www.groupchaton.com Open in urlscan Pro
142.250.186.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://group4whatsapp.co/
Effective URL:
https://www.groupchaton.com/
Submission: On November 23 via api (November 23rd 2023, 2:44:20 am UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 20 domains to perform 42 HTTP transactions. The main IP is 142.250.186.115, located in United States and belongs to GOOGLE, US. The main domain is www.groupchaton.com.
TLS certificate: Issued by GTS CA 1D4 on October 1st 2023. Valid for: 3 months.

This is the only time www.groupchaton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
2	142.250.186.115 142.250.186.115	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
12	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
3 3	172.67.205.138 172.67.205.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.173.62 104.17.173.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.150.247.36 169.150.247.36	60068 (CDN77 ^_^) (CDN77 ^_^)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	142.250.186.73 142.250.186.73	15169 (GOOGLE) (GOOGLE)
3	172.64.100.11 172.64.100.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1 2	207.241.237.3 207.241.237.3	7941 (INTERNET-...) (INTERNET-ARCHIVE)
2	104.21.41.60 104.21.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.46.210 104.21.46.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	18

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

group4whatsapp.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.115 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f19.1e100.net

www.groupchaton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

hub.orthemes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.205.138 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

onclickalgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.173.62 (None, )

ASN13335 (CLOUDFLARENET, US)

velocecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-36.datapacket.com

seals.ssltrust.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.73 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.100.11 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.241.237.3 (Pleasanton, United States) 1 redirects

ASN7941 (INTERNET-ARCHIVE, US)

web.archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.41.60 (None, )

ASN13335 (CLOUDFLARENET, US)

superonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.46.210 (None, )

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

discovernative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12682	1 MB
3	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 26862
3	velocecdn.com velocecdn.com — Cisco Umbrella Rank: 127708	106 KB
3	onclickalgo.com 3 redirects onclickalgo.com — Cisco Umbrella Rank: 115668	1 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	239 KB
3	orthemes.com hub.orthemes.com	104 KB
2	superonclick.com superonclick.com — Cisco Umbrella Rank: 313928	6 KB
2	archive.org 1 redirects web.archive.org — Cisco Umbrella Rank: 31832	9 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	184 KB
2	groupchaton.com www.groupchaton.com	134 KB
1	discovernative.com discovernative.com — Cisco Umbrella Rank: 603489	479 B
1	ufpcdn.com ufpcdn.com — Cisco Umbrella Rank: 250248	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	257 B
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 10409	58 KB
1	ssltrust.com.au seals.ssltrust.com.au	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	746 B
1	group4whatsapp.co 1 redirects group4whatsapp.co	133 B
0	acscdn.com Failed acscdn.com Failed
42	20

	Domain	Requested by
12	blogger.googleusercontent.com	www.groupchaton.com
3	youradexchange.com	onclickalgo.com
3	velocecdn.com	www.groupchaton.com
3	onclickalgo.com	3 redirects
3	pagead2.googlesyndication.com	www.groupchaton.com pagead2.googlesyndication.com
3	hub.orthemes.com	www.groupchaton.com
2	superonclick.com	www.groupchaton.com
2	web.archive.org	1 redirects www.groupchaton.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.googletagmanager.com	www.groupchaton.com
2	www.groupchaton.com	www.groupchaton.com
1	discovernative.com	www.groupchaton.com
1	ufpcdn.com	superonclick.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.blogger.com	www.groupchaton.com
1	www.gstatic.com	www.groupchaton.com
1	seals.ssltrust.com.au	www.groupchaton.com
1	fonts.googleapis.com	www.groupchaton.com
1	group4whatsapp.co	1 redirects
0	acscdn.com Failed	www.groupchaton.com
42	21

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.whatsapp.com
vk.com
www.facebook.com
www.instagram.com
www.group4whatsapp.com
www.group4whatsup.com
discovernative.com
www.ssltrust.com.au
g.page
www.blogger.com

Subject Issuer	Validity	Valid
www.groupchaton.com GTS CA 1D4	`2023-10-01` - `2023-12-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
orthemes.com GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
seals.ssltrust.com.au R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
superonclick.com GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
ufpcdn.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
discovernative.com E1	`2023-11-05` - `2024-02-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.groupchaton.com/
Frame ID: 5E42773B5551B2D7656AC990DA8A482E
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 44B08E7E5DF72AD30ED1A94F01C828C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5935207738848708&output=html&adk=1812271804&adf=3025194257&lmt=1700646590&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.groupchaton.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700707430492&bpp=22&bdt=1874&idt=611&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4557500775960&frm=20&pv=2&ga_vid=1286758953.1700707431&ga_sid=1700707431&ga_hid=1207760149&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079653%2C44807764%2C44808149%2C44808285%2C44809055%2C44809072%2C318512601&oid=2&pvsid=3900200150148938&tmod=857327945&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=687
Frame ID: 7853C2A5A45634AFA80256B4AA342B88
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 8CA8D69AE3F355548609D28031F94097
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GroupChatOn

Page URL History Show full URLs

https://group4whatsapp.co/ HTTP 301
https://www.groupchaton.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

42
Requests

88 %
HTTPS

0 %
IPv6

20
Domains

21
Subdomains

18
IPs

4
Countries

2169 kB
Transfer

4967 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@Group4WhatsUp?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.whatsapp.com/channel/0029Va5YU9FAe5VlZNDlzO0E

Search URL Search Domain Scan URL

URL: https://vk.com/imgroup4whatsup

Search URL Search Domain Scan URL

URL: https://www.facebook.com/group4whatsup/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/group4whatsup/

Search URL Search Domain Scan URL

URL: https://www.group4whatsapp.com/
Title: group4whatsapp.com

Search URL Search Domain Scan URL

URL: https://www.group4whatsup.com/
Title: group4whatsup.com

Search URL Search Domain Scan URL

URL: https://discovernative.com/al/visit.php?al=1,7

Search URL Search Domain Scan URL

URL: https://www.ssltrust.com.au/security-report?domain=groupchaton.com

Search URL Search Domain Scan URL

URL: https://g.page/r/CdOZTiRkJcdQEBE/review

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://discovernative.com/al/visit.php?al=1,4

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://group4whatsapp.co/ HTTP 301
https://www.groupchaton.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://onclickalgo.com/a/display.php?r=6809478 HTTP 302
https://velocecdn.com/script/banner.js?r=6809478

Request Chain 22

https://onclickalgo.com/a/display.php?r=6809478 HTTP 302
https://velocecdn.com/script/banner.js?r=6809478

Request Chain 29

https://onclickalgo.com/a/display.php?r=6809478 HTTP 302
https://velocecdn.com/script/banner.js?r=6809478

Request Chain 36

https://web.archive.org/web/20230323173631im_/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436 HTTP 302
https://web.archive.org/web/20230806074004im_/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.groupchaton.com/
Redirect Chain

https://group4whatsapp.co/
https://www.groupchaton.com/

1 MB
132 KB

1855ms
1178ms

Document
text/html

142.250.186.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.115 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f19.1e100.net

Software

GSE /

Resource Hash

df44ba8e9168b5c7194188d6c465bb3b8361a059de9816682896b367547e1c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 134655
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 02:43:47 GMT
etag: W/"da2c9375e457d4e2c5211b0ca971284a861ffd313610d08f3c4ad9027e53310c"
expires: Thu, 23 Nov 2023 02:43:47 GMT
last-modified: Wed, 22 Nov 2023 09:49:50 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 225
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 02:43:46 GMT
location: https://www.groupchaton.com/
server: ghs
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 441 B
746 B 494ms
38ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Jacques%20Francois:wght@300;400;500;700&display=swap

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

9328e9e0fc10b7b7ef33d26ab770669599403cbae22dd965560f48a2602be1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 02:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 02:43:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 02:43:49 GMT

GET
H2 200 plugins-1.8.min.css
hub.orthemes.com/static/themes/themeforest/salbuta/ 243 KB
28 KB 505ms
49ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hub.orthemes.com/static/themes/themeforest/salbuta/plugins-1.8.min.css

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

113713ca6bbfd0ba4c96ddd8454fddebba18772f72e113b8dc2672963dc9ebad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5037
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Oct 2023 00:05:37 GMT
server: cloudflare
etag: W/"2a22254-3cbe0-60779b31de347-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKUAzH33A%2BdjnfAEzkSJ%2FDi%2BBT8uQZLN49nQ11n3Zd6vuIGUjIobNmE%2Fzgq9iRyCqqpb5kJj%2FD7Js84ru%2BBEpVRdw94JF4SLqU%2F%2Fvz7vw%2Fe%2BsyA99wwBhvjb27SFNmbattcz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 82a6111859106adc-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 866ms
60ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E18KHMPRKE

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

25c15c1a43c3e928eab1e7bedfaa73cdea929a245a0f7a37ce3da03147efc74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93991
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 02:43:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 866ms
61ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5935207738848708&host=ca-host-pub-1556223355139109

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

82f3ba73eb0feec48ba0fca3df2e910a4ca9adcc125bd2e56bfa9ebbceea5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.groupchaton.com/
Origin: https://www.groupchaton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52719
x-xss-protection: 0
server: cafe
etag: 13118120491253871770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 02:43:50 GMT

GET
H2 200 Application.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZEGJ2uzXn6YiBk4ezEWCfSalK2myYjb1QytqT6XXCioN-SoPyOhg7MQzl0qLrxxu5EItWqLLdy9vAaTcq89vFY-g1rs1Q0MoXGAYm88aSLQozzmdLj-KJM-RlL6BN7L_As-JUsf201GT4v3gV... 16 KB
16 KB 871ms
416ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZEGJ2uzXn6YiBk4ezEWCfSalK2myYjb1QytqT6XXCioN-SoPyOhg7MQzl0qLrxxu5EItWqLLdy9vAaTcq89vFY-g1rs1Q0MoXGAYm88aSLQozzmdLj-KJM-RlL6BN7L_As-JUsf201GT4v3gVvk0UXHUQGTGDL7KYm87Fejz7O-B5K6msmM5QbUxTFA/w350/Application.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

3a2dd2a8f000b806cba073ffa25c2958dbe8409dd091e79409119470b5236831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b47d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Application.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16173
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:49 GMT

GET
H2

200

banner.js Show response
velocecdn.com/script/
Redirect Chain

https://onclickalgo.com/a/display.php?r=6809478
https://velocecdn.com/script/banner.js?r=6809478

105 KB
36 KB

865ms
52ms

Script
text/javascript

104.17.173.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/banner.js?r=6809478
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Server: 104.17.173.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fca84f1c50450a379b0583bafe60cf2053a2ab67bc378968b8ff7a88b6b326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3424
x-guploader-uploadid: ABPtcPrSO6WExzUsLbHFL_fN3LO0lNE65OgTkXTmekiU0VJIMFe3EJq1SanPaSUODnW5EzHSVRM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 21 Nov 2023 09:26:36 GMT
server: cloudflare
etag: W/"b48e6ae2b21e3be11f21ac4c042f70c3"
vary: Accept-Encoding
x-goog-hash: crc32c=OkCa6Q==, md5=tI5q4rIeO+EfIaxMBC9www==
x-goog-generation: 1700558796163159
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 107419
cf-ray: 82a6111e6fda9a0b-FRA
expires: Thu, 23 Nov 2023 06:43:50 GMT

Redirect headers

date: Thu, 23 Nov 2023 02:43:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://velocecdn.com/script/banner.js?r=6809478
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur5uwBH%2Fn%2Fct5WipsjkaplvTlxAWj%2BXzQcYSTIz4BVvxnaGVcBg36cMnlqsncYDdDnWyAPeVA1rq4gtck0JmhN5jGh1z3r6rfRq7dYOxB0nCpltECaQ%2BgSUDWjPa3j6HjHI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 82a611185b901965-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 Classifieds.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2AweVv7wIQ5Uu6L1HjEjnA2pGyVoO72wZ8toJK18XSdhH9AGuOQdusQPBE7z7L7KbvdVRbbxjOPcGukvNvI5sIF0Qu7kFu2mLoyOYGk0KFJF9EK73nQliLNnjCDgtU7sOxkrksWcyXpBNDXE1... 16 KB
16 KB 490ms
487ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2AweVv7wIQ5Uu6L1HjEjnA2pGyVoO72wZ8toJK18XSdhH9AGuOQdusQPBE7z7L7KbvdVRbbxjOPcGukvNvI5sIF0Qu7kFu2mLoyOYGk0KFJF9EK73nQliLNnjCDgtU7sOxkrksWcyXpBNDXE1gQNx6MnteZ51ilssTv7xYfx0ya2l0Xc-WR0RLVZAKw/w350/Classifieds.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

ccbafa06c6466bb24b0c6f7a3d4151b22d79b2b4549df1571535090e990f2368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b47b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Classifieds.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16370
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:49 GMT

GET
H2 200 Job%20search.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1f70DOLepFoosA54KTL5EqfyqZlgixzf6IiZRjmXVfF4kthJ2PyQf3peAOOnV4DLLMKeGR3H9JeI0ei8iYT4JvlO7_g9tJX_bNTBN6Pt0S82y94VWsSRanXwC0jd3ELQ-KKEoc8MRibI6P0PP... 16 KB
16 KB 470ms
468ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1f70DOLepFoosA54KTL5EqfyqZlgixzf6IiZRjmXVfF4kthJ2PyQf3peAOOnV4DLLMKeGR3H9JeI0ei8iYT4JvlO7_g9tJX_bNTBN6Pt0S82y94VWsSRanXwC0jd3ELQ-KKEoc8MRibI6P0PPI8GWPIvwTDV1Oxo1bUVkicRFeyo4ut42ewkFmOoFyg/w350/Job%20search.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

fc3d33ee5d7720ce3b32d06fceaf253e4ec6b7df6d41e3b1ac342814d2fbee05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b479"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Job search.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16234
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:49 GMT

GET
H2 200 Screenshot%202023-07-15%20at%203.05.23%20PM.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYfGKlJ_GRnxUJuyzMu4blurmCWGz5tgASuiZWV9qydd8HCvdpV1aoBKky5AQV79xxMFa95jRYrGLEwO5pFxjpxP2attux7UgnIU2uGiBVrhszJ8Ln7Ma-IXuQbx8kA571BCEM36UNjRQRnsz_... 78 KB
79 KB 473ms
472ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYfGKlJ_GRnxUJuyzMu4blurmCWGz5tgASuiZWV9qydd8HCvdpV1aoBKky5AQV79xxMFa95jRYrGLEwO5pFxjpxP2attux7UgnIU2uGiBVrhszJ8Ln7Ma-IXuQbx8kA571BCEM36UNjRQRnsz_SHBYkZ4jcF2mSnjUhHtWfPrFOdtmLeiWEGl2iA2kRFQV/s828/Screenshot%202023-07-15%20at%203.05.23%20PM.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

a95a75b99a078a911e7d2bbe867ca013cd313ab867faec96e9c32e85bcf6a56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d395"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Screenshot 2023-07-15 at 3.05.23 PM.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80258
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:49 GMT

GET
H2 200 report_small.png
seals.ssltrust.com.au/ 899 B
1 KB 863ms
53ms Image
image/png 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seals.ssltrust.com.au/report_small.png
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: b3100729ce1cc3d96321de58a4a4e648783da7d4c1f57af936864b6669d1859c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
cdn-edgestorageid: 1048
cdn-cachedat: 11/11/2022 03:13:36
cdn-pullzone: 81258
content-length: 899
last-modified: Tue, 13 Aug 2019 02:30:46 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "5d5220d6-383"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 92f1b7d8-7f45-45e3-99a0-2ddde25fd5f7
cache-control: public, max-age=31919000
cdn-requestid: 22fba658e4af52e2d9917a2e11a8a2ad
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 loader.js Show response
www.gstatic.com/charts/ 61 KB
19 KB 834ms
36ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18534
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 23 Nov 2023 03:11:42 GMT

GET
H2 200 AVvXsEgSAXQEiqy18jl8IuGDAO3zn9lEPxb31Vfibmn5d_DAaKvXAur4QV9yppH70YTljxUBD7KRRkY6Fa_ug1FxBwYKhUjP6Zh2wHOHyNE7IZa1UfI7Oyj5yrCmVw7sKTwm996CMKGn-Zxy8kdtHW7vdXwlbC_wVmymLzHQPzlCvbUF1q-T1veT8MaSYtAZ_w=s872
blogger.googleusercontent.com/img/a/ 338 KB
339 KB 880ms
862ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgSAXQEiqy18jl8IuGDAO3zn9lEPxb31Vfibmn5d_DAaKvXAur4QV9yppH70YTljxUBD7KRRkY6Fa_ug1FxBwYKhUjP6Zh2wHOHyNE7IZa1UfI7Oyj5yrCmVw7sKTwm996CMKGn-Zxy8kdtHW7vdXwlbC_wVmymLzHQPzlCvbUF1q-T1veT8MaSYtAZ_w=s872

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

be0fed54454a5a8b55199ac9708ffe00fbd3385f76df6ce6f4abf8b21bbe02ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ef9f"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="240_F_487632779_4PCLUT2KUWVVBoUOEtARI5hYX9kht0IQ-removebg-removebg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 346356
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:50 GMT

GET
H2 200 AVvXsEg22-jCUTH6yg8o1-zOYYtgyDgaYaB2rhCzZFUzJJ-4u883I0NbWydx1sBAq02g22Lh9VABTVnwKez5YR5D2pGgtVxQwhzqhdNPiB_A5SK6C2FXAXyT-Z1TdHZe4NCttjfoIbwyTl0-nDjWE38IyRIds9EO8wcZ_CEdynT_jOaRMAyqbR0oAXZuSm2mig=s976
blogger.googleusercontent.com/img/a/ 720 KB
720 KB 354ms
336ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEg22-jCUTH6yg8o1-zOYYtgyDgaYaB2rhCzZFUzJJ-4u883I0NbWydx1sBAq02g22Lh9VABTVnwKez5YR5D2pGgtVxQwhzqhdNPiB_A5SK6C2FXAXyT-Z1TdHZe4NCttjfoIbwyTl0-nDjWE38IyRIds9EO8wcZ_CEdynT_jOaRMAyqbR0oAXZuSm2mig=s976

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

2714a67eafee7d9859b9ceb8441e48d890dcf2ac1c2c4ccbb01976ce47225b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ef9b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="240_F_528101337_byFH5SB3lR4CFmq8rOhegJGJzibjRhZW (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 736857
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:49 GMT

GET
H2 200 plugins-1.8.min.js Show response
hub.orthemes.com/static/themes/themeforest/salbuta/ 231 KB
75 KB 44ms
43ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hub.orthemes.com/static/themes/themeforest/salbuta/plugins-1.8.min.js

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2faefc17e088c9384132d21080e6628e80e2f8e30794e115909b045bb6d3b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5037
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Oct 2023 00:05:38 GMT
server: cloudflare
etag: W/"2a232c5-39d56-60779b3239c24-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUjghmPXCXcAc9W0dPeRT%2FkjPO2gYoVJProhPi4F5WY3%2FBODJzfE0fRp%2FEjRrnMdTyb44w%2Bl3eIY5j6mdMPiqonG1RJd%2FxMI5awapatyzYyTw%2FDJwxFaL0OwnAW34YSz1DXi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 82a6111949936adc-FRA

GET atg.js
acscdn.com/script/ 0
0

GET
H2 200 cookienotice.js Show response
www.groupchaton.com/js/ 6 KB
2 KB 52ms
34ms Script
text/javascript 142.250.186.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.groupchaton.com/js/cookienotice.js

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.115 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f19.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 21:54:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 30 Nov 2023 02:43:49 GMT

GET
H2 200 1897193141-widgets.js Show response
www.blogger.com/static/v1/widgets/ 160 KB
58 KB 858ms
51ms Script
text/javascript 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1897193141-widgets.js

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

sffe /

Resource Hash

72b56d06cc3995965996f7d90fd241e0a6fa1952474ddf2ded661ac20153c94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 02:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59218
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 00:54:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 19 Nov 2024 02:02:28 GMT

POST
H2 200 state.json Show response
hub.orthemes.com/static/themes/themeforest/salbuta/ 11 B
623 B 1055ms
668ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hub.orthemes.com/static/themes/themeforest/salbuta/state.json

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.30

Resource Hash

a491a7b7a24b52ae6dd7dbcb4ac13b6f5f6ff714d69c021c269b065a6a2e1f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.groupchaton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.groupchaton.com
accept: text/plain; charset=UTF-8
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybC7YQqcuTM%2FOWzzdm5a6wAE6rC%2Bcd%2BF17G6B3roZcrwWrluuWf%2BzcuB7cv4XXdVBbs3aMGPFFs7gqNavIMSug57zidRPb%2FF9gqoPyH3kRYLFd9RIYaSJsSy0RIBWrq3YAhO"}],"group":"cf-nel","max_age":604800}
cf-ray: 82a6111babe15b2c-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 1005ms
201ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E18KHMPRKE

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fbd2ad63c7bec3ac61040c96952bb4e32c267507b63e2de12a32a75d4646b3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 02:43:50 GMT

GET
H2 200 ZXu9e04ZvKeOOHIe1TMahbcIU2cgqcTgoA.woff2
fonts.gstatic.com/s/jacquesfrancois/v24/ 28 KB
29 KB 728ms
51ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jacquesfrancois/v24/ZXu9e04ZvKeOOHIe1TMahbcIU2cgqcTgoA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jacques%20Francois:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

a19bfa0403a589030bd05ca1a59feb75040c20a58a9f582bbafa34e1b514d964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.groupchaton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:21:07 GMT
x-content-type-options: nosniff
age: 458563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28784
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:02:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 19:21:07 GMT

GET
H2 200 Logopit_1675597992062.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgI8D7O-qLE4l2NOCwEEOPSH7q99MjESySY06fzwerEVNlVxZP5bGby4f-5oUuTCAT3s05xb1oxJqQ7iApjYb31IZFh6U56qegRQQmHdIjmsaPTNchrvA8nBv-K-wDYKxdpYXIau_E_8VOVwzIT... 6 KB
6 KB 605ms
604ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgI8D7O-qLE4l2NOCwEEOPSH7q99MjESySY06fzwerEVNlVxZP5bGby4f-5oUuTCAT3s05xb1oxJqQ7iApjYb31IZFh6U56qegRQQmHdIjmsaPTNchrvA8nBv-K-wDYKxdpYXIau_E_8VOVwzIT60TD4lcayJnZx_mhGvF6IcECv9KgPzjSCXUqtCwfwIf8/s436/Logopit_1675597992062.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

339c136808fa0c96ae1aaa97ae95706ae4fd565ae13bd32f8ed8c2eb7b3d7554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1a2fe"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Logopit_1675597992062.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6324
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:50 GMT

GET
H2 204 banner.php
youradexchange.com/script/ 0
0 731ms
167ms Fetch 172.64.100.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=6809478&cbpage=https%3A%2F%2Fwww.groupchaton.com%2F&cbref=&cbdescription=On%20our%20website%20we%20collect%20and%20post%20related%20various%20group%20links%2C%20Cashback%20Offers%2C%20Manhwa%2C%20etc.%20Don%E2%80%99t%20forget%20to%20share%20this%20information%20with%20others&cbkeywords=&cbtitle=GroupChatOn&srs=3e62fcb966a46a42d0089be05e5163ea&atv=38.2
Requested by: Host: onclickalgo.com
URL: https://onclickalgo.com/a/display.php?r=6809478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.100.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bgL4t2%2FlBHJf0gXPjnYMt7%2FQr%2FqBZzJ7Sj4Z7O1TwufqAeNVlSB%2FgrLziKKvdI4qZPiiAozLfr%2BaiSVO%2Bgsbp1%2F8mPYYHdR9FsRpY5PUochy6NBo4XthJAVyTGnrnlmAdwHLUQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 82a61123982d18e4-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2

200

banner.js Show response
velocecdn.com/script/
Redirect Chain

https://onclickalgo.com/a/display.php?r=6809478
https://velocecdn.com/script/banner.js?r=6809478

105 KB
35 KB

55ms
55ms

Script
text/javascript

104.17.173.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/banner.js?r=6809478
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Server: 104.17.173.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fca84f1c50450a379b0583bafe60cf2053a2ab67bc378968b8ff7a88b6b326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3424
x-guploader-uploadid: ABPtcPrSO6WExzUsLbHFL_fN3LO0lNE65OgTkXTmekiU0VJIMFe3EJq1SanPaSUODnW5EzHSVRM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 21 Nov 2023 09:26:36 GMT
server: cloudflare
etag: W/"b48e6ae2b21e3be11f21ac4c042f70c3"
vary: Accept-Encoding
x-goog-hash: crc32c=OkCa6Q==, md5=tI5q4rIeO+EfIaxMBC9www==
x-goog-generation: 1700558796163159
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 107419
cf-ray: 82a61122199e9a0b-FRA
expires: Thu, 23 Nov 2023 06:43:50 GMT

Redirect headers

date: Thu, 23 Nov 2023 02:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://velocecdn.com/script/banner.js?r=6809478
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pftKlNCM3HpuArxvNc358GnIBV7GvqEL2%2BCanYcUtNycY2lUhE0Y4MoEaY5SnENYITmxZZw%2F%2BbeilhwiJRACL4khCJoxtSaV%2FfVYsQHlKETMFspNVUn2FGMYb9GI%2B%2BlIStQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 82a61120a8b21965-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
136 KB 436ms
60ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5935207738848708&plah=www.groupchaton.com&bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5935207738848708&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0e89e5bd5236b998c2c6bc85d4c5b29b3d5e6280795e0b19b87a19b9913bef91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138525
x-xss-protection: 0
server: cafe
etag: 6692854145241390473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 02:43:50 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 44B0 9 KB
4 KB 451ms
30ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5935207738848708&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.groupchaton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Interior%20Design.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEu_I7ga85q_H_vIIrF_AgFTlf5E_C_PxzyKJe9EV161_lti6dJIU2SW-MvemSX0EEaJ0xzdWJOlzDj2AUCmnVJsYvNu0p5TZc-nhYiHln_OLYFQ0wC1ThFSQFRjBmo4uN2xqZdBdxcZVjny2O... 16 KB
17 KB 499ms
415ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEu_I7ga85q_H_vIIrF_AgFTlf5E_C_PxzyKJe9EV161_lti6dJIU2SW-MvemSX0EEaJ0xzdWJOlzDj2AUCmnVJsYvNu0p5TZc-nhYiHln_OLYFQ0wC1ThFSQFRjBmo4uN2xqZdBdxcZVjny2OyomyzHB86NRa4bjNumYU2T65tx81wU8_CeHp9ik2fA/w350/Interior%20Design.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

a38c9299372fbc32480519441f847ae797ad375a163b486225a64942eb395f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b477"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Interior Design.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16779
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:51 GMT

GET
H2 200 Web%20Studio.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjItKyqWMjZuPEcepqOJK8Tf6urjRfh4X7UcIXNR4v32xnaGXnTyk_yl28T96NMGBic2SXDF6_UKLOZDD_vGKE5v6GMnFVyoIfQKloRJ5nE1WJJWbTU4RP23OaUq1ni3spipq7fb879u-G049BK... 16 KB
16 KB 300ms
217ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjItKyqWMjZuPEcepqOJK8Tf6urjRfh4X7UcIXNR4v32xnaGXnTyk_yl28T96NMGBic2SXDF6_UKLOZDD_vGKE5v6GMnFVyoIfQKloRJ5nE1WJJWbTU4RP23OaUq1ni3spipq7fb879u-G049BKz-ZBde7nBiQUYB2Wg2N6avGe-frJyvzWuRwqdLXpTQ/w350/Web%20Studio.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

c0c0cf47551547ec87b36a3521c4f2b2a29aa769634ae6aa5d392cd219fa516d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b475"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Web Studio.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16400
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 436ms
47ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E18KHMPRKE&gtm=45je3b81v9134772197&_p=1700707429317&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1286758953.1700707431&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1700707430&sct=1&seg=0&dl=https%3A%2F%2Fwww.groupchaton.com%2F&dt=GroupChatOn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4975
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E18KHMPRKE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:43:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.groupchaton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 banner.php
youradexchange.com/script/ 0
0 317ms
160ms Fetch 172.64.100.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=6809478&cbpage=https%3A%2F%2Fwww.groupchaton.com%2F&cbref=&cbdescription=On%20our%20website%20we%20collect%20and%20post%20related%20various%20group%20links%2C%20Cashback%20Offers%2C%20Manhwa%2C%20etc.%20Don%E2%80%99t%20forget%20to%20share%20this%20information%20with%20others&cbkeywords=&cbtitle=GroupChatOn&srs=3e62fcb966a46a42d0089be05e5163ea&atv=38.2
Requested by: Host: onclickalgo.com
URL: https://onclickalgo.com/a/display.php?r=6809478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.100.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TZqBRjhSX%2FGMzzBfTml3459kOhqu8PeFYn94CWJkDsCJCwHZtEmX2%2F0ZATcSRDwjy81kf1cIDGEs6yrZQivFFHuHYsmW8ANpXw7FxrU8H3XPMJzCCLKp7aT0OO7o%2BjmmVK7sz0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 82a61123982e18e4-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2

200

banner.js Show response
velocecdn.com/script/
Redirect Chain

https://onclickalgo.com/a/display.php?r=6809478
https://velocecdn.com/script/banner.js?r=6809478

105 KB
35 KB

52ms
50ms

Script
text/javascript

104.17.173.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/banner.js?r=6809478
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Server: 104.17.173.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fca84f1c50450a379b0583bafe60cf2053a2ab67bc378968b8ff7a88b6b326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3425
x-guploader-uploadid: ABPtcPrSO6WExzUsLbHFL_fN3LO0lNE65OgTkXTmekiU0VJIMFe3EJq1SanPaSUODnW5EzHSVRM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 21 Nov 2023 09:26:36 GMT
server: cloudflare
etag: W/"b48e6ae2b21e3be11f21ac4c042f70c3"
vary: Accept-Encoding
x-goog-hash: crc32c=OkCa6Q==, md5=tI5q4rIeO+EfIaxMBC9www==
x-goog-generation: 1700558796163159
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 107419
cf-ray: 82a61123ca649a0b-FRA
expires: Thu, 23 Nov 2023 06:43:51 GMT

Redirect headers

date: Thu, 23 Nov 2023 02:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://velocecdn.com/script/banner.js?r=6809478
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhMSrxLpxDo9GYPswjfcdWGbhqktMku1RYpMIyycoWprIRejsCa1Qm6FOg%2BRHtQhw2PaOYjKwqwj6LWH8I4yLCCIURDzNcqAO%2FIdRR6CNTI7ZlFsclGrj%2Bmc8Bp8kfK2xi0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 82a6112299fd1965-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 Gardening.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjChnHTSBRHizmuAYtAqK7LpcPdPiHxdhqRDlEzyNEpdwyDjK0aSVvwjxh_EZHHpTbP8LVvu5vEVNnIOE6QJL1sHz8hhk5UZeruviYitEEIUI21DR1OhIORJ9DygsUcW2I20ZiFXgTmoetssEcp... 16 KB
16 KB 435ms
433ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjChnHTSBRHizmuAYtAqK7LpcPdPiHxdhqRDlEzyNEpdwyDjK0aSVvwjxh_EZHHpTbP8LVvu5vEVNnIOE6QJL1sHz8hhk5UZeruviYitEEIUI21DR1OhIORJ9DygsUcW2I20ZiFXgTmoetssEcpMYhlnGIGSR913GRMKVTpmEqJJT9bGzrcLE_Hz0qQcQ/w350/Gardening.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

e15a271a20dc4f7481629cf82b1911bda426863cbe97edfb3cc90c92375d155f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b473"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Gardening.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16080
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:51 GMT

GET
H2 200 Programming.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB4TvjORv2zIJ1RxTYutmAPuMEpgwTPKvZ5kNf-DxL87yuHQfsU8BR4IuYJOubxRsDbWdSY9nVrbB15aQHFDcYgKJL3_v0ql1GpgrkHyiV07uS-ixFKRUmvvmKPrsJ-TBFQGX0qdqVN5ioha4H... 16 KB
16 KB 426ms
425ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB4TvjORv2zIJ1RxTYutmAPuMEpgwTPKvZ5kNf-DxL87yuHQfsU8BR4IuYJOubxRsDbWdSY9nVrbB15aQHFDcYgKJL3_v0ql1GpgrkHyiV07uS-ixFKRUmvvmKPrsJ-TBFQGX0qdqVN5ioha4Hk9MW1zkzGxa8qPw5LnHXlOVlQr3-Xl454eFIq6ez-A/w350/Programming.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

0dfb7d3fa37c9a7b0e628b9e3949b94777cea7437a6165ac3aed6beec4907086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b46f"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Programming.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16211
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:51 GMT

GET
H2 200 Websites.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6foXUoM_OHkG6YfAwQiJivIoD8d25l84Wbtp7yKZK5zXHYAm--VbQQJYLMRexxXDx4Oll-zUQPCBfa8vvr2wNXcQcW5QBkr-hGaAufXrZ-3z4xTYBZwiaE7YAW3kCSNfEUx5wOjlHBujjoM-4... 16 KB
16 KB 446ms
445ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6foXUoM_OHkG6YfAwQiJivIoD8d25l84Wbtp7yKZK5zXHYAm--VbQQJYLMRexxXDx4Oll-zUQPCBfa8vvr2wNXcQcW5QBkr-hGaAufXrZ-3z4xTYBZwiaE7YAW3kCSNfEUx5wOjlHBujjoM-4o4sMuxl8ajbespKzsPhLhAdxrgOIEB-Qi5oX_UbBug/w350/Websites.png

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

f04f0f259c14d3b591fd3d7b1d8a1315907432790d10976445fb7e6e49dbde20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1b46d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Websites.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16139
x-xss-protection: 0
expires: Fri, 24 Nov 2023 02:43:51 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7853 603 B
218 B 78ms
75ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5935207738848708&output=html&adk=1812271804&adf=3025194257&lmt=1700646590&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.groupchaton.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700707430492&bpp=22&bdt=1874&idt=611&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4557500775960&frm=20&pv=2&ga_vid=1286758953.1700707431&ga_sid=1700707431&ga_hid=1207760149&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079653%2C44807764%2C44808149%2C44808285%2C44809055%2C44809072%2C318512601&oid=2&pvsid=3900200150148938&tmod=857327945&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=687

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5935207738848708&plah=www.groupchaton.com&bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.groupchaton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 02:43:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 banner.php
youradexchange.com/script/ 0
0 155ms
154ms Fetch 172.64.100.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=6809478&cbpage=https%3A%2F%2Fwww.groupchaton.com%2F&cbref=&cbdescription=On%20our%20website%20we%20collect%20and%20post%20related%20various%20group%20links%2C%20Cashback%20Offers%2C%20Manhwa%2C%20etc.%20Don%E2%80%99t%20forget%20to%20share%20this%20information%20with%20others&cbkeywords=&cbtitle=GroupChatOn&srs=3e62fcb966a46a42d0089be05e5163ea&atv=38.2
Requested by: Host: onclickalgo.com
URL: https://onclickalgo.com/a/display.php?r=6809478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.100.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zPWrqYrhB0MqbU66YKVmm6f8DIUcqfCg%2B6rXsrrLO%2FEPVOcfsahfgaRhTJNmzBP%2BJHy%2Fvk%2BDrt%2FTyhK0e07DUYBBE0aIPhSK%2F%2FEgHzPlP9K%2F5tb9nOaR6J2eqDzEYptn6Dqy64%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 82a6112518ec18e4-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 43ms
43ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

121daff8d6f5617c77ddf9d2479d02990a2ab54ba9f6837b790fbb59b834865b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52682
x-xss-protection: 0
server: cafe
etag: 8921961745862409530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 02:43:51 GMT

GET
H2

200

AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436
web.archive.org/web/20230806074004im_/https://blogger.googleusercontent.com/img/a/
Redirect Chain

https://web.archive.org/web/20230323173631im_/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk...
https://web.archive.org/web/20230806074004im_/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk...

6 KB
9 KB

2839ms
2838ms

Image
image/png

207.241.237.3
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.archive.org/web/20230806074004im_/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436

Requested by

Host: www.groupchaton.com
URL: https://www.groupchaton.com/

Protocol

Server

207.241.237.3 Pleasanton, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

Software

nginx/1.25.1 /

Resource Hash

339c136808fa0c96ae1aaa97ae95706ae4fd565ae13bd32f8ed8c2eb7b3d7554

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org analytics.archive.org pragma.archivelab.org

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-archive-orig-access-control-expose-headers: Content-Length
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org analytics.archive.org pragma.archivelab.org
x-rl: 0
x-archive-orig-vary: Origin
content-disposition: inline;filename="Logopit_1675597992062.png"
memento-datetime: Sun, 06 Aug 2023 07:40:04 GMT
server-timing: captures_list;dur=496.578395, exclusion.robots;dur=0.121074, exclusion.robots.policy;dur=0.112880, cdx.remote;dur=0.054423, esindex;dur=0.007875, LoadShardBlock;dur=447.043100, PetaboxLoader3.datanode;dur=221.379591, PetaboxLoader3.resolve;dur=2154.217547, load_resource;dur=2152.190009
x-archive-orig-etag: "v1a13e"
referrer-policy: no-referrer-when-downgrade
x-archive-orig-x-content-type-options: nosniff
x-archive-orig-cache-control: public, max-age=86400, no-transform
content-type: image/png
cache-control: max-age=1800
link: <https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436>; rel="original", <https://web.archive.org/web/timemap/link/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436>; rel="timegate", <https://web.archive.org/web/20230806074004/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436>; rel="first memento"; datetime="Sun, 06 Aug 2023 07:40:04 GMT", <https://web.archive.org/web/20230806074004/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436>; rel="memento"; datetime="Sun, 06 Aug 2023 07:40:04 GMT", <https://web.archive.org/web/20230806074004/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436>; rel="last memento"; datetime="Sun, 06 Aug 2023 07:40:04 GMT"
date: Thu, 23 Nov 2023 02:43:55 GMT
x-app-server: wwwb-app216
x-location: All
x-archive-orig-alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-nid: -
content-length: 6324
x-archive-src: spn2-20230806075756/spn2-20230806073757-wwwb-spn24.us.archive.org-8000.warc.gz
x-ts: 200
x-archive-guessed-content-type: image/png
x-archive-orig-server: fife
server: nginx/1.25.1
x-tr: 2661
x-na: 0
x-archive-orig-x-xss-protection: 0
x-page-cache: MISS
permissions-policy: interest-cohort=()
x-archive-orig-date: Sun, 06 Aug 2023 07:40:04 GMT
x-archive-orig-content-length: 6324
accept-ranges: bytes
x-archive-orig-expires: Mon, 07 Aug 2023 07:40:04 GMT

Redirect headers

date: Thu, 23 Nov 2023 02:43:52 GMT
x-rl: 0
x-app-server: wwwb-app209
x-location: All
x-nid: -
server-timing: captures_list;dur=210.727548, exclusion.robots;dur=0.171617, exclusion.robots.policy;dur=0.157779, cdx.remote;dur=0.075147, esindex;dur=0.012625, LoadShardBlock;dur=140.692852, PetaboxLoader3.datanode;dur=57.651991
content-length: 0
x-archive-redirect-reason: found capture at 20230806074004
x-ts: 302
referrer-policy: no-referrer-when-downgrade
server: nginx/1.25.1
x-tr: 217
x-na: 0
content-type: text/plain; charset=utf-8
location: https://web.archive.org/web/20230806074004im_/https://blogger.googleusercontent.com/img/a/AVvXsEhIIJS8RzSmOcjCieTMewSCqpheX-K3VCJcMj2HeKArzxofnkmWoL8p9KmAjMt0D2xTZM_vJNZTeuqorxXMgfKsFZjw_QWPgYaCamk0FZB1KBh_2v_FiNVB8owTojqnGXDontqi3AVQ0ITkmgWDgLOHosVHDn_p7IoLrAKoJ6Sg-kBlveZfWmu1n3OvRQ=s436
x-page-cache: MISS
permissions-policy: interest-cohort=()

GET
DATA 200
OK truncated
/ 234 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff31b118a9f37fd346422ceb63b716ae26baf3bd187d583e1258ec15a33ef006

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 native_render.js Show response
superonclick.com/script/ 4 KB
2 KB 449ms
51ms Script
application/javascript 104.21.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_render.js
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.41.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3565
x-guploader-uploadid: ABPtcPoLuVMCpncG8Pvp0gW5wGmPnl_WBP-o5_4QGV1Lu8RnC_084lN9Nn6ZDiqBgD6lmnKORYev8PxP28w0G0aV__Iwxw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
server: cloudflare
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
vary: Accept-Encoding
x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-generation: 1550052950916101
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkTbWdABTjAVqisnpVFM69uHfDDf6hPKBIR1mGPPJeY%2Bwa5gIcFOBmJ0SJ1ylKOJbO%2F6m5hROKUDPjkZleZLM7zCJ4iaL2hJcsksovCSoYfhdpN%2FHb%2FYnDckuzP2E1RMcZzn"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 4285
cf-ray: 82a6112a8e4c30e2-FRA
expires: Thu, 23 Nov 2023 02:11:05 GMT

GET
H2 200 native_server.js Show response
superonclick.com/script/ 9 KB
3 KB 450ms
53ms Script
application/javascript 104.21.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_server.js
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.41.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414
x-guploader-uploadid: ABPtcPr_2HC9c6rXi_MardpSSdnzwn8pPfCX0Xh7KpKK9wceNQO7149juCITBP6cU8TX4kAUtgimpOXQ69dCP-BpN08UbQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
server: cloudflare
etag: W/"51d87e9ebd831fccab6a016079a60793"
vary: Accept-Encoding
x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-generation: 1550052952705094
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgsWay%2FSV9sRWmYoVxMAM57r38TykKgT2oGfEd8ij4BX2VspFIUXfc6%2FT26zFeE7jE8dgrH%2BGGLBLHaa0wW%2BtiEqSRt03MlweS9%2FYZ4B1HCmtWI%2F4DGj98j8Z0V5RHn2ITvJ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 9260
cf-ray: 82a6112a8e4b30e2-FRA
expires: Thu, 23 Nov 2023 03:04:15 GMT

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 8CA8 2 KB
1 KB 525ms
145ms Document
text/html 104.21.46.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer: https://www.groupchaton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a611307a2d3647-FRA
content-encoding: br
content-type: text/html
date: Thu, 23 Nov 2023 02:43:53 GMT
last-modified: Tue, 15 May 2018 06:39:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WICxQizieDGHqSn1dOhPAtp4NnEsuGl1nfOeUaXzk3mLtE%2FB5mxg4g3xddK6QPGbyVtSEiP%2BJpgx9viW7DQ5Tlaob5FUER750%2FfFBeqPDBH887UT%2BgOXWEOpee0G"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 204 native.php Show response
discovernative.com/script/ 0
479 B 548ms
157ms Script
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/native.php?nwpsv=1&r=6833302&cbrandom=0.5772496410250407&cbWidth=1600&cbHeight=1200&cbtitle=GroupChatOn&cbref=&cbdescription=On%20our%20website%20we%20collect%20and%20post%20related%20various%20group%20links%2C%20Cashback%20Offers%2C%20Manhwa%2C%20etc.%20Don%E2%80%99t%20forget%20to%20share%20this%20information%20with%20others&cbkeywords=&cbiframe=0&&callback=jsonp723791
Requested by: Host: www.groupchaton.com
URL: https://www.groupchaton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.groupchaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:43:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrW2lVJkQz%2BJVRhfMi43vSijem8M3sp2ssVZ73VEv%2Fr%2FjS%2F84ufNVDPQRtakqG35lHFgNNBb%2BmQawklG4PCj%2Fjd6mR9QqtxIkEkqsyzqJxsX%2BxUxRovoLmeXUTn4oIoeNFrzAgY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 82a61131cff865cc-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: acscdn.com
URL: https://acscdn.com/script/atg.js

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.groupchaton.com/	1970-01-21 02:01:07	Name: _ga_E18KHMPRKE Value: GS1.1.1700707430.1.0.1700707430.0.0.0
.groupchaton.com/	1970-01-21 02:01:07	Name: _ga Value: GA1.1.1286758953.1700707431
.doubleclick.net/	1970-01-20 16:25:08	Name: test_cookie Value: CheckForPermission
www.groupchaton.com/	1970-01-20 17:51:31	Name: adcashufpv3 Value: 762061422350952180807835321

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5935207738848708&output=html&adk=1812271804&adf=3025194257&lmt=1700646590&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.groupchaton.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700707430492&bpp=22&bdt=1874&idt=611&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4557500775960&frm=20&pv=2&ga_vid=1286758953.1700707431&ga_sid=1700707431&ga_hid=1207760149&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079653%2C44807764%2C44808149%2C44808285%2C44809055%2C44809072%2C318512601&oid=2&pvsid=3900200150148938&tmod=857327945&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=687 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
blogger.googleusercontent.com
discovernative.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
group4whatsapp.co
hub.orthemes.com
onclickalgo.com
pagead2.googlesyndication.com
region1.google-analytics.com
seals.ssltrust.com.au
superonclick.com
ufpcdn.com
velocecdn.com
web.archive.org
www.blogger.com
www.googletagmanager.com
www.groupchaton.com
www.gstatic.com
youradexchange.com
acscdn.com
104.17.173.62
104.21.41.60
104.21.46.210
142.250.185.226
142.250.186.104
142.250.186.115
142.250.186.129
142.250.186.42
142.250.186.73
169.150.247.36
172.217.16.130
172.217.18.3
172.64.100.11
172.67.205.138
188.114.96.3
188.114.97.3
207.241.237.3
216.239.32.36
216.239.34.21
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0dfb7d3fa37c9a7b0e628b9e3949b94777cea7437a6165ac3aed6beec4907086
0e89e5bd5236b998c2c6bc85d4c5b29b3d5e6280795e0b19b87a19b9913bef91
113713ca6bbfd0ba4c96ddd8454fddebba18772f72e113b8dc2672963dc9ebad
121daff8d6f5617c77ddf9d2479d02990a2ab54ba9f6837b790fbb59b834865b
25c15c1a43c3e928eab1e7bedfaa73cdea929a245a0f7a37ce3da03147efc74e
2714a67eafee7d9859b9ceb8441e48d890dcf2ac1c2c4ccbb01976ce47225b2a
339c136808fa0c96ae1aaa97ae95706ae4fd565ae13bd32f8ed8c2eb7b3d7554
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
3a2dd2a8f000b806cba073ffa25c2958dbe8409dd091e79409119470b5236831
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
72b56d06cc3995965996f7d90fd241e0a6fa1952474ddf2ded661ac20153c94b
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
82f3ba73eb0feec48ba0fca3df2e910a4ca9adcc125bd2e56bfa9ebbceea5756
9328e9e0fc10b7b7ef33d26ab770669599403cbae22dd965560f48a2602be1af
93fca84f1c50450a379b0583bafe60cf2053a2ab67bc378968b8ff7a88b6b326
a19bfa0403a589030bd05ca1a59feb75040c20a58a9f582bbafa34e1b514d964
a38c9299372fbc32480519441f847ae797ad375a163b486225a64942eb395f74
a491a7b7a24b52ae6dd7dbcb4ac13b6f5f6ff714d69c021c269b065a6a2e1f3e
a95a75b99a078a911e7d2bbe867ca013cd313ab867faec96e9c32e85bcf6a56d
b3100729ce1cc3d96321de58a4a4e648783da7d4c1f57af936864b6669d1859c
be0fed54454a5a8b55199ac9708ffe00fbd3385f76df6ce6f4abf8b21bbe02ff
c0c0cf47551547ec87b36a3521c4f2b2a29aa769634ae6aa5d392cd219fa516d
ccbafa06c6466bb24b0c6f7a3d4151b22d79b2b4549df1571535090e990f2368
d2faefc17e088c9384132d21080e6628e80e2f8e30794e115909b045bb6d3b4b
df44ba8e9168b5c7194188d6c465bb3b8361a059de9816682896b367547e1c3a
e15a271a20dc4f7481629cf82b1911bda426863cbe97edfb3cc90c92375d155f
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04f0f259c14d3b591fd3d7b1d8a1315907432790d10976445fb7e6e49dbde20
fbd2ad63c7bec3ac61040c96952bb4e32c267507b63e2de12a32a75d4646b3cf
fc3d33ee5d7720ce3b32d06fceaf253e4ec6b7df6d41e3b1ac342814d2fbee05
ff31b118a9f37fd346422ceb63b716ae26baf3bd187d583e1258ec15a33ef006
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

www.groupchaton.com Open in urlscan Pro 142.250.186.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

88 %HTTPS

0 %IPv6

20 Domains

21 Subdomains

18 IPs

4 Countries

2169 kBTransfer

4967 kBSize

4 Cookies

12 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.groupchaton.com Open in urlscan Pro
142.250.186.115 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

88 %
HTTPS

0 %
IPv6

20
Domains

21
Subdomains

18
IPs

4
Countries

2169 kB
Transfer

4967 kB
Size

4
Cookies

42 HTTP transactions
1 data transactions