urlscan.io logo urlscan.io
SecurityTrails logo

groupmediappv.info Open in urlscan Pro
2606:4700:30::681c:1713  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://groupmediappv.info/
Effective URL: https://groupmediappv.info/202-login.php
Submission: On January 25 via manual from AR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2606:4700:30::681c:1713, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is groupmediappv.info.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 25th 2018. Valid for: 6 months.
This is the only time groupmediappv.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 7 2606:4700:30:... 13335 (CLOUDFLAR...)
4 143.204.98.213 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 216.58.205.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 10
1    2606:4700:30::681c:1613 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
groupmediappv.info
7    2606:4700:30::681c:1713 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
groupmediappv.info
4    143.204.98.213 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-213.fra50.r.cloudfront.net
dp5k1x6z3k332.cloudfront.net
2    2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
4    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
3    2a00:1450:4001:81a::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:81c::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
Domain Requested by
8 groupmediappv.info 2 redirects groupmediappv.info
dp5k1x6z3k332.cloudfront.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
groupmediappv.info
4 dp5k1x6z3k332.cloudfront.net groupmediappv.info
dp5k1x6z3k332.cloudfront.net
3 cdn.ampproject.org securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
groupmediappv.info
2 www.googletagservices.com groupmediappv.info
securepubads.g.doubleclick.net
1 amp-error-reporting.appspot.com cdn.ampproject.org
1 pagead2.googlesyndication.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
25 10

This site contains links to these domains. Also see Links.

Domain
prosper.tracking202.com
Subject Issuer Validity Valid
sni79019.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-25 -
2019-07-03		 6 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.appspot.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://groupmediappv.info/202-login.php
Frame ID: 491BA48B57394917CC66D629014B661D
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011901081935550/amp4ads-v0.js
Frame ID: DAEE93A55378BFFF8B8406E609C8FF77
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://groupmediappv.info/ HTTP 301
    https://groupmediappv.info/ HTTP 302
    https://groupmediappv.info/202-login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

25
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

1276 kB
Transfer

2306 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://groupmediappv.info/ HTTP 301
    https://groupmediappv.info/ HTTP 302
    https://groupmediappv.info/202-login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 202-login.php
groupmediappv.info/
Redirect Chain
  • http://groupmediappv.info/
  • https://groupmediappv.info/
  • https://groupmediappv.info/202-login.php
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0f64dda618c7db39873b07aaf35fd64592cae8a6ae7fea3ce352016828744e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
groupmediappv.info
:scheme
https
:path
/202-login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 25 Jan 2019 21:15:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=7v772tmrunh7evf91eri6capk5; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
49edc0c9df516391-FRA
content-encoding
br

Redirect headers

status
302
date
Fri, 25 Jan 2019 21:15:04 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904; expires=Sat, 25-Jan-20 21:15:04 GMT; path=/; domain=.groupmediappv.info; HttpOnly; Secure
location
/202-login.php
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
49edc0c7ad986391-FRA
bootstrap.min.css
groupmediappv.info/202-css/css/ 		115 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://groupmediappv.info/202-css/css/bootstrap.min.css
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/202-css/css/bootstrap.min.css
pragma
no-cache
cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904; PHPSESSID=7v772tmrunh7evf91eri6capk5
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
groupmediappv.info
referer
https://groupmediappv.info/202-login.php
:scheme
https
:method
GET
Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
x-xss-protection
1; mode=block
last-modified
Wed, 01 Aug 2018 07:31:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5b6161d8-1ca39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
49edc0cc99f36391-FRA
expires
Sun, 24 Feb 2019 21:15:05 GMT
flat-ui-pro.min.css
groupmediappv.info/202-css/css/ 		170 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://groupmediappv.info/202-css/css/flat-ui-pro.min.css
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e21637d3265f5d0979e0157399307828665b5b3cabb6e9fd350bee1491b3fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/202-css/css/flat-ui-pro.min.css
pragma
no-cache
cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904; PHPSESSID=7v772tmrunh7evf91eri6capk5
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
groupmediappv.info
referer
https://groupmediappv.info/202-login.php
:scheme
https
:method
GET
Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
x-xss-protection
1; mode=block
last-modified
Wed, 01 Aug 2018 07:31:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5b6161d8-2a9e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
49edc0cc99f46391-FRA
expires
Sun, 24 Feb 2019 21:15:05 GMT
custom.min.css
groupmediappv.info/202-css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://groupmediappv.info/202-css/custom.min.css
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04152e0458008ed9d39313f6999841b7978e0b3439bcf79b6c9b5bc3d91e6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/202-css/custom.min.css
pragma
no-cache
cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904; PHPSESSID=7v772tmrunh7evf91eri6capk5
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
groupmediappv.info
referer
https://groupmediappv.info/202-login.php
:scheme
https
:method
GET
Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
x-xss-protection
1; mode=block
last-modified
Wed, 01 Aug 2018 07:31:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5b6161d8-22a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
49edc0cc99f56391-FRA
expires
Sun, 24 Feb 2019 21:15:05 GMT
jquery-1.11.2.min.js
dp5k1x6z3k332.cloudfront.net/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp5k1x6z3k332.cloudfront.net/jquery-1.11.2.min.js
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.213 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-213.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
370ba5ff8c7574bc13c753f1313ec6702d2b466130af6b8c0aa31c3520f1efe7

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 22 Jan 2019 04:18:36 GMT
content-encoding
gzip
last-modified
Fri, 21 Dec 2018 06:54:39 GMT
server
AmazonS3
age
16957
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
A1n1qtGK00ZnOOKDQv5MKzafDMWBWB8C
status
200
content-type
text/plain
x-amz-cf-id
xyLKaBOQJY9YLjDl2gFogYZQcKIEKj2IXZi5VpHubR8wRoxFcZlTyA==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
jquery-ui.min.js
dp5k1x6z3k332.cloudfront.net/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp5k1x6z3k332.cloudfront.net/jquery-ui.min.js
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.213 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-213.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 23 Jan 2019 12:52:40 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2016 16:59:58 GMT
server
AmazonS3
age
16957
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
cHowRFnlrg8GwicFoiylN22YJ5h3Y5nH
status
200
content-type
text/plain
x-amz-cf-id
Ba1Df7UYTKBupIYgGjZSYA5CbVYQXrakASoWvTKOVR1mekmCQagYFg==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
bootstrap.min.js
dp5k1x6z3k332.cloudfront.net/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dp5k1x6z3k332.cloudfront.net/bootstrap.min.js
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.213 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-213.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 22 Jan 2019 04:18:36 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2016 16:59:50 GMT
server
AmazonS3
age
16957
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
8Lk8LCJKqkSblGbV3e4SpsyGaFKfS4LY
status
200
content-type
text/plain
x-amz-cf-id
J4XXaHW4XpFwOF00fcOZzYXo2_joujNq60x853kjUnsLmYcWVdYwDg==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
prosper202.png
groupmediappv.info/202-img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groupmediappv.info/202-img/prosper202.png
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc7d28f3e0679bb5c5c96450eaf4596867c870b0c52be7f735cd75c95fd76dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/202-img/prosper202.png
pragma
no-cache
cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904; PHPSESSID=7v772tmrunh7evf91eri6capk5
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
groupmediappv.info
referer
https://groupmediappv.info/202-login.php
:scheme
https
:method
GET
Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-length
2659
x-xss-protection
1; mode=block
last-modified
Wed, 01 Aug 2018 07:31:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5b6161d8-a63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
49edc0cc99f76391-FRA
expires
Sun, 24 Feb 2019 21:15:05 GMT
gpt.js
www.googletagservices.com/tag/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae8ece3c39b4f866bdcf6d2adcc408a9056e0cf9e875788ecf0557d0c3b7e5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"63 / 567 of 1000 / last-modified: 1548392533"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
10080
x-xss-protection
1; mode=block
expires
Fri, 25 Jan 2019 21:15:05 GMT
wallpaper202.jpg
dp5k1x6z3k332.cloudfront.net/ 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp5k1x6z3k332.cloudfront.net/wallpaper202.jpg
Requested by
Host: dp5k1x6z3k332.cloudfront.net
URL: https://dp5k1x6z3k332.cloudfront.net/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.213 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-213.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad590869798680bdb7a08e66c796e63d3747d925032aa32f3b2b70add96d38f2

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:06 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified
Fri, 01 Sep 2017 23:06:48 GMT
server
AmazonS3
etag
"fbc46f79084f0c55acacc2d9bb4e8501-1"
x-cache
Miss from cloudfront
x-amz-version-id
PqnOL9.vNuHdbkljSxp.3OBoyLmUAhTy
status
200
accept-ranges
bytes
content-type
image/jpeg
content-length
327505
x-amz-cf-id
1-Qu3A6_hoUC_0HLm33ynYe3ZwyEF-oyayMCIoDOj5HIHiJHHpPm_w==
lato-regular.woff
groupmediappv.info/202-css/fonts/lato/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://groupmediappv.info/202-css/fonts/lato/lato-regular.woff
Requested by
Host: dp5k1x6z3k332.cloudfront.net
URL: https://dp5k1x6z3k332.cloudfront.net/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e14b4e3561f0efd6d6f15d4ee390287527fdc30748a0c562f1bccd485464f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/202-css/fonts/lato/lato-regular.woff
pragma
no-cache
cookie
__cfduid=de23a2d228bcd2b12e08912b4ad2232d81548450904; PHPSESSID=7v772tmrunh7evf91eri6capk5
origin
https://groupmediappv.info
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
groupmediappv.info
referer
https://groupmediappv.info/202-css/css/flat-ui-pro.min.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://groupmediappv.info/202-css/css/flat-ui-pro.min.css
Origin
https://groupmediappv.info

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
content-length
35464
x-xss-protection
1; mode=block
last-modified
Wed, 01 Aug 2018 07:31:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5b6161d8-8a88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
49edc0ce2b1b6391-FRA
expires
Sun, 24 Feb 2019 21:15:05 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=groupmediappv.info
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=groupmediappv.info
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_294.js
securepubads.g.doubleclick.net/gpt/ 		182 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_294.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
d8091cb1c1d86abf86035e96d19f13c4f77f81d7e7d766992b353632de0a8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Jan 2019 15:47:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
63798
x-xss-protection
1; mode=block
expires
Fri, 25 Jan 2019 21:15:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=701645416641655&correlator=2648250968044676&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062452&vrg=294&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=1006305%2CP202_CS_Login_Page_288x200&enc_prev_ius=%2F0%2F1&prev_iu_szs=288x200&cookie_enabled=1&bc=15&abxe=1&lmt=1548450905&dt=1548450905438&dlt=1548450905051&idt=366&frm=20&biw=1600&bih=1200&oid=3&adxs=115&adys=454&adks=1334064552&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgroupmediappv.info%2F202-login.php&dssz=10&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=344x536&msz=288x-1&blev=1&bisch=1&ga_vid=1206444709.1548450905&ga_sid=1548450905&ga_hid=1128042252&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
8b326b0cbf309d87c3f5686da2b47f119851c9b6813a9f5e5eb1433437733a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://groupmediappv.info/202-login.php
Origin
https://groupmediappv.info

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4874
x-xss-protection
1; mode=block
google-lineitem-id
70352765
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257252474
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://groupmediappv.info
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_294.js
securepubads.g.doubleclick.net/gpt/ 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_294.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
798731f840c0e6d841e402bd70e2ce28847ec81da06fa9b2fb6aeed01e2aff1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Jan 2019 15:47:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
22341
x-xss-protection
1; mode=block
expires
Fri, 25 Jan 2019 21:15:05 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011901081935550/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011901081935550/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9308ef3b6562637c016c9d9d6e35e2d740a063f3c0aa6994356f442c173a61b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
869203
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
7789
x-xss-protection
1; mode=block
server
sffe
date
Tue, 15 Jan 2019 19:48:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"49f179ed2c2f557a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2020 19:48:22 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011901081935550/ Frame DAEE 		269 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011901081935550/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3e627aa12df20388a9a532f5ec8f629bc527e3d8e399aeb204afdb97ba4ee6be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
22841
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
87328
x-xss-protection
1; mode=block
server
sffe
date
Fri, 25 Jan 2019 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73c777a5e2a8da09"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2020 14:54:24 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011901081935550/v0/ Frame DAEE 		132 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011901081935550/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4199b6ce7abc8ab88a638fea10fb43afe53844f460f43d233039d99ee81710d3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1427538
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
42399
x-xss-protection
1; mode=block
server
sffe
date
Wed, 09 Jan 2019 08:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"058294078e573a60"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2020 08:42:47 GMT
truncated
/ Frame DAEE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e5b86c01ffbf0cb6790640e60abd2660c5d26c3553cb75f122663b3c452e408

Request headers

Response headers

Content-Type
image/png
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_294.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
984a88847ddf3e7f71d95a6a1eda6ceab590880cc4e8e2255444af02493ee533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Jan 2019 12:18:26 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28064
x-xss-protection
1; mode=block
expires
Fri, 25 Jan 2019 21:15:05 GMT
180157030099728287
tpc.googlesyndication.com/simgad/ Frame DAEE 		504 KB
505 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/180157030099728287
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5133e8f0af4287454c60b5795cf5dd7b7220a05cb6146be56ff8e0a219753cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 15 Jan 2019 19:49:28 GMT
x-content-type-options
nosniff
age
869137
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
516592
x-xss-protection
1; mode=block
last-modified
Tue, 15 Jan 2019 17:16:40 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2020 19:49:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DAEE 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCxLnJGwRP96rq_9swUdQWDiz4Fo_32zXYYBzPkI5ZURMNri6Hk3k10x_PSQ6drBWR88WHIlDTBES6XU1wMbo7QJi4pp1LhenzRAe6mIU6ko_JakAJ5hgM9QUTFDMMqlLsisFQw0CY0UGEIBHtPabQ_B5LXY5aGMJaOPIZ_G_3_-C1yHs8XnQ5aJZmvmH5WLps8ZY9r4LSze8i0-gcuFrBhdBYgG58Oi3TsI0eQcAgWt5uvAmQDJGAY6f14geZH_do7ga-SyUt5GL5V_LpxQ&sai=AMfl-YSUuMD2LYsrzD1FkaeyD5EX9rBeNqA6gwk3gehNyIUUQ1bitUm7vWzECJKfT33-0L5ppeuramhDUZdtkKsqwQkc8rr4vAvv_yoY8TNR6Q&sig=Cg0ArKJSzO0L15XwA6SZEAE&adurl=
Requested by
Host: groupmediappv.info
URL: https://groupmediappv.info/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 21:15:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 25 Jan 2019 21:15:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DAEE 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKaDwSt2pSNW1EabQgwSLd_MtosSNCmuYH90Gqtr8uS4-Eew-VRFT7onnYOtamHHuaJk8r9JC7zEyMR9VUZ5UUAYagij_4dUupLlo&sig=Cg0ArKJSzLBj5e6PcoK3EAE&id=ampim&o=115,454&d=300,300&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=135&tls=1136&g=100&h=100&pt=19&tt=1136&rpt=19&rst=1548450905431&r=v&adk=1334064552&avms=ampa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://groupmediappv.info/202-login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jan 2019 21:15:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
r
amp-error-reporting.appspot.com/ Frame DAEE 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011901081935550/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://groupmediappv.info/202-login.php
Origin
https://groupmediappv.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Jan 2019 21:15:06 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| eventMethod2 function| eventer2 string| messageEvent2 function| $ function| jQuery object| jQuery11120249471346536408 object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming object| google_reactive_ads_global_state undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

3 Cookies

Domain/Path Name / Value
groupmediappv.info/ Name: PHPSESSID
Value: 7v772tmrunh7evf91eri6capk5
.groupmediappv.info/ Name: __gads
Value: ID=bcc2761cca50a6e0:T=1548450905:S=ALNI_Mb1eotgobRjKY13loU7OZ73mbk_4w
.groupmediappv.info/ Name: __cfduid
Value: de23a2d228bcd2b12e08912b4ad2232d81548450904

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/011901081935550/amp4ads-v0.js(Line 552)
Message:
Powered by AMP ⚡ HTML – Version 1901081935550
console-api error URL: https://cdn.ampproject.org/rtv/011901081935550/amp4ads-v0.js(Line 148)
Message:
localStorage not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
cdn.ampproject.org
dp5k1x6z3k332.cloudfront.net
groupmediappv.info
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
143.204.98.213
216.58.205.226
2606:4700:30::681c:1613
2606:4700:30::681c:1713
2a00:1450:4001:806::2002
2a00:1450:4001:815::2001
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2014
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
2fc7d28f3e0679bb5c5c96450eaf4596867c870b0c52be7f735cd75c95fd76dc
370ba5ff8c7574bc13c753f1313ec6702d2b466130af6b8c0aa31c3520f1efe7
3e5b86c01ffbf0cb6790640e60abd2660c5d26c3553cb75f122663b3c452e408
3e627aa12df20388a9a532f5ec8f629bc527e3d8e399aeb204afdb97ba4ee6be
4199b6ce7abc8ab88a638fea10fb43afe53844f460f43d233039d99ee81710d3
5133e8f0af4287454c60b5795cf5dd7b7220a05cb6146be56ff8e0a219753cc3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
798731f840c0e6d841e402bd70e2ce28847ec81da06fa9b2fb6aeed01e2aff1c
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
7e14b4e3561f0efd6d6f15d4ee390287527fdc30748a0c562f1bccd485464f3a
8b326b0cbf309d87c3f5686da2b47f119851c9b6813a9f5e5eb1433437733a23
9308ef3b6562637c016c9d9d6e35e2d740a063f3c0aa6994356f442c173a61b8
984a88847ddf3e7f71d95a6a1eda6ceab590880cc4e8e2255444af02493ee533
ad590869798680bdb7a08e66c796e63d3747d925032aa32f3b2b70add96d38f2
ae8ece3c39b4f866bdcf6d2adcc408a9056e0cf9e875788ecf0557d0c3b7e5c0
b04152e0458008ed9d39313f6999841b7978e0b3439bcf79b6c9b5bc3d91e6aa
cd0f64dda618c7db39873b07aaf35fd64592cae8a6ae7fea3ce352016828744e
d1e21637d3265f5d0979e0157399307828665b5b3cabb6e9fd350bee1491b3fd
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d8091cb1c1d86abf86035e96d19f13c4f77f81d7e7d766992b353632de0a8cc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5