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cj2hYZW6M8fFx_APwK6e4A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1580687951&crd=&is_vtc=1&random=3181167122
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1580687951&crd=&is_vtc=1&random=3181167122&ipr=y

42 B
108 B

37ms
34ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1580687951&crd=&is_vtc=1&random=3181167122&ipr=y

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1580687951&crd=&is_vtc=1&random=3181167122&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.nl/pagead/1p-user-list/1014923426/ Frame 0913
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cj2hYZe6M-3Zx_AP4rmGoA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1452458676&crd=&is_vtc=1&random=2829201262
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1452458676&crd=&is_vtc=1&random=2829201262&ipr=y

42 B
548 B

35ms
32ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1452458676&crd=&is_vtc=1&random=2829201262&ipr=y

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1452458676&crd=&is_vtc=1&random=2829201262&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.ru/watch/ Frame 0913 167 B
218 B 49ms
48ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A9ezyymqkmijljbr9v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A363364984625%3Ahid%3A646732881%3Az%3A0%3Ai%3A20211126200258%3Aet%3A1637956979%3Ac%3A1%3Arn%3A606610201%3Arqn%3A1%3Au%3A1637956979861351524%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637956976680%3Ads%3A0%2C26%2C14%2C1%2C0%2C0%2C%2C14%2C0%2C59%2C59%2C0%2C59%3Adsn%3A0%2C26%2C14%2C0%2C0%2C0%2C%2C17%2C0%2C59%2C59%2C0%2C59%3Aco%3A0%3Ast%3A1637956979&t=gdpr()ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

76fe9ba784883e59a1775f7f0e91b24683ed0cf0a9e5c6a28188a1384f326f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 26-Nov-2021 20:02:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:58 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 0913 43 B
74 B 50ms
49ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif?t=ti(4)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:02:58 GMT
last-modified: Fri, 26 Nov 2021 15:51:55 GMT
etag: "61a0d86b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Nov 2021 21:02:58 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0913 3 KB
1 KB 159ms
159ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637956978871&cv=9&fst=1637956978871&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b4f609748c90b074dbab5c9c530152a81ed3bea932b06408d597f1e029ee934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0913 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637956978876&cv=9&fst=1637956978876&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5a13497d8b33b79e1227a6682eb0e723a00f6a6457d2ab2fbd1fcf31681e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0913 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637956978879&cv=9&fst=1637956978879&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e304bc419e922cbebbcb73f25eac19ebe7c03faf6314aa78fd43ba7d3ab1549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0913 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637956978880&cv=9&fst=1637956978880&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

549ae36042b26793f826591ac5a693827a04bf7eff5442a8f180fcbd423589fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1GtVnlfI0PG100000000U9nJBE2z4XiefUfXk79dZ5ByuSs9bWMs2nCPWC0J9X8gtD1P4Nlk9pD3AYDGF7FbpWj28F5I4A-s34YqCeB8gK2-0iDCHcT31Z1Oo2WZ3M6jPBp11M7jPPnvYflXA9X_bH5am5r61Xa6Xh-CivWO6EOoWKIMChrWPc1OorG1P9zb-Wy4h...
an.yandex.ru/rtbcount/ 43 B
152 B 73ms
73ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1GtVnlfI0PG100000000U9nJBE2z4XiefUfXk79dZ5ByuSs9bWMs2nCPWC0J9X8gtD1P4Nlk9pD3AYDGF7FbpWj28F5I4A-s34YqCeB8gK2-0iDCHcT31Z1Oo2WZ3M6jPBp11M7jPPnvYflXA9X_bH5am5r61Xa6Xh-CivWO6EOoWKIMChrWPc1OorG1P9zb-Wy4hvW4fYt-j6tbJWO6uQITaxTTP6NuoyG2ifYP5KZsCYk2h6S6QPxBp0Io44WgW2tSo3mhzfhsyVkvpIUPy--ctRKCApEy2bPv5qp-P7PmueSubyMtt1ZCMi7oXtC72_C15iQRB11dVx1_o39h9WZSj7_B0dBy0bRUawmYWknWwGki3GrCDrdpTwfqVQZjDVpA2dBq0hOdppkxTtnP-o1l9HjCyoCsNWzZIwkIGeD2NqlpCFENR30BVi9P053hTvK0?confirmTime=2101000&confirmRatio=1000000&test-tag=216655330279426&format-type=21&actual-format=19&rnd=2126949124291&pcode-active-testids=463034%2C0%2C51%3B457667%2C0%2C51%3B462727%2C0%2C70%3B400734%2C0%2C75&banner-sizes=eyI3MjA1NzYwNDYzNTU0MDg3MyI6IjMzMHgxMjAiLCI3MjA1NzYwMzM2NDg3NzI1NiI6IjMzMHgxMjAiLCI3MjA1NzYwNTM3Nzg2NTk5OCI6IjMzMHgxMjAifQ%3D%3D&width=1140&height=120

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:58 GMT

GET
H2 200 37412095 Show response
mc.yandex.ru/watch/ Frame 0913 350 B
385 B 49ms
48ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgrouple.co%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A9ezyymqkmijljbr9v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1062658111409%3Ahid%3A646732881%3Az%3A0%3Ai%3A20211126200258%3Aet%3A1637956979%3Ac%3A1%3Arn%3A508584898%3Arqn%3A1%3Au%3A1637956979861351524%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637956976680%3Ads%3A0%2C26%2C14%2C1%2C0%2C0%2C%2C14%2C0%2C59%2C59%2C0%2C59%3Adsn%3A0%2C26%2C14%2C0%2C0%2C0%2C%2C17%2C0%2C59%2C59%2C0%2C59%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637956979%3At%3A&t=gdpr(6)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

af93f964a744f5f6607c7afdae9c9d359139dae9f565ae9685d81dd08f765d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 26-Nov-2021 20:02:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Fri, 26-Nov-2021 20:02:58 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 0913 42 B
64 B 42ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1637956978876&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=608814429&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/693627671/ Frame 0913 42 B
108 B 82ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/693627671/?random=1637956978876&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=608814429&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 0913 42 B
64 B 40ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1637956978880&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=3944192148&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/693627671/ Frame 0913 42 B
108 B 81ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/693627671/?random=1637956978880&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=3944192148&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 0913 42 B
64 B 39ms
34ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1637956978879&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=2708889603&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/947884341/ Frame 0913 42 B
108 B 78ms
34ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947884341/?random=1637956978879&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=2708889603&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 0913 42 B
64 B 32ms
32ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1637956978871&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=3873857623&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.nl/pagead/1p-user-list/947884341/ Frame 0913 42 B
64 B 59ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947884341/?random=1637956978871&cv=9&fst=1637956800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgrouple.co%2F&async=1&fmt=3&is_vtc=1&random=3873857623&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WJCejI_zOAS0JGa0v0vuYO0JgTDBkWK0fm4GW8200J5mFQ5X000003YSvn-80W6v0XA-nm2HoOQfy0AarwZcmA4ny0K1e0Ri0Sa6S0tKNL4Q9KYf1wcvq19VmxDXW0e1Y0eDbgFojgcv000JOhcJjj7m2mQO3k-wc-kTnvMxCQWFgVFoalBhyDbXa128W9clZjdEd...
an.yandex.ru/count/ 43 B
152 B 82ms
82ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WJCejI_zOAS0JGa0v0vuYO0JgTDBkWK0fm4GW8200J5mFQ5X000003YSvn-80W6v0XA-nm2HoOQfy0AarwZcmA4ny0K1e0Ri0Sa6S0tKNL4Q9KYf1wcvq19VmxDXW0e1Y0eDbgFojgcv000JOhcJjj7m2mQO3k-wc-kTnvMxCQWFgVFoalBhyDbXa128W9clZjdEdo7Z_RVQ2U0K0TWLmOhsxAEFlFnZyCaMy3-15wWN3PaOq1WX-1Y06RWPm1dlyfBHYBxVnZ7I6H9vOM9pNtDbSdPbSYzoDJanBJFe6VG8y1c0mWE270r8CpawT74mSKqvDrOtwHo07Vz_4W1GPBnh42Y6ZK71NHKDa-WMGdY9WRbinLZc5bSp-UrHhaqVbS-7Z0scTewo3np54FxOBWwbZ441~1=Wf4ejI_zO1O2FHG0z2A4GVdI5WEkvzcmG801s-gDuOM0sx84Y061ryJqSv01alRL-iw0W802c06IzjNwJg01kkwe0RhkrVfEk06q_EZa8TW1_AIlcG7W0PQLhva1w06a1FW1s8_UlW6W0exwXG6m0vm5Y0MUonAG1SdO9R05oye9k0NBoWd01Qo6EiW5YU4Eq0NHwWFW1PIe1km1k0U01T070jW74E07XWhn1m00Y8VzGe0A0S4ARwdJ9a7Tv3_9-0g0jHZP2wcvq19VmxDXw0kUonA83DR5uhu1w0oR1fWDcQWqFw0Em8GzW12-a80TmB2GWW7G4FQ6hr_W4StkpG7e4QJjqPQk_VkbEl2JGCPT_xEtzyW_c1C2u1FBoWc058200eWKwPIRd_cz-_uqe1JBoWce5CdO9R0Kwu4mk1I0qmu2q1JVtTOUs1JMiUMA1kWKZ0BG5TQnvOe6s1N1YlRieu-y_6EW5W6m5h83oHRG5jR5uhu1WHUO5vUrj2ou5m705xKIq1VGXWFO5uxaFEWN0PaOe1W7i1ZHouID1hWO0VWO-87xjFIn_vNj0O0PYHaK4P0P0Q0Px06e6TsDvPK4k1d_0U0P0UWPz0Zm6O320u4Q__yNWD6vYuE86i24FQ0QwjphmeFeswetzHe10000c1kPg3JO6u20W801wHlUl-V2MQmOGV0RaePX-1kTaoZf703mFu0T_t-P7G3mF-0TrQwU1QWU0T0UeEBQzQdubu1Vs1xwsXw87_y17002Sk0Ia0g1Tk8Fc2xEjw4CZYAPXiY27j54Enzb1nVYuguCn9gzIK98i7SLhYe2FY043mZbhQ1bpv7qlfldWQqHOw6JnY3Ou4FARQLqrgsPTR1Dm040~1=WdGejI_zOFi1LHC0525oAOs6-mAwfik0wnM00Olmb8RdejJEy0680OE9YBrFa06Gp---nO20W0AO0P3Fxxv5e068g068k06iWhBH7zW1_FoC8E01tj6O7-W1f0Fu0PIwthu1e0BGhOeAe0C4i0Ec1uW5_DOEa0Mebm-m1OZk0xW5YEu3m0M3m2p81PAe2z05pyK1u0MLg0Ri0RW7W0NG1mBO1n3W1uOAyGS00CBebeK5W0e1mGgpXI_KqK_6Fydu2e2r6DaBgRdG4b_3is7e2_pM3fi6c0sPg3ImFg0Em8GzW13M_x4PcX0R040Po130a13W4StkpG7e4QJjqPQk_VkbEl2JG907WmrbBze_c1C2u1E8xWE85EcKcv_vlVl-DA0KYEu3g1Iebm-m5C29aHou583HoWZ850BG59NCnG7O5FF_s8i6w1IC0j0Ly__OYmRO5S6AzkoZZxpyOw0M0R0MiWEu5W705dR95W3mFz0M-E7UlW615m00y3-O5-EO_YUu5m705xKIq1VGXWFO5xhTE-WN0faOe1WBi1ZHouID1hWO7_WO-87xjFIn_vNj0O0PYHaK4P0P0Q0Px06u6V___m7W6G7e6VG8y1c0mWE16l__0m_MswFmY1h0X3sW6lgSn8xPmj-4iW7r6W40002O6vceDDWR8EaRoMWG7aZFRq7m6-lZen_u6-VcbXFf780T_t-P7QWU0TWU-jeU7G0uX8YOCSeySXxAaAqxydEKWQWX0eAQuCRdGaRZbQrVizSrYV5DCNJwhcwGTruD6buWV0OriMecWvO0il0y5yoD66kTD0O1P45ASgLqQc2TQn8TR1Dm~1=Wa4ejI_zOD41lH40j1sBUi5gqGAqv_hvZII00G680RVjkQM10P01dEJDljI0W802c06SvCs-LA01ikAe0RBYpRvKk07wwRQa8zW1d9IZdm7W0TAZrXde0RW2-06Kkjw-0Q02-FpA5y022w031h030fyCY0N2r0QG1V2P1x05iEe1k0MmwW7VNU05bQW6x06u1u05q0SMs0SGu0U62l470032Who-vINN9mNG9_i_oVWAWBKOsGkfkT0INyEpOUWBmjG6Y0pCozw-0UWCcmQO3PceD70ze0x0X3s048w8-X-0Wn3W4StkpG7e4QJjqPQk_VkbEl2JG6F8e6KfxQW_c1C2u1EmwW685EcKcv_vlVl-DCWK0T0KXCplLjWKuRwxZ0Re58m2q1NXlhkC1jWLmOhsxAEFlFnZe1O1i1Qo0yaMq1RCozw-0O4Nc1VsZxqTk1S1m1Ur4j0Nq8O3s1VDaJle5mMP6A0O1h0OqSk4ZGQu60tu6FY1-xJqiV-LxG606OaP516G6G6W6Um1k1d___y1u1a7w1dq2F0PWC83WHh__ylErqK-88WQm8Gzg1hE-Iwu6WFr6W40002O6vceDDWR8EaRsp9C1yEjNa7m6zhRYW_u6_cVYWtf780T_t-P7QWU0TWU-jeU7G0uX7YOiQaySjB9a8mxycqeWwD8fY7oYaVq4D_Ynhk5kB8h0wjcpvaG4l1TXUkAW0-8nWG28HUqoDWwnO7HCi-bIIC6C2UDaHSBGZlZ3zwA8t30rymls2QA~1?stat-id=1&test-tag=216655451935793&banner-sizes=eyI3MjA1NzYwNDYzNTU0MDg3MyI6IjMzMHgxMjAiLCI3MjA1NzYwMzM2NDg3NzI1NiI6IjMzMHgxMjAiLCI3MjA1NzYwNTM3Nzg2NTk5OCI6IjMzMHgxMjAifQ%3D%3D&format-type=21&actual-format=19&pcodever=49546&banner-test-tags=eyI3MjA1NzYwNDYzNTU0MDg3MyI6IjU4MTY0OSIsIjcyMDU3NjAzMzY0ODc3MjU2IjoiNTczNjIiLCI3MjA1NzYwNTM3Nzg2NTk5OCI6IjU3MzYzIn0%3D&pcode-active-testids=463034%2C0%2C51%3B457667%2C0%2C51%3B462727%2C0%2C70%3B400734%2C0%2C75&width=1140&height=120&confirmTime=2100000&confirmRatio=1000000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://grouple.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 20:02:59 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 20:02:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 20:02:59 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 23:00:43	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 23:07:55	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 23:00:43	Name: pcs3 Value: 1
grouple.co/	1969-12-31 23:59:59	Name: JSESSIONID Value: CCE939134876AD0C39023E437CC0E64C
.grouple.co/	1970-01-20 07:44:52	Name: _ym_uid Value: 1637956976468719057
.grouple.co/	1970-01-20 07:44:52	Name: _ym_d Value: 1637956976
.exchange.buzzoola.com/	1970-01-19 23:42:28	Name: uuid Value: 66d8938f-b1b9-4214-528f-d7adeb999898
.otm-r.com/	1970-01-20 07:44:52	Name: mpid Value: NjFhMTNkNzAwNWE1ZjdkMQ==
.grouple.co/	1970-01-20 08:20:52	Name: __gads Value: ID=7f97f486feab1e84-2277aa5d06cc00ae:T=1637956976:RT=1637956976:S=ALNI_MZq7LvECOyr0sqcGM5bDVF_Zjgxdg
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWGhPXAQIwAnFP2xAnW7V2awO8vjxhjNLnlp/2uzDmw6
.yandex.ru/	1970-01-20 07:44:52	Name: yandexuid Value: 526634741637956976
.yandex.ru/	1970-01-20 07:44:52	Name: yuidss Value: 526634741637956976
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1097991681637956976
.yandex.ru/	1970-01-23 14:35:16	Name: i Value: zxcQtvO7bnMDJ8z7zf5ar9VX2FJ8eqzu2iGgh0o1e1JWurnCPS3ot2Y5PAtEzpZcGsOM7AzocitXWTZmkLSMygdhmXM=
.yandex.ru/	1970-01-20 07:44:52	Name: ymex Value: 1669492976.yrts.1637956976#1669492976.yrtsi.1637956976
.grouple.co/	1970-01-19 23:00:28	Name: _ym_isad Value: 2
.adhigh.net/	1970-01-20 07:44:52	Name: gi_u Value: 5gzbbjTBjKP.AikABlF9Xdf-Gg
.criteo.com/	1970-01-20 08:20:52	Name: uid Value: d4133971-5377-4509-9546-f0198355a90a
.grouple.co/	1970-01-19 22:59:18	Name: _ym_visorc Value: w
ssp.bidvol.com/	1970-02-13 19:30:40	Name: bvuid Value: 5qi70t7joo
.an.yandex.ru/	1970-01-19 23:09:21	Name: yabs-vdrf Value: A0
.grouple.co/	1970-01-20 08:20:52	Name: cto_bundle Value: VZpMr182b1ZwQkYlMkJMWm14SjB6SDByMk9iaGVoY2tGMUttSCUyRmo1RXVHTjAlMkZhbzNrN0paV0ttZVo3Wmp4QXp4Z0dhY2ZrSlR4dHZtOFl5JTJCQTlTZ0J2cyUyQjdNS2RwNlNkbHN0JTJCSVg3blZ6SmRYZTJiWGhLVTU4MHh6N1cyTUU0T2lJeDl1eXdJMVFudDZHNnBET3JRZElJNVk4ZWclM0QlM0Q
.weborama.fr/	1970-01-20 08:30:57	Name: AFFICHE_W Value: lKjnwoPM4OaU86
.1dmp.io/	1970-01-20 07:44:52	Name: uid Value: d9219940-4ef3-11ec-ad67-f832e4719dd9
.sonar.semantiqo.com/	1970-01-21 19:37:40	Name: semantiqo_a Value: 2eed42e20f3e45ddb68b304783b1e991
.sonar.semantiqo.com/	1970-01-20 07:54:57	Name: check Value: 8469b42b7c154d74bc1ed02b3700b77d
.1dmp.io/	1970-01-19 22:59:17	Name: ru-seq Value: null
.doubleclick.net/	1970-01-20 08:20:52	Name: IDE Value: AHWqTUm4_HczL-kRgv8OLEMnF9GLLRJNcm4JFgxinArf6qcLgGD0tM-YVH0cyjPMFjk
.aidata.io/	1970-01-20 16:30:28	Name: __upin Value: ChotSVBLX/yz1xmrrhVlHg
.aidata.io/	1970-01-20 16:30:28	Name: __upints Value: 1637956976
.dmg.digitaltarget.ru/	1970-01-21 00:54:28	Name: viuserid Value: 7JQV95mrx4wnnAx7f3no
.demdex.net/	1970-01-20 03:18:28	Name: demdex Value: 39672831125295759374160008783339274852
.rutarget.ru/	1970-01-20 03:18:28	Name: userId Value: RZpq2FkXrkBe
x01.aidata.io/	1970-01-19 23:09:21	Name: yaya Value: 1
.dpm.demdex.net/	1970-01-20 03:18:28	Name: dpm Value: 39672831125295759374160008783339274852
.upravel.com/	1970-01-19 22:59:17	Name: session_tptc Value: 1637956977086
.upravel.com/	1970-01-23 14:35:16	Name: user_id Value: 3569c87c-e4fd-4a7d-9d1c-7478080c2102
.tns-counter.ru/	1970-01-20 07:44:52	Name: guid Value: BF41692261A13D71X1637956977
.yandex.ru/	1970-01-20 16:30:28	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:30:28	Name: is_gdpr_b Value: COC+ehCfUxgB

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6485958324769063&output=html&adk=1812271804&adf=3025194257&lmt=1637956975&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgrouple.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637956975853&bpp=3&bdt=293&idt=114&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6170169058052&frm=20&pv=2&ga_vid=1393382370.1637956976&ga_sid=1637956976&ga_hid=1561228970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062938%2C31063735%2C31063738%2C31063792%2C31061690%2C31063182&oid=2&pvsid=4095356513465594&pem=312&tmod=1924613500&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3569c87c-e4fd-4a7d-9d1c-7478080c2102.sync.upravel.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.nl
an.yandex.ru
avatars.mds.yandex.net
bidder.criteo.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
exchange.buzzoola.com
googleads.g.doubleclick.net
grouple.co
gum.criteo.com
matchid.adfox.yandex.ru
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
profile.ssp.rambler.ru
px.adhigh.net
redirect.frontend.weborama.fr
res.grouple.co
resgr.rmr.rocks
rj.revolvermaps.com
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bidvol.com
static.criteo.net
static.grouple.co
staticgr.rmr.rocks
stats.mos.ru
sync.1dmp.io
sync.upravel.com
tpc.googlesyndication.com
www.google.com
www.google.nl
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
116.202.51.238
138.201.157.161
142.250.185.130
142.250.186.130
148.251.236.115
148.251.237.106
159.69.72.5
178.250.2.131
178.250.2.146
185.15.175.133
185.184.8.65
193.232.148.140
195.201.114.28
195.201.87.224
2001:6d0:4001::226
212.11.155.166
213.152.186.44
2a00:1148:db00::17
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:f820:425::3
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
34.248.242.4
35.190.16.14
37.18.16.21
65.108.1.48
80.64.106.147
80.64.106.148
81.222.128.214
88.212.201.198
88.99.234.26
89.108.120.68
91.192.150.30
95.216.101.186
95.217.109.66
009a95ba677c88d78d95b3a9ce0547747d051a2f7c0b95b259488870a34adec8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02fd426c86e86248a5d1c99cea5bf5b38374999969e2ae593ff4b8627de6c95e
03f16971423e39ca4c9083fb72a565674ec4df1d5c74f1818d9d511756b2e5e6
06fa80506c6fbcea127ce113bd1180beb1eb25f0fa6ddf8d703ac3b7396cff53
092ba8d8406046d9dc03399304b164b3724bf0fed7446fbd5507d1b371bef431
09cbd8cf40baa9a7f1ac8e89418e5cab79f5f94c65ade875bad2e5daf8ad0dd7
17bd3eef9898dcc64df0fe76184b605eedf87d4f6ace985de6aa7171614427a1
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1bd6411f68b832aaea1178776f2242ec3b466e3a403cfe934ab133c7a1635d23
1c9e171107f0e88f256a7c7b686701435edfdd377b6738538d67c01fa6e1a51f
1f75b50975fa775ad330267def21c59c07e495ba35387ae3afe68b95da0114a6
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
3352b69374004aa2dd4f33c6da65469997ac1e910fde6874be488fbfd9c739d2
3437a0d02c8361e13cf2763cead0fe09ec4418ff584ad91eda4aad3fada5727a
3476eb702ea3a20fda408a3c5cee93b40074fa99eb6a7eea2267701e8e050da1
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35558515a040d0868925a206fb5e385b5fb1572d51b36f6a4cbc0b049b5528ae
3679dfe2660d617de85eb77594134b2157bd98218f0895ec81d4fa943dbd5906
3b8daa6b3e267461ed419cb794a09eadaaa239c5ca436e1b09fd998aa6e49c58
3fdd893b46f05baf8b945ce99a5ed09a8d1d32c1e3b4079647ad6dae1a8d1d95
46aa19321717d6d757b0dba70a3c940146d933117104306e2d0b8b1ca2275300
473f47eb4596900e43b2828d59ee3b51e55262e24007450e0d950e41fca848cd
485f52d4200d8a826306421ad0e593f2b8edc47a5165987a12f9c252a8ea473d
4b5f45148800f3a908c788c10b0f6296edeff201d9e87b967f65de87ae7b2fc4
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50557e846f915fe618b63dd4951b310b7102cd71dd19677ecc6c1b3739184a3b
547cd1e6e291046df9ca628fd34dbd78811e45598f87cdd8d6b2f0469a30809b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549ae36042b26793f826591ac5a693827a04bf7eff5442a8f180fcbd423589fb
55acfeac9aacc1bd94290b8e938858ba566f5fe36ce58b8803d3aa109ccf40cb
58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc
5b4f609748c90b074dbab5c9c530152a81ed3bea932b06408d597f1e029ee934
5c378e6b40b62362b330364a4ecc41344758358c88fe94f8d1b7cf9451871659
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d2980caa97dde3170f5a160715e21c83b055ba05ca97953fc9ff1c0c6690074
5eea4732bfc6b64c8eac60743d15001c3dd4672b8ba9aaee6b5de6817f222035
612cb4d1579e21f7fb4a9a3d4fe70e86a62f25f812bae8b9c1cad2aa3f2141c9
66f5ad12b678679a1b9ea08d55d40e65640bbedf632bfb8299780d77ad18598a
6990373e2eb29837feec05813a7c9a551a3ce69d4329eebfc00cc165e2ee9658
70730a79923b9307b6e75d3dea5455b79205da236cb3aa7e6d6a277deb3ee4ac
73258e5985a6c36570b2ff5708dae50b54620bd76b62d3d1245d6bc05c39ec7c
745cff35a28dbe94291bfa7d656a81f9052d57cf9447771bd3ec4f5fa9cac721
76fe9ba784883e59a1775f7f0e91b24683ed0cf0a9e5c6a28188a1384f326f99
7ae35521305205c6eda8e58426e4fb6b166723b818e4f5432b77309ac5012202
7c964ca4714d81d634b96f2653e322ddeca3efb12821e02cb9470d82ea94e7e9
83940dd8ef37c86ef168b30d2304b1be2032fb96d22e59389e39fdc9fef1cbac
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87707e5c46ec3d7ddd07e9dee8401f0cc34cebe4af77871a17ea1c2d0a7ae2fb
88fe79a8f7f34261047787e153b4288302a0d3d70081018f7bf20193f5a9bea7
8c8ef78717039d75451e95fb080bd35a4989c279f6fcc16a8dba84d68c4c9a15
8de0bdd2e46d412185ef05b92809d33a601ad783b360ed6135f3fa0228599332
8e304bc419e922cbebbcb73f25eac19ebe7c03faf6314aa78fd43ba7d3ab1549
91a143c3093ec6151278c58ae618ed7eeb19403ceb9757c6e27fe15639261d57
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94b471e880d0490427f9590ea60a3ff889f166ba3a6a80952c72835c5c857895
96eda817305eaac17cfaa10bb8c7fb1f18e713485fcaede1ad96346fc68e8e96
974dbc0875df1395c14e8e42da2666ba527bac5cffafabb1a40c169e26baea7b
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9e3d9aac8a31326e8305fdd83df8eb5b418f25a69bd0b462cc899a1a51a7b819
a3753238ae5b3e6fa0b48a3784e51d250126decdb72723a8f1762f7844ab7c36
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a13497d8b33b79e1227a6682eb0e723a00f6a6457d2ab2fbd1fcf31681e1f4
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
af93f964a744f5f6607c7afdae9c9d359139dae9f565ae9685d81dd08f765d78
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b98ba3cb2615785d15233cb2ca3038193fe4e841578724ac227b2007590e4eeb
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c23c07af6fbacbe4d12ab645f6b1a4c29f043ee69726f7c214096efce1acd2d7
c87bda545eac48797860090376889d183a08375e241b5a51df64eb057edcd679
cf64184733e080faedbd7e7d2ecd92fb772b83c7e83c384c98430d3087038036
d0f3a345b4d4146c94841af8f7b9afffa5a4aca2a1f38c6ea88f1c337245c323
d296e3f59df073020339ed177273bc5e8f8ec12eacfafae19a2466be4644270f
d92f39864a371feff4a758479313437fcdaa61a2da70f958ef52b4299d27556c
db94a7667b59c8195198dbb69e1268f8825dd4f5cb42ac353f1530ce0f100761
dca0cb9d2ab7325de806281f394ab80fb7eddd11fcf2e39c46753f4085fc30e4
def07c59b3a697ac9b50163ffeb04c729cabdc23630f058079aa85114603e93e
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e1e9790770f2761e989f338be8cd2560a696a4b3f0013219e91f357546eaf668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8347776c26f31a4fc9620eb0b1e2b75b7be24691b3d92eea3dbe148ce1d68cf
e8efb24dd4f3e97a19a8f2a3efe606c52fb1f9275acdc99ea55800aa0d788026
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d63651f8f4e94c0075f68b3b2166753b88ea1f7559e0584d528f696b1576e9

grouple.co Open in urlscan Pro 213.152.186.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

133 Requests

86 %HTTPS

40 %IPv6

35 Domains

51 Subdomains

37 IPs

7 Countries

1730 kBTransfer

4164 kBSize

40 Cookies

134 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

grouple.co Open in urlscan Pro
213.152.186.44 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

86 %
HTTPS

40 %
IPv6

35
Domains

51
Subdomains

37
IPs

7
Countries

1730 kB
Transfer

4164 kB
Size

40
Cookies

133 HTTP transactions
1 data transactions