urlscan.io logo urlscan.io
SecurityTrails logo

egrupos.net Open in urlscan Pro
72.9.147.138  Public Scan

Go To Rescan Add Verdict Report
URL: http://egrupos.net/
Submission Tags: tranco_l324
Submission: On March 15 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 60 HTTP transactions. The main IP is 72.9.147.138, located in United States and belongs to DFW-DATACENTER, US. The main domain is egrupos.net.
This is the only time egrupos.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    72.9.147.138 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: egrupos.net
egrupos.net
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
23    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
40    2a01:71c1:169:1:401::f (Spain)

ASN198066 (LOADING, ES)
deepskycolors.com
www.deepskycolors.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
40 deepskycolors.com
deepskycolors.com
www.deepskycolors.com
2 KB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
573 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
74 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188
70 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
2 KB
2 egrupos.net
egrupos.net
35 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
274 B
60 8
Domain Requested by
21 pagead2.googlesyndication.com egrupos.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
20 www.deepskycolors.com egrupos.net
20 deepskycolors.com 20 redirects
5 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net egrupos.net
connect.facebook.net
2 fonts.googleapis.com egrupos.net
pagead2.googlesyndication.com
2 egrupos.net egrupos.net
1 www.gstatic.com pagead2.googlesyndication.com
1 www.facebook.com egrupos.net
60 11
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://egrupos.net/
Frame ID: 444390070F1C2C973AECAA4C6591FB32
Requests: 37 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&adk=1812271804&adf=3025194257&lmt=1681068914&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=190x1080_l%7C140x1080_r&format=0x0&url=http%3A%2F%2Fegrupos.net%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&dt=1710475396985&bpp=11&bdt=417&idt=161&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5590097572397&frm=20&pv=2&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=1&uci=a!1&fsb=1&dtd=178
Frame ID: E90DDF8E15E4C62FA4B6CA3969A72592
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Frame ID: AD1EBBAAAC8CA041AE4C4FA198E67D85
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=1444023733&adf=1455669288&pi=t.aa~a.2791258029~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475397533&bpp=1&bdt=965&idt=1&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=3&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=3476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: EB894F36833FF2C08EE745F028F48B5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: DE67C8869639470180E956481A5ADEBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: B145707B873959F31255B188C08620FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 0CD3EBCF4E7BC88C7FD1CE5A7BE415F1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: 54785E7215924E64A34090419DD4C021
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE72618A77CD4E984CD2B9117382F3D8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rogelio Bernal Andreo, Astrophotography - DeepSkyColors.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

60
Requests

62 %
HTTPS

90 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

767 kB
Transfer

2150 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://deepskycolors.com/astro/icons/facebook-icon.png HTTP 301
  • https://www.deepskycolors.com/astro/icons/facebook-icon.png
Request Chain 4
  • https://deepskycolors.com/astro/icons/IG.jpg HTTP 301
  • https://www.deepskycolors.com/astro/icons/IG.jpg
Request Chain 5
  • https://deepskycolors.com/astro/icons/Flickr.png HTTP 301
  • https://www.deepskycolors.com/astro/icons/Flickr.png
Request Chain 6
  • https://deepskycolors.com/astro/icons/Wikipedia-icon.png HTTP 301
  • https://www.deepskycolors.com/astro/icons/Wikipedia-icon.png
Request Chain 8
  • https://deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg HTTP 301
  • https://www.deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg
Request Chain 9
  • https://deepskycolors.com/astro/RBA/atc.png HTTP 301
  • https://www.deepskycolors.com/astro/RBA/atc.png
Request Chain 10
  • https://deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg HTTP 301
  • https://www.deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg
Request Chain 11
  • https://deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg HTTP 301
  • https://www.deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg
Request Chain 12
  • https://deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg HTTP 301
  • https://www.deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg
Request Chain 13
  • https://deepskycolors.com/astro/RBA/CloudsOfOrion.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/CloudsOfOrion.jpg
Request Chain 14
  • https://deepskycolors.com/astro/RBA/McWay.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/McWay.jpg
Request Chain 15
  • https://deepskycolors.com/astro/RBA/MW_ALL_800short.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/MW_ALL_800short.jpg
Request Chain 16
  • https://deepskycolors.com/astro/RBA/M31.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/M31.jpg
Request Chain 17
  • https://deepskycolors.com/astro/RBA/Twist.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/Twist.jpg
Request Chain 18
  • https://deepskycolors.com/astro/RBA/Arriba.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/Arriba.jpg
Request Chain 19
  • https://deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg
Request Chain 20
  • https://deepskycolors.com/astro/RBA/Punaluu_Magic.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/Punaluu_Magic.jpg
Request Chain 21
  • https://deepskycolors.com/astro/RBA/Reaching.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/Reaching.jpg
Request Chain 22
  • https://deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg HTTP 301
  • https://www.deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg
Request Chain 24
  • https://deepskycolors.com/astro/misc/consb.jpg HTTP 301
  • https://www.deepskycolors.com/astro/misc/consb.jpg

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
egrupos.net/ 		27 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://egrupos.net/
Protocol
HTTP/1.1
Server
72.9.147.138 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
egrupos.net
Software
Apache /
Resource Hash
71dd0c43eeabdd481d10ee7b983620aec38d2d16ff128a3a592eaf819455cf55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
27859
Content-Type
text/html
Date
Fri, 15 Mar 2024 04:03:15 GMT
ETag
"6cd3-5f8ec5b799b6c"
Keep-Alive
timeout=15, max=100
Last-Modified
Sun, 09 Apr 2023 19:35:14 GMT
Server
Apache
css
fonts.googleapis.com/ 		2 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?subset=latin-ext&family=Quicksand%3A300%7CQuicksand
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c208d20217e3af26b2e4791f6b33767837b6be0efc4da522e2ca6326c7f536fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Mar 2024 04:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 04:03:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Mar 2024 04:03:16 GMT
styles.css
egrupos.net/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://egrupos.net/styles.css
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
HTTP/1.1
Server
72.9.147.138 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
egrupos.net
Software
Apache /
Resource Hash
f4fac9077364bbaaf7eaa0e6e4a00913b648315102c46e4fa547b3843fbd0710

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 15 Mar 2024 04:03:16 GMT
Last-Modified
Sun, 09 Apr 2023 22:02:04 GMT
Server
Apache
ETag
"1d16-5f8ee68a1599a"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
7446
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9190240321441744
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d87280c147696fc9ac4e6b677c9eeb5a64bd9035231e4effd844392d61136075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Origin
http://egrupos.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 04:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51006
x-xss-protection
0
server
cafe
etag
613120056415320280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 15 Mar 2024 04:03:16 GMT
facebook-icon.png
www.deepskycolors.com/astro/icons/
Redirect Chain
  • https://deepskycolors.com/astro/icons/facebook-icon.png
  • https://www.deepskycolors.com/astro/icons/facebook-icon.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/icons/facebook-icon.png
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/icons/facebook-icon.png
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
IG.jpg
www.deepskycolors.com/astro/icons/
Redirect Chain
  • https://deepskycolors.com/astro/icons/IG.jpg
  • https://www.deepskycolors.com/astro/icons/IG.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/icons/IG.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/icons/IG.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Flickr.png
www.deepskycolors.com/astro/icons/
Redirect Chain
  • https://deepskycolors.com/astro/icons/Flickr.png
  • https://www.deepskycolors.com/astro/icons/Flickr.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/icons/Flickr.png
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/icons/Flickr.png
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Wikipedia-icon.png
www.deepskycolors.com/astro/icons/
Redirect Chain
  • https://deepskycolors.com/astro/icons/Wikipedia-icon.png
  • https://www.deepskycolors.com/astro/icons/Wikipedia-icon.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/icons/Wikipedia-icon.png
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/icons/Wikipedia-icon.png
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
794974be32fa6ddca9a8c4f220fb13ee8c3054eec9565555dd40fd99a3fc3940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 15 Mar 2024 04:03:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54115
X-XSS-Protection
0
Server
cafe
ETag
1064047412318323092
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Fri, 15 Mar 2024 04:03:16 GMT
ella-leap-of-chance.jpg
www.deepskycolors.com/pics/thumbs/new/pr/
Redirect Chain
  • https://deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg
  • https://www.deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
atc.png
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/atc.png
  • https://www.deepskycolors.com/astro/RBA/atc.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/atc.png
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/atc.png
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
RBA_DS_CloudsOfAndromeda_800.jpg
www.deepskycolors.com/pics/thumbs/
Redirect Chain
  • https://deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg
  • https://www.deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
RBA_NS_MoonlightFirefall_800px.jpg
www.deepskycolors.com/pics/thumbs/
Redirect Chain
  • https://deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg
  • https://www.deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
MWRho_Home_800px.jpg
www.deepskycolors.com/pics/thumbs/
Redirect Chain
  • https://deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg
  • https://www.deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
CloudsOfOrion.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/CloudsOfOrion.jpg
  • https://www.deepskycolors.com/astro/RBA/CloudsOfOrion.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/CloudsOfOrion.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/CloudsOfOrion.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
McWay.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/McWay.jpg
  • https://www.deepskycolors.com/astro/RBA/McWay.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/McWay.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/McWay.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
MW_ALL_800short.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/MW_ALL_800short.jpg
  • https://www.deepskycolors.com/astro/RBA/MW_ALL_800short.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/MW_ALL_800short.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/MW_ALL_800short.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
M31.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/M31.jpg
  • https://www.deepskycolors.com/astro/RBA/M31.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/M31.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/M31.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Twist.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/Twist.jpg
  • https://www.deepskycolors.com/astro/RBA/Twist.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/Twist.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/Twist.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Arriba.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/Arriba.jpg
  • https://www.deepskycolors.com/astro/RBA/Arriba.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/Arriba.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/Arriba.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Rho%20Ophiuchus.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg
  • https://www.deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Punaluu_Magic.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/Punaluu_Magic.jpg
  • https://www.deepskycolors.com/astro/RBA/Punaluu_Magic.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/Punaluu_Magic.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/Punaluu_Magic.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
Reaching.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/Reaching.jpg
  • https://www.deepskycolors.com/astro/RBA/Reaching.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/Reaching.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/Reaching.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
StrikingSynchronicity.jpg
www.deepskycolors.com/astro/RBA/
Redirect Chain
  • https://deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg
  • https://www.deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
fbevents.js
connect.facebook.net/en_US/ 		216 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Mar 2024 04:03:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57631
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
szMnnP0c0HhD9w9FCmp9lI7RbQA4l8NwNQzlu20oGdVhWPmZHoWorRaDU0/EanrSlQ7ZWqTnNC+3/x85BKE5ig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
consb.jpg
www.deepskycolors.com/astro/misc/
Redirect Chain
  • https://deepskycolors.com/astro/misc/consb.jpg
  • https://www.deepskycolors.com/astro/misc/consb.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deepskycolors.com/astro/misc/consb.jpg
Requested by
Host: egrupos.net
URL: http://egrupos.net/styles.css
Protocol
H2
Server
2a01:71c1:169:1:401::f , Spain, ASN198066 (LOADING, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://www.deepskycolors.com/astro/misc/consb.jpg
date
Fri, 15 Mar 2024 04:03:16 GMT
server
nginx
content-length
162
content-type
text/html
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?subset=latin-ext&family=Quicksand%3A300%7CQuicksand
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://egrupos.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 22:23:24 GMT
x-content-type-options
nosniff
age
279592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 22:23:24 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c383428eadc30ec73d0ccc7f7c3f426d3f0238701efcf0ba8f365696ba7b9d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 04:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140992
x-xss-protection
0
server
cafe
etag
7884578838235283025
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 04:03:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=548936911729720&num=0&dvc=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 04:03:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1827124994200424
connect.facebook.net/signals/config/ 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1827124994200424?v=2.9.149&r=stable&domain=egrupos.net&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1826258ad53a439b9b9530bb9768d0e30fd39445d88d1a6f378de08f39bf0e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Mar 2024 04:03:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=64, mss=1294, tbw=62751, tp=-1, tpl=-1, uplat=66, ullat=0
pragma
public
x-fb-debug
NvfrQ/INOlX/8RrEKwlSpwaiShodz1vM81LkKJzTN71+668ofib5VHuZBkAMhER4tmpi0DBOjBmJs75XQ0aPiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1827124994200424&ev=PageView&dl=http%3A%2F%2Fegrupos.net%2F&rl=&if=false&ts=1710475397119&sw=1600&sh=1200&v=2.9.149&r=stable&ec=0&o=4126&fbp=fb.1.1710475397119.498064264&ler=empty&cdl=API_unavailable&it=1710475397019&coo=false&rqm=GET
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 15 Mar 2024 04:03:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ads
pagead2.googlesyndication.com/pagead/ Frame E90D 		309 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&adk=1812271804&adf=3025194257&lmt=1681068914&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=190x1080_l%7C140x1080_r&format=0x0&url=http%3A%2F%2Fegrupos.net%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&dt=1710475396985&bpp=11&bdt=417&idt=161&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5590097572397&frm=20&pv=2&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=1&uci=a!1&fsb=1&dtd=178
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc4b12260566e7fd1705f8656d1a67bc48c8c08d9917c396f0317632cdc49ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
58374
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 04:03:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame AD1E 		115 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef14892d5256cc43dde4487ecee7f4ca79476959cff5c2ca17ec3e5deebc47ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
39884
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 04:03:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
315467c9be978ea6b223b2d940e8ab78e103b91372514cdca2397751cef2614b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 04:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57254
x-xss-protection
0
server
cafe
etag
7760403272085071896
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 04:03:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=483911876406020&num=0&dvc=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 04:03:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame EB89 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=1444023733&adf=1455669288&pi=t.aa~a.2791258029~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475397533&bpp=1&bdt=965&idt=1&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=3&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=3476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 04:03:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-9190240321441744&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20240313_103608&sat=1710425639023&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=1&mdns=0&alldns=0.146&allp=6&fd=(0%2C5%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=3844&abl=false&rr=n&su=egrupos.net&pvc=601340417054024&r=0.1&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785
Requested by
Host: egrupos.net
URL: http://egrupos.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 04:03:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame DE67 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29355
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 19:54:02 GMT
etag
5035419970550746386
expires
Thu, 28 Mar 2024 19:54:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame B145 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29355
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 19:54:02 GMT
etag
5035419970550746386
expires
Thu, 28 Mar 2024 19:54:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 0CD3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29355
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 19:54:02 GMT
etag
5035419970550746386
expires
Thu, 28 Mar 2024 19:54:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame AD1E 		4 KB
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Mar 2024 04:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 02:05:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Mar 2024 04:03:18 GMT
load_preloaded_resource_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AD1E 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
35491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 18:11:47 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame AD1E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 21:43:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
22784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 21:43:34 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AD1E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 21:43:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
22784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 21:43:34 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AD1E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
35491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 18:11:47 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AD1E 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 03:43:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
1184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 04:43:34 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame AD1E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 03:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 12:59:22 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/17441931137348843580/ Frame AD1E 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17441931137348843580/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb77d8099ea0d3153815d323f5b4fa9461dc6aa8003bd9179f4a475a4b35f89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Thu, 13 Mar 2025 13:29:05 GMT
date
Wed, 13 Mar 2024 13:29:05 GMT
x-content-type-options
nosniff
age
138853
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35748
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 11:51:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2513003651320284106
tpc.googlesyndication.com/simgad/ Frame AD1E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2513003651320284106?w=100&h=100&tw=1&q=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da400f905da0f4db3d8bad4aba98f21bd5b3c1caf24e93d395de56b4b1d0b4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Thu, 13 Mar 2025 13:47:50 GMT
date
Wed, 13 Mar 2024 13:47:50 GMT
x-content-type-options
nosniff
age
137728
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3566
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 09:37:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame AD1E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b5bcb4082066be0bb8e684a6db9609829860e945bbdaadacdcbcbd8102eb43f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AD1E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pagead2.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 01:17:56 GMT
x-content-type-options
nosniff
age
269122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 01:17:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AD1E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pagead2.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 04:10:19 GMT
x-content-type-options
nosniff
age
258779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 04:10:19 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame AD1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C8FeAhcjzZdyJDJbVjuwP1YeD4Aa38qiwduvvwvKqEuKbpoaJKhABIOKvh0tglfqagqwHoAHz-9HLA8gBCagDAcgDywSqBMIBT9A6EZdTmC3OTmXuwCX5v7ehwv5zIPs5UnKKfOg7Usg3rNI297ImxApI19MnBqQX9E-qGXLi8SD0VPWANBG5BMqdqcO0Nxw4Caqd6CSqSW69cbo662flXGQhXoUtpg5FFglcPi4RUXLc0I5X9gQ3yCZLC528kqfnJ0ME5PWIfHzZwfdlzU-6JqdMeWzzLW6EEZCHq4pBMIJN2GcXT3AdJsIlcenMB2AZzpJFCRHCVIhrCOChvSvDSML5tOCSXGOaq7HABJ7DwrbIBIgF3YrfwU6SBQQIBBgBkgUECAUYBKAGLoAHzLLTmQGoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBC1ggrSCCoIkeGAcBABGB8yB-uLgOC_gA06CACAgICAgJQoSL39wTpYxLrJs7H1hAOaCUZodHRwczovL3d3dy5hbmFudGFyYS5jb20vZW4vcmFzYW5hbmRhLWtvaC1waGFuZ2FuL29mZmVycz9nY2xzcmM9YXcuZHMmgAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi05MTkwMjQwMzIxNDQxNzQ0GACyGAkSApFUGC4iAQA&sigh=tNHLHwy3vTA&uach_m=%5BUACH%5D&ase=2&template_id=484&cbvp=2&vis=1&nis=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Mar 2024 04:03:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
pagead2.googlesyndication.com/bg/ Frame 5478 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 18:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
207463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20251
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Mar 2025 18:25:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AD1E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyygELj1Z9GPMK6yP03DisWpC0xAo-DKHdZuXF4N9KPEKtin5V4AYBbklvx6muBn61TnxFGTO1t-1AI0t8zQ7oSTaQPOWn2t-LrkQRYni3_z3s-U-Z3tBhxqdukD9kZqFQxDE_-PiMqpCdVmS0EmGoV3T1b2Q5b_hHoSnmVCs&sig=Cg0ArKJSzB_xVy_3bVT4EAE&id=lidar2&mcvt=1002&p=0,0,280,747&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2178168716&rs=2&la=0&cr=0&vs=4&r=v&co=640819800&rst=1710475397172&rpt=991&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9190240321441744&output=html&h=280&adk=2178168716&adf=2727447745&pi=t.aa~a.356315161~rp.1&w=747&fwrn=4&fwrnh=100&lmt=1681068914&rafmt=1&to=qs&pwprc=3392830037&format=747x280&url=http%3A%2F%2Fegrupos.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1710475396996&bpp=2&bdt=427&idt=174&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5590097572397&frm=20&pv=1&ga_vid=2044984230.1710475397&ga_sid=1710475397&ga_hid=1619398784&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95326316%2C95327950%2C95327955%2C95320378%2C95322397%2C95325785&oid=2&pvsid=601340417054024&tmod=1861543491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 04:03:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e24ddec8108a6e425117e58509ca5b377f784715bb444677b0fc3483b2c7a02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 04:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12338
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9190240321441744&plah=egrupos.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 04:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 04:03:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE72 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://egrupos.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 21:43:34 GMT
expires
Fri, 14 Mar 2025 21:43:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame DE72 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 21:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
22787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 21:43:35 GMT
generate_204
tpc.googlesyndication.com/ Frame DE72 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?08MMkQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 04:03:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=601340417054024&bg=!ubqluvXNAAY_ejuoH3o7ADQBe5WfOFy_2zgtBKrO_h2iJNemKilYPHCi56pxcR2lhM-Vq1ID403280LMChh2T17_zP98AgAAADJSAAAAAmgBB5kCvrRc9_SxO7wk3GWohP7cqoy_eAT-GGxTfo13nIcMuXyKAx6choXlq2MH_Xf8yEJSzjivEc4sT7HB9ZJ1PMS2Jhqbx5VxcZI0IWJx44O3TJxfzC1mhwQHs2dyLzUCc6_MSsEq_riuO7lpKgrNiJ4G6u9Kxlu42CP_85O8z7DhbcyQQYVP4BpCOsSqgKTqSiq-l1z_bI5SxOZNO5rpYNwWIuzkMcA-IQqxzBGsxmmaxQcsTogH8rgEhawjUiVxhhk_loYQoldE7wcYzNsk7B04uaJmHZ7k0fZNLVlq3aofx67yROUP3eyvNLK3J0gegjfaUH3EJGf-Jb-Unao-EKfTI6M-zIlCh6vP8kpHRSlqoTxpbP066_GP5UgxWZgY0zYYYW2_ERCr9tYV67_i3-ZBvrHyYpG4PEYndKSF4uS5BG-K-FkqMxXINMNsiRyrZAa_6AgC7xs2tm0FuotZdur-KPW90Jp2MqdGAwIB882MbUrJ_p-6lv-Wb1-WNpM9fQk3NhwWt8CrilKg-T8CUCl5f2xHGw0NSyN5zyHRD7rvFMavSWN8Ynr8A8htbXByVu7QhFmUrNQGEPvsx_hIWzDZCcWI0LGzCfFqWJcAehwCMDbv3z8jfL3hobo33vWnlpkW8achWDTEOyu4aE9_2sZPTOyrNAuIxgq_ShaCKSShBXWnFIw2jwsiHXJ568MIOzesaP8TlxvaC9BYb6q37ZnhE5RiF2hFstW-fC7OKJaTWSLtkJcJr9Aamq7lAt1cOD0Mq01LXuVD7j8AuZz5ReqbW_xU-KPpW7zaLi-RDgoxwscgN8w6caD6LD5haNu2yoZZVRN4ao1Ixw1MhHGiO0dMqeKOgC9T3LrzAroeZ7LDwX3hgZVMfJYjcefMNKdnKwWlrPr9aHcJTb-hXsPRPZ_kqKv8zxc1Txwyb_OmDmdAPQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://egrupos.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| fbq function| _fbq function| switchDiv object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
.egrupos.net/ Name: _fbp
Value: fb.1.1710475397119.498064264
.egrupos.net/ Name: __eoi
Value: ID=94b9d601d6ecf590:T=1710475397:RT=1710475397:S=AA-Afjbih3kv_gpr7kLSBjUNmahM

21 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1827124994200424?v=2.9.149&r=stable&domain=egrupos.net&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://www.deepskycolors.com/astro/RBA/CloudsOfOrion.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/icons/Wikipedia-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/icons/facebook-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/icons/IG.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/icons/Flickr.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/pics/thumbs/new/pr/ella-leap-of-chance.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/atc.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/pics/thumbs/RBA_DS_CloudsOfAndromeda_800.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/pics/thumbs/RBA_NS_MoonlightFirefall_800px.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/Twist.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/misc/consb.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/M31.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/Punaluu_Magic.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/Rho%20Ophiuchus.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/pics/thumbs/MWRho_Home_800px.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/McWay.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/Reaching.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/Arriba.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/MW_ALL_800short.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deepskycolors.com/astro/RBA/StrikingSynchronicity.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
deepskycolors.com
egrupos.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.deepskycolors.com
www.facebook.com
www.gstatic.com
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:831::2001
2a01:71c1:169:1:401::f
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
72.9.147.138
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
315467c9be978ea6b223b2d940e8ab78e103b91372514cdca2397751cef2614b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4b5bcb4082066be0bb8e684a6db9609829860e945bbdaadacdcbcbd8102eb43f
4dc4b12260566e7fd1705f8656d1a67bc48c8c08d9917c396f0317632cdc49ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
71dd0c43eeabdd481d10ee7b983620aec38d2d16ff128a3a592eaf819455cf55
794974be32fa6ddca9a8c4f220fb13ee8c3054eec9565555dd40fd99a3fc3940
85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
a1826258ad53a439b9b9530bb9768d0e30fd39445d88d1a6f378de08f39bf0e4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c208d20217e3af26b2e4791f6b33767837b6be0efc4da522e2ca6326c7f536fb
c383428eadc30ec73d0ccc7f7c3f426d3f0238701efcf0ba8f365696ba7b9d8e
cb77d8099ea0d3153815d323f5b4fa9461dc6aa8003bd9179f4a475a4b35f89f
d87280c147696fc9ac4e6b677c9eeb5a64bd9035231e4effd844392d61136075
da400f905da0f4db3d8bad4aba98f21bd5b3c1caf24e93d395de56b4b1d0b4b1
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e24ddec8108a6e425117e58509ca5b377f784715bb444677b0fc3483b2c7a02f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef14892d5256cc43dde4487ecee7f4ca79476959cff5c2ca17ec3e5deebc47ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fac9077364bbaaf7eaa0e6e4a00913b648315102c46e4fa547b3843fbd0710
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615