farscogroup.online Open in urlscan Pro
2606:4700:3033::6815:1fd8  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://uqr.to/pdffile Page URL
2. https://farscogroup.online/ Page URL
3. https://farscogroup.online/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	pdffile Show response uqr.to/	2 KB 2 KB	750ms 232ms	Document text/html	13.58.57.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uqr.to/pdffile Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.57.95 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-57-95.us-east-2.compute.amazonaws.com Software Apache / Resource Hash af74f1f54a0d204022667f7b69c53b5fcdcb41f4fd7076740c7a168ae9116ae3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.uqr.me *.uqr.to *.qrcodekit.com *.odisee.be *.kuleuven.cloud Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, private, max-age=2592000 Connection Keep-Alive Content-Encoding gzip Content-Length 780 Content-Security-Policy frame-ancestors 'self' *.uqr.me *.uqr.to *.qrcodekit.com *.odisee.be *.kuleuven.cloud Content-Type text/html; charset=UTF-8 Date Thu, 09 Nov 2023 13:24:50 GMT Expires Sat, 09 Dec 2023 13:24:50 GMT Keep-Alive timeout=10, max=500 Permissions-Policy geolocation=self Referrer-Policy strict-origin Server Apache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options deny X-Robots-Tag noindex, nofollow X-XSS-Protection 1; mode=block
GET H2	200	gtm.js Show response www.googletagmanager.com/	201 KB 71 KB	39ms 16ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl Requested by Host: uqr.to URL: https://uqr.to/pdffile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 27eb4f5f20b6be8efa5fc1e16c931d96f908d93afabc53168c77d70b1a8e3941 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://uqr.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72751 x-xss-protection 0 last-modified Thu, 09 Nov 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 09 Nov 2023 13:25:06 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	216 KB 77 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6fabd2eb868b8f1fd49c89a903f581815c172844cae171fc033189f42ea076df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://uqr.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78718 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 09 Nov 2023 13:25:07 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	31ms 6ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://uqr.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 09 Nov 2023 11:49:42 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5725 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 09 Nov 2023 13:49:42 GMT
POST H2	200	collect www.google-analytics.com/j/	3 B 202 B	16ms 15ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=269598597&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2Fpdffile&ul=en-us&de=UTF-8&dt=QR%20code%203&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=78707090&gjid=2101955052&cid=107048844.1699536307&tid=UA-18982026-1&_gid=1421311408.1699536307&_slc=1&gtm=45He3b60n81NSZ7GSJv77487432&cd1=1&cd2=1051774&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1953427920 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://uqr.to/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 09 Nov 2023 13:25:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uqr.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect stats.g.doubleclick.net/j/	4 B 70 B	67ms 20ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18982026-1&cid=107048844.1699536307&jid=78707090&gjid=2101955052&_gid=1421311408.1699536307&_u=YGBAgEABAAAAAGAAI~&z=1342945107 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://uqr.to/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 09 Nov 2023 13:25:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uqr.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/j/	3 B 68 B	14ms 13ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=269598597&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2Fpdffile&ul=en-us&de=UTF-8&dt=QR%20code%203&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAGAAI~&jid=749880895&gjid=934654773&cid=107048844.1699536307&tid=UA-18982026-3&_gid=1421311408.1699536307&_slc=1&gtm=45He3b60n81NSZ7GSJv77487432&cd1=1051774&cd2=%20-%20test&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=454518218 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://uqr.to/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 09 Nov 2023 13:25:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uqr.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect stats.g.doubleclick.net/j/	4 B 343 B	63ms 19ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18982026-3&cid=107048844.1699536307&jid=749880895&gjid=934654773&_gid=1421311408.1699536307&_u=YGDAgEABAAAAAGAAI~&z=1305686701 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://uqr.to/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 09 Nov 2023 13:25:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uqr.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 248 B	39ms 16ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-0DWYM481N5&gtm=45je3b60v9118958276z877487432&_p=1699536306896&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=107048844.1699536307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699536307&sct=1&seg=0&dl=https%3A%2F%2Fuqr.to%2Fpdffile&dt=QR%20code%203&en=page_view&_fv=1&_ss=1&tfd=943 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://uqr.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Thu, 09 Nov 2023 13:25:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uqr.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	38ms 21ms	Ping text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DWYM481N5&cid=107048844.1699536307&gtm=45je3b60v9118958276z877487432&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://uqr.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Thu, 09 Nov 2023 13:25:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://uqr.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	53ms 30ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DWYM481N5&cid=107048844.1699536307&gtm=45je3b60v9118958276z877487432&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=240892047 Requested by Host: uqr.to URL: https://uqr.to/pdffile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://uqr.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Thu, 09 Nov 2023 13:25:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ farscogroup.online/	0 0
GET H2	403	/ Show response farscogroup.online/	6 KB 5 KB	61ms 16ms	Document text/html	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/ Requested by Host: uqr.to URL: https://uqr.to/pdffile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42d93ce465fbd7af0d715027bd71c926ec096501537645b7e5fe75ed65969de5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://uqr.to/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 8236613f8fc2924a-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 09 Nov 2023 13:25:07 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUOYPUvUxfzrWk1kZu436JumH6V7yoeiYni7fbGTCurVhiD%2BJJEu3COzEQfWd%2BUtoEVM%2BJmnGG6hSFNmx1Jp0Hk%2BvML1WUtGlfthkvq%2FQFPwI8ZzdYJ2%2BEA3Fwkv%2FNM99oa%2BFFSzBDXmtVe64O0MMKA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET		ga-audiences www.google.com/ads/	0 0
GET		ga-audiences www.google.de/ads/	0 0
GET		ga-audiences www.google.com/ads/	0 0
GET		ga-audiences www.google.de/ads/	0 0
GET H2	200	challenges.css farscogroup.online/cdn-cgi/styles/	6 KB 3 KB	12ms 9ms	Stylesheet text/css	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/styles/challenges.css Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Nov 2023 16:16:02 GMT server cloudflare etag W/"654bb442-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 8236613fc83f924a-FRA expires Thu, 09 Nov 2023 15:25:07 GMT
GET H3	200	v1 Show response farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	168 KB 58 KB	27ms 27ms	Script application/javascript	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8236613f8fc2924a Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f2448ad568f4bd80609c54901d4db98d3c24472f2cf12f803ac5c9761ed4602 Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/?__cf_chl_rt_tk=wwu8qVw3Njq2A.re6srvL_thudGkd5ILOUvTsNLa2C4-1699536307-0-gaNycGzNDVA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:07 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNHreljcVkyzwSB8nCT7Kx3e3RkELDCYtlyt8wwgBIMck6q%2BqMFRrpRaNnPUUSoH%2FqgAvSj8ilky%2Fc6xBPyH0kJ0%2FyjOTyueO8UuxYenqU461IwDZAuqJLA4v6Qnmw3kRZ7Lj4PLzQURsFjGliUozpE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8236613ff8129bce-FRA alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/9914b343/	33 KB 11 KB	52ms 35ms	Script application/javascript	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8236613f8fc2924a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7 Request headers Referer Origin https://farscogroup.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:07 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 823661406fd51a86-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico farscogroup.online/	6 KB 6 KB	13ms 12ms	Image text/html	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://farscogroup.online/favicon.ico Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24e31adcbd6544780612d19e5d1b7cc83580c2ee8f89269de4f601172a0ad1b3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:07 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgKYd6ZLUhCYHg1MkpC285fN9lci3Lbt6Dncey7oPLLyEd6w0N%2FxaH8UlazNko73of9X7VAjYYA0v0UixhF7nkXZ1nh9mUlC2kazBHSFZfm%2B7SHSKFbea8AgmPYpbMXbFNWToeApijkQ0lEA4gJ0QzI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 8236614048939bce-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	30bbecdd-ec86-4326-9df1-038978ea44bb https://farscogroup.online/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://farscogroup.online/30bbecdd-ec86-4326-9df1-038978ea44bb Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	47fcc53dcdb798a Show response farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1053276743:1699531704:SLy39RYUMqS0hRDTG_xI3OEK66V0HTeuZ98PxizFZLE/8236613f8fc2924a/	12 KB 10 KB	28ms 27ms	XHR text/plain	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1053276743:1699531704:SLy39RYUMqS0hRDTG_xI3OEK66V0HTeuZ98PxizFZLE/8236613f8fc2924a/47fcc53dcdb798a Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8236613f8fc2924a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41645cb1d03a691becc76023f7c4c5037bb623f2b0cd2f49bd252bda08fb9358 Request headers Referer https://farscogroup.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 CF-Challenge 47fcc53dcdb798a Content-type application/x-www-form-urlencoded Response headers date Thu, 09 Nov 2023 13:25:07 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpFsn4gEawuMQ%2FtLv3ycyYw0GtwzsabrIgJeQ0xHYwcnBYUtIH5tnGy2%2Bk6j4h%2FtsRBgaZADcid6tRw6H02hkO3%2FXuLdobaEsnsO24ygLbfGjTGsaMCYz5gaIHnCnWpOnr%2Fkioy49rd%2BTZaRKVjIHgY%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 82366140f96f9bce-FRA alt-svc h3=":443"; ma=86400 cf-chl-gen zvRgDQMySmupKIzyT6pvzsxfJLbcU5qzb0tV02UqeRxvAu+2zrAjp7U9teRqykmI$GdIyi5AtszLlcPRxbYgYsQ==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ttd15/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 5C81	0 0	31ms 19ms	Document text/html	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ttd15/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 823661415ac61c44-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 09 Nov 2023 13:25:07 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	47fcc53dcdb798a Show response farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1053276743:1699531704:SLy39RYUMqS0hRDTG_xI3OEK66V0HTeuZ98PxizFZLE/8236613f8fc2924a/	2 KB 2 KB	24ms 24ms	XHR text/html	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1053276743:1699531704:SLy39RYUMqS0hRDTG_xI3OEK66V0HTeuZ98PxizFZLE/8236613f8fc2924a/47fcc53dcdb798a Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8236613f8fc2924a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6168843f9881660576f88329f664a372aa41af3387f4a446727c362e5291bca Request headers Referer https://farscogroup.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 CF-Challenge 47fcc53dcdb798a Content-type application/x-www-form-urlencoded Response headers cf-chl-out HndP37MkhKum6Z789RxrYDxd6mWy8plbVsiD+n0jEhBD6tO0vZ0eixRA68rdQcc4aAfOayIsrPvY2A86R/uCyugmbcGlcM9TBzrKGmPkK+s=$b7M+tyiOddFUaIPzbm41Tg== cf-chl-out-s oKNWPJqvGaGJWny64q7Gy66lAJ4KU8mwuDuzlDEDp3y4eoY4PDK7sSXhcylVAn85gji5kaVlpmsEH/4cJ+4DEFgxUimEcr+CG9MsODF2Xe7V7qs6t9ogkFXo5aB6SdhX15wgwdTBuJV9I0bow7USoQ==$/dyFIpitgvbhyrwqPinVJw== date Thu, 09 Nov 2023 13:25:07 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4eIWkChJA3ud7HZsNZWV%2BIWrNCZVfII8bl6KMkSkGPthKwKKHYEd%2FkeM5275ZdqpI17x%2BxV2GMTw64GsgoSflTsLTBQnD4WV65bvIkxrcRG6%2BTCs4Z6qUgF4lXOUCgd8Vw5TuoVPHD9URCksnYzG7M%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 82366142dc219bce-FRA alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request / Show response farscogroup.online/	6 KB 5 KB	13ms 13ms	Document text/html	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/ Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8236613f8fc2924a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2045be28e1e5b8d17e01b36037b6d93efca085047d9ddfb940ac3dfd9b1ec5ec Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://farscogroup.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 82366153095e9bce-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 09 Nov 2023 13:25:10 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzIQV5QNCrfJkyzK1ZIDdBwiUMHFVssVBJX7R7EsHjEgyYbrqxvNIDT1Z5kjR7baRDB%2FNjoN2yXc783od4Q58LDAngKfW4Q4DaZ4vTK%2FGC1tmfrKnzWhgxx4dBxtcUfJzmQyVNmpXWya7YvuJQQVxWg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H3	200	challenges.css farscogroup.online/cdn-cgi/styles/	6 KB 3 KB	10ms 9ms	Stylesheet text/css	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/styles/challenges.css Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Nov 2023 16:16:02 GMT server cloudflare etag W/"654bb442-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 8236615329919bce-FRA expires Thu, 09 Nov 2023 15:25:10 GMT
GET H3	200	v1 Show response farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	177 KB 61 KB	18ms 17ms	Script application/javascript	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82366153095e9bce Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00fcdc09c0361b20ea59fc65d0cc93d47c762b3e2d570678c02bd09aca43bf21 Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/?__cf_chl_rt_tk=S2ZVglmNvm4VD5hOdfR8.ytTjc_Y2Ov.WbO0Y5olYFM-1699536310-0-gaNycGzNCeU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2Feb3T501pkf6AsfoZ%2FpD8GAFeh9FXmItgXzIfqWLc2pd6S63zcYDEKb1lc52AqHYN00nMKCsErMJtJrWLILL1BBX%2BdlEoACv5Gu4u6gOUCiZh6Q%2FSenebDqVLweejc1KUu3sgYhUHFmrw%2F6V8eD6R0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8236615349ca9bce-FRA alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/9914b343/	33 KB 11 KB	52ms 51ms	Script application/javascript	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82366153095e9bce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7 Request headers Referer Origin https://farscogroup.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:10 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 823661539c751a86-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico farscogroup.online/	6 KB 6 KB	15ms 15ms	Image text/html	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://farscogroup.online/favicon.ico Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f216f922865daabb6599fe5264c0c2726eb1d40e57cf45fdcd27771032befb0f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:25:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6nIjOIOGdR%2FQ7av7NN2Pib%2BVcfTRS%2BeseQCCQRePfXtF%2FFYPQSpnvSd0ks1H13bq%2FLyaj2gUXOm1X5YMi1vXH0IiDsczE5Xtl1PIJsK0xmceBcG8RhCZKOcKBq6n4u2f%2FDWhjdeg1YZ3REqpkM0DYo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 823661539a479bce-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	ec35d9ec-d80b-4957-a0a8-9fb3bc504e37 https://farscogroup.online/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://farscogroup.online/ec35d9ec-d80b-4957-a0a8-9fb3bc504e37 Requested by Host: farscogroup.online URL: https://farscogroup.online/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://farscogroup.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	d6b26b1f4e548c0 Show response farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/485524923:1699535298:eILOsTgauO7Ex33u34AHY_E5EkAK8hLUA4n2DozaAS0/82366153095e9bce/	12 KB 10 KB	40ms 39ms	XHR text/plain	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/485524923:1699535298:eILOsTgauO7Ex33u34AHY_E5EkAK8hLUA4n2DozaAS0/82366153095e9bce/d6b26b1f4e548c0 Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82366153095e9bce Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 939c6c58679a3fb6e68c00b49d057a5067e1416990b96d41eb574f3a60623cc9 Request headers Referer https://farscogroup.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 CF-Challenge d6b26b1f4e548c0 Content-type application/x-www-form-urlencoded Response headers date Thu, 09 Nov 2023 13:25:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhhzEOkIZTBSoKKb351ctmX%2FFtl7vpAlGXHuMEhSQooCmdXn4DYrSjwkm7%2Btsh1vSdJJc2T3jD2ZznY9jZAlwwPWWaJT21sjXv3b%2BHksL%2B63Q8%2Fb37L3UyoJGcRW%2FnCnHs6iJEB8h%2B8DHekCAhrd0Uc%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 823661545b389bce-FRA alt-svc h3=":443"; ma=86400 cf-chl-gen a82KsmYtJV331CdIJijdxjexscg3qn9IwhR9DcQukhZEmX1pWjLVGyRQUN1D+3fV$Knz8SWuFkvgXpfIdr+Pujw==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/53fg0/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame C38D	0 0	21ms 20ms	Document text/html	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/53fg0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82366154eb7d1c44-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 09 Nov 2023 13:25:10 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	d6b26b1f4e548c0 Show response farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/485524923:1699535298:eILOsTgauO7Ex33u34AHY_E5EkAK8hLUA4n2DozaAS0/82366153095e9bce/	2 KB 2 KB	30ms 29ms	XHR text/html	2606:4700:3033::6815:1fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://farscogroup.online/cdn-cgi/challenge-platform/h/g/flow/ov1/485524923:1699535298:eILOsTgauO7Ex33u34AHY_E5EkAK8hLUA4n2DozaAS0/82366153095e9bce/d6b26b1f4e548c0 Requested by Host: farscogroup.online URL: https://farscogroup.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82366153095e9bce Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3a714350c3ec7c65465df698d83da038b1559ef6e64eafbcb502c0b3ceb54ca Request headers Referer https://farscogroup.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 CF-Challenge d6b26b1f4e548c0 Content-type application/x-www-form-urlencoded Response headers cf-chl-out 87ttJP52R9l14CpAJaeNhVK/FG9bqyJFudVkhmO/shxie2i0cxpUkD8Hwd4UtlBngzw9la287jr70QQFIxVjPO3ePQZm6qXb9RsoEOFqzs0=$3PuZjXAbhJvHz2nwZ/dO5A== cf-chl-out-s 2edxtACcktIbBAcJwWWDaocZME+3vVFRqD/yafbYLjTiqi34N7NPXilpGZ6TMMNp0GdUIs5ODHv6Dhz+CahsX/BJRDVheWQSMnZUK7AqfbO+Xnqbkz1Yq4e3wXAMyiKZzhC3lOkGao0nc98EGJp04qGwZJcvZmJLQNdeW2rXZw+QJG4whdEthBmEe4CdJ4A4ZK0ANYrdqI83Lrlzkftp4XtLYfM3xLEGxHctYCGD88wo/HethKJpEFw76UteZYXe$SyQP4p/Ao/xDf7wOW0MN7g== date Thu, 09 Nov 2023 13:25:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJynKeq6gcdrU8UTcCM9%2F%2BFOumv2BCE0BTA6vEEUuNNroFOcVxZ%2F%2FLaDO2c9zfTZooy%2FXG5AwmNGnVwTL8t%2FV85tWUeepb1LDiOQNblJG6qWmSzOacLx1uFHFw4%2BnWL9nHuj9WmHTUkF5CpYqpClY4g%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 823661567db79bce-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

farscogroup.online

URL

https://farscogroup.online/

Domain

www.google.com

URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18982026-3&cid=107048844.1699536307&jid=749880895&_u=YGDAgEABAAAAAGAAI~&z=800755883

Domain

www.google.de

URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18982026-3&cid=107048844.1699536307&jid=749880895&_u=YGDAgEABAAAAAGAAI~&z=800755883

Domain

www.google.com

URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18982026-1&cid=107048844.1699536307&jid=78707090&_u=YGBAgEABAAAAAGAAI~&z=1501682665

Domain

www.google.de

URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18982026-1&cid=107048844.1699536307&jid=78707090&_u=YGBAgEABAAAAAGAAI~&z=1501682665

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt function| mgSMVQzBWl function| IyIbT4 function| FAIg1 boolean| WrwZ6 function| scUG3 function| SgWID6 function| LGYdpr9 function| FdoAsB7 object| nCiPQs6 object| BoUQfS8 object| turnstile boolean| CnXTHZ3 string| LPfb7

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uqr.to/	1970-01-20 16:05:38	Name: stat_session2768287 Value: 2dca29cd-9909-445e-b196-7e45638a1d4b
			uqr.to/	1970-01-20 16:48:48	Name: device_view Value: full
			.uqr.to/	1970-01-20 16:07:02	Name: _gid Value: GA1.2.1421311408.1699536307
			.uqr.to/	1970-01-20 16:05:36	Name: _dc_gtm_UA-18982026-1 Value: 1
			.uqr.to/	1970-01-20 16:05:36	Name: _dc_gtm_UA-18982026-3 Value: 1
			.uqr.to/	1970-01-21 01:41:36	Name: _ga_0DWYM481N5 Value: GS1.1.1699536307.1.0.1699536307.60.0.0
			.uqr.to/	1970-01-21 01:41:36	Name: _ga Value: GA1.1.107048844.1699536307
			farscogroup.online/	1970-01-20 16:05:39	Name: cf_chl_rc_m Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://farscogroup.online/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://farscogroup.online/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://farscogroup.online/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://farscogroup.online/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *.uqr.me *.uqr.to *.qrcodekit.com *.odisee.be *.kuleuven.cloud
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
farscogroup.online
region1.analytics.google.com
stats.g.doubleclick.net
uqr.to
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
farscogroup.online
www.google.com
www.google.de
13.58.57.95
2001:4860:4802:32::36
2606:4700:3033::6815:1fd8
2606:4700::6811:3b8
2a00:1450:4001:80b::200e
2a00:1450:4001:829::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9a
00fcdc09c0361b20ea59fc65d0cc93d47c762b3e2d570678c02bd09aca43bf21
0f2448ad568f4bd80609c54901d4db98d3c24472f2cf12f803ac5c9761ed4602
2045be28e1e5b8d17e01b36037b6d93efca085047d9ddfb940ac3dfd9b1ec5ec
24e31adcbd6544780612d19e5d1b7cc83580c2ee8f89269de4f601172a0ad1b3
27eb4f5f20b6be8efa5fc1e16c931d96f908d93afabc53168c77d70b1a8e3941
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
41645cb1d03a691becc76023f7c4c5037bb623f2b0cd2f49bd252bda08fb9358
42d93ce465fbd7af0d715027bd71c926ec096501537645b7e5fe75ed65969de5
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
6fabd2eb868b8f1fd49c89a903f581815c172844cae171fc033189f42ea076df
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
939c6c58679a3fb6e68c00b49d057a5067e1416990b96d41eb574f3a60623cc9
af74f1f54a0d204022667f7b69c53b5fcdcb41f4fd7076740c7a168ae9116ae3
d3a714350c3ec7c65465df698d83da038b1559ef6e64eafbcb502c0b3ceb54ca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f216f922865daabb6599fe5264c0c2726eb1d40e57cf45fdcd27771032befb0f
f6168843f9881660576f88329f664a372aa41af3387f4a446727c362e5291bca
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa