urlscan.io logo urlscan.io
SecurityTrails logo

beauty-cf2.tech Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Effective URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Submission: On August 14 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is beauty-cf2.tech.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.
This is the only time beauty-cf2.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 188.114.97.3 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
29 5
Apex Domain
Subdomains		 Transfer
23 beauty-cf2.tech
beauty-cf2.tech
589 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
1 gstatic.com
www.gstatic.com
2 KB
0 Failed
function sub() { [native code] }. Failed
29 5
Domain Requested by
23 beauty-cf2.tech beauty-cf2.tech
2 www.facebook.com beauty-cf2.tech
2 connect.facebook.net beauty-cf2.tech
connect.facebook.net
1 www.gstatic.com beauty-cf2.tech
0 invalid Failed beauty-cf2.tech
29 5

This site contains no links.

Subject Issuer Validity Valid
beauty-cf2.tech
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-24 -
2024-08-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Frame ID: B3E47E89D202D3E48D2550C545B004D7
Requests: 28 HTTP requests in this frame

Frame: https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/saved_resource.html
Frame ID: 891193E1306FE0356A650590C4388EE9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grovi gel

Page URL History Show full URLs

  1. http://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=9711418... HTTP 307
    https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=9711418... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

667 kB
Transfer

1012 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611 HTTP 307
    https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beauty-cf2.tech/grovilow/me/grovilowv5/
Redirect Chain
  • http://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
  • https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
50 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c710365f15f49d23d68ad5f59262d016fff112ff20bdfa2e6d6efa600c3ecb5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b33089138f4baa9-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Aug 2024 18:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXFL86AaOwFJHICvdFN9NsUIECfZa7LBDjMmqr0JXpBCzwLwsh13gya7SDQND1Q3RHbogBPhVPIUJu3kG2pP1dun6j0nN5B0klCLAx9vtO1u3KppvcotMrUq4ZK4KngO9fo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000

Redirect headers

Location
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Non-Authoritative-Reason
HttpsUpgrades
t-font-face-link.css
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		999 B
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba09bfd36216ca58fb2d60809bc704157b4c81f58fd0f9f6ebb4e05c84b83452
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-3e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wkjKukFvlTzWczpizmhnT903X56R4rqnmFXFWF%2B3FBxifyetb7DVSU2lfd1P6Z%2B8BawJCOFS4rqij5IaiorlwDiqQxWqwSVnpqA0uTc08p2qztiycPN%2BtJdttnr%2B%2FY2cEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b3308930bd5baa9-MXP
alt-svc
h3=":443"; ma=86400
style.css
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/style.css
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15ddbc0081f46f7d6c5afe1bb61fbfa6e0103a9f0ae8ffc8d504f97df91f00d0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-251f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHCb%2FDQXLOBA0aCyIlSTro6G4491T5GEfWNEFFNkbI4BZe2XqmvsITdkVvhXzS2Z5yWWj3CvaGlbvX%2F58ub0uK6ytZ%2BnmPaswnRSQSWWE%2BsVQIZBCsJC6pD5pag1e%2FjX9sk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b3308930bdabaa9-MXP
alt-svc
h3=":443"; ma=86400
custom-wheel.css
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/custom-wheel.css
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6db61d63ac3b8f0a9bee71a551649fc72552476094d04eed11cb530f6a690d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-3361"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnNskV4lxs%2BnjqPBQ1ZInlyB7h4P5QcjcWvR8ATOJq6VcSZKgY8lSGz%2FdplT57YINLstkRFErx0QdZpXUU9hSVDS3C1E3Dx%2B5Ilk1gNk5V7DmvQGKmmtHncwyPjNmFbHxL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b3308931bdebaa9-MXP
alt-svc
h3=":443"; ma=86400
jquery-1.12.4.js
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/jquery-1.12.4.js
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-17b8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1OU8XaOUCFd57pa8zxi23v46j6zhKT13W65L1qJHcikBv422%2FdzmQe2u94UhtHmcXLTYSdHSSE2gzwG92yPSjRFCGnUBVJwpqxjIaUm4kHt9uP3v0PHTnNyjuF%2FTK2FdAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b3308931bdfbaa9-MXP
alt-svc
h3=":443"; ma=86400
custom-wheel.js
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/custom-wheel.js
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79430b7c728cdbbd4e05212f1abb4c3540ce3cf766273bc5ce6233f74211c774
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-1ace"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR9zyugtFMWV22UFJdnh5RLwUcpUHEt9fCIrJlJzUkyZNW1WSJf%2BnEMiNWKj%2Fi3Gl2aNmnv81upJoHk6iqUFHjlrLPb%2FsHa%2FUM8jqqTugdWJgW173BTvHqv2160BGRm4L%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b3308931be2baa9-MXP
alt-svc
h3=":443"; ma=86400
9.js
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/9.js
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b634deb0f0217a01a40cfc29149f6ee352955c1a806b12656a16d31fec9df706
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-2df4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9DdoybISKb8DNJBII5zAKVMD2WQpoFZn%2B1kl%2FkDZIjuCbYuoj5%2BgZJFbi8OzVIWl5MugVlxj5SxxVRoW2baLU2CQfa7uwJbt41e2YxPB2v2M4%2Fh%2BzZPYximYuwT1uaBRoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b3308931be4baa9-MXP
alt-svc
h3=":443"; ma=86400
/
invalid/ 		0
0
translateelement.css
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/translateelement.css
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8103afda475c49cc7977f82b1677cc9ac947f1a59741030c06b779c713932f18
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"65562360-4925"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ySSJ6DOCjv3KyDHbsOYC2F2uXQMWqzMu91bul1DbMkz22GQ5YvXponctG3KY2%2B7v3uTDXXz1wGp7T7E26qE7TgWhk1jXyyZmrN12iYin5Jr0HnP14JrdSwykDJmzvhlWHwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b3308931beebaa9-MXP
alt-svc
h3=":443"; ma=86400
logo.png
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/logo.png
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6cece927e2d5ece0c7ae320ef9615a238314eff5cb9840bc8960bdce3310cb2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
2581
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-a15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDv0e%2BFOqJy3Tru1RFawpM%2BEKtkR4FgmQppcNBrrzjJndOxQ4%2F3luWREhnaatlo18x7K9H4a6voxEFIE3rL9L0mrJuJEt82ng5V9IWbE1i02bDvlkFYTQfYVm0NXNWF2jI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b3308931bf1baa9-MXP
img02.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/img02.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c339709aebe5d0bf3a5e76c9289b603a51ed6114293bc5481a627bf275b83605
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
48701
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-be3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=167HR8gerBJ3A1tTYU5WSs2na%2Fz5aZ3GBGrSd4dl3DUxj6Zdo5ciHJWbm45TEB8m6WW2tKrYL7IPfBARzQpNXjX9s0qIZFaS9XbAM8kDxgL%2FQBCT3zqJWca9FJ1EAgKesds%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b3308931bf5baa9-MXP
photo_1.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/photo_1.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b1d83aed8954b71884faf345550f61dcebd3cf86380ba5ed07e80ebf3e8588
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
47318
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-b8d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCwMUrtfXhMM0Ai3UasC7j6KyY96EkfW%2BT8l7dyq7YJAOjr%2B4vzRN3%2BBkIHaa858A6%2B4jN4mnYkEmvTuBKuQw66OXPZJ3xW1O0KcOYD7PE%2BvYeCfZe%2BfgH5w0zPN9ltJjcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893acb3baa9-MXP
img06.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/img06.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
824834ef587f5415ee0023fd33483db5cca24a6664ca70ff1b76393130e0a551
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
171490
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-29de2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JW%2BUe2oAusPeWl629hgpVVcb2jE%2FCHXzbmSSwNvykcyUorGHzgASF9egeiAcyHCkr19Tzf4uvtDiCi0vup4Oioz2F2Z%2BGaaGQLjKZpdk7Ikz41n0k3yMf70Qcev0x4Ttotw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893bccfbaa9-MXP
photo_3.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/photo_3.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5973ff96320213047ac60aca7f82336ced318ee707da670e55a486bc3c7c28
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
176974
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-2b34e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8st33uXZmRUvlhszn%2F4Pdk7ZFD7%2B0Ug8QLo8Q7azLdkYIaqP6eWFwAKWQ1SyI0Xu6w8S6eRMfOcVEf9MzPOo28PpN3saB9dafV8yn4nG5Dufux%2BfoHiUYMBRF07O2%2FoCR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd0cbaa9-MXP
prod.png
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/prod.png
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e891d5d3e8c9737980eddaf3d38e45a897d578b7b24ad79b554d0eb0eb44fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
79009
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-134a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZxUPFDjny1th295bLJDBUE5aj4N0jPcNQR%2BlBqjRxXBKn7SEW6nW8Vht8nFV0f0GRbCSCRTb2CghTkpY8zWjv2PUmWLDnkiW7Vv%2FPztBKKR%2FIaQ85H2wemMw6A%2FWZYK3kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd10baa9-MXP
user.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		694 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/user.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524390ab15c2b8f6e842d0e806d5dea9fd370a4e2ab5f5507e6e3f8c03bf9ee0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
694
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-2b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9NrtWuF8KRRNPlc5Ufz2iMd31ZPL%2FJ4lMTnfdllcYCIH0IhsgKUKQxsWAoOBdDH7yCFkV7XiTtvD7Tm%2BUE%2F%2Fp2G9wRkVw%2F%2Brqc57o5pcDHeyqxeUqznsuCuzrSrSIj5FvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd14baa9-MXP
ava_1.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ava_1.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8159f62e81d7f1ee90182b8e871b17e1ca4c73890742fd337167eacadec4b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
1158
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-486"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rn7mwr9g8dE6jbMFurc837w4xO3qMtYFOH5vFSjZwEBwSXC1LQP6gDkD1CEtnvF%2FMlcOMHEBnPmBepYXf3eDLErljoVwLij4xutOke4epnD7fgNSftOofdQlYkDqTATBoSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd16baa9-MXP
ava_2.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ava_2.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2ee04c93661f0913977397422e878c9c0653731b8d67f8c20a6e4ea88a6a1b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
1149
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-47d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2Fv6Tqb6DpJ0YDAHuGmYDJ%2FXSEC9OUfbvXBEwyCorIprUE3Ap7h6bZ%2BbSyFjvhEACpPueTXZ1Z5cGiXvUcnXMga9UICClQXvwjUX01kbPsQTaiChi5%2B6VDq036qmV8hQYBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd18baa9-MXP
ava_3.jpg
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ava_3.jpg
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08ddb51f92cc6a43ef20d61940f8ceb3ce35412a3cc09c4c75f490f76762801
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
1174
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-496"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSug8L6a7eewoRIKcPXPj4v09c5FIWTmjA%2BcqLIfqW%2Fu1HLun5WmOiTOA46CDKCp1szsdUjzN6HdsqY5QigJ8lxZaS8IP%2BP0TXvphWcVXA%2B0hmkYuVVJhh6cKcT%2FPGr61So%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd1cbaa9-MXP
translate_24dp.png
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/translate_24dp.png
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:28 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538
alt-svc
h3=":443"; ma=86400
content-length
846
last-modified
Thu, 16 Nov 2023 14:12:48 GMT
server
cloudflare
etag
"65562360-34e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdgqWZRab0Rvr8Ccrv75IALkUh%2Fmnn%2BSl1eNqzxvV54E9c6K%2FddOxILDVluQA4BZtdZig1xFm7LlU7k1Em7V1mFtAaFqwbwnOn%2BtX1ZiR4gFvolS8JAsLAgRGlkivWZK%2Bxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b330893dd1fbaa9-MXP
saved_resource.html
beauty-cf2.tech/grovilow/me/grovilowv5/index_files/ Frame 8911 		548 B
527 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/saved_resource.html
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b330893ed35baa9-MXP
content-encoding
br
content-type
text/html
date
Wed, 14 Aug 2024 18:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SX%2FRoOhto1zagmUIolod7RbieZBE6QaRSUkyvQ2KBNR8u1oJowREdnFi%2Fa81hwMpp2hNxHOnXuDwMl0CpC7jkcmpcWAchtspBhvaLl%2BHK00%2FKlOykOgZuJGqq03iC71wKfI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Origin
https://beauty-cf2.tech
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:29 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzvOjWWCrLsDNjdBKaZj10Y8fEC3uZ0wfo9c7rA0QAOmi2zoOFJUzvRUd1B4Rr1Sl64Oim%2Fvjro6K94Wm3sq33YygcH%2FawRyPUqBvfhXN0Pvjjrf%2FzgYMEAWZe5XRn3JqWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b3308945dcebaa9-MXP
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://beauty-cf2.tech/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Aug 2024 18:33:29 GMT
document-policy
force-load-at-top
x-fb-server-load
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=13, mss=1208, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
xMxboc6nrrAKjGxBWib4uAEXCR+M4Sdu2cGhWCuGSfsKWue5NXOnqyMv4PXsz6j9IHelW8A+6fvei5nXERUSJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beauty-cf2.tech/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 12:53:16 GMT
x-content-type-options
nosniff
age
20413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 14 Aug 2025 12:53:16 GMT
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff
beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Origin
https://beauty-cf2.tech
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iqw7VBCu65FrbTLtOwUmZyIH3v9iSlTBiYZpvvhRqTmgig%2BAae3ifU4zGv3aVDRujMQctWkp8NyEzMVHqHiO63FP4A5tmIbm9MpCWP460NKH3iu2t27GgOF8LRqq7oZamPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b330910a9a0baa9-MXP
alt-svc
h3=":443"; ma=86400
971141895018611
connect.facebook.net/signals/config/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/971141895018611?v=2.9.164&r=stable&domain=beauty-cf2.tech&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23560f7a5b0e91dbbcdb01a558b0cf3e63b05616a68951baddd1880da75adb32
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://beauty-cf2.tech/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Aug 2024 18:33:49 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=70, mss=1208, tbw=64450, tp=-1, tpl=-1, uplat=227, ullat=0
pragma
public
x-fb-debug
vDekS3Vjcl3/SWkCz2bT66rAYD3ekKU+Qu2C5BiRQ9s3yCyOObokG0Mb/rYiHI2/vXNtYM0kMuWn6rhClVldnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.ttf
beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.ttf
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/t-font-face-link.css
Origin
https://beauty-cf2.tech
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 18:33:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgS7vrBgm49BZU2%2FCsergkcwEIoB2%2BdjCua6npywY%2F5%2Bv%2Ftx86XCeqjzuoLhRIb9ItdOmgBew1%2B7epoCH%2FwUxJUJKDtL9Y2SbB3b2LYusRXJBZXX1IXpPj%2B3oA1rj2wnZeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b3309119b29baa9-MXP
alt-svc
h3=":443"; ma=86400
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=971141895018611&ev=PageView&dl=https%3A%2F%2Fbeauty-cf2.tech%2Fgrovilow%2Fme%2Fgrovilowv5%2F%3Futm_campaign%3D3%2F2%26utm_content%3D3%26flow%3D11606%26fb%3D971141895018611&rl=&if=false&ts=1723660429251&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723660429250.954297829541120628&ler=empty&cdl=API_unavailable&it=1723660428920&coo=false&rqm=GET
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://beauty-cf2.tech/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1320, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Aug 2024 18:33:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=971141895018611&ev=PageView&dl=https%3A%2F%2Fbeauty-cf2.tech%2Fgrovilow%2Fme%2Fgrovilowv5%2F%3Futm_campaign%3D3%2F2%26utm_content%3D3%26flow%3D11606%26fb%3D971141895018611&rl=&if=false&ts=1723660429251&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723660429250.954297829541120628&ler=empty&cdl=API_unavailable&it=1723660428920&coo=false&rqm=FGET
Requested by
Host: beauty-cf2.tech
URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/?utm_campaign=3/2&utm_content=3&flow=11606&fb=971141895018611
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://beauty-cf2.tech/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 14 Aug 2024 18:33:49 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403065172923042180", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1320, tbw=3107, tp=-1, tpl=-1, uplat=189, ullat=0
pragma
no-cache
x-fb-debug
MPg6nqfhcukFGMZhVsdMOISuodfufYZepyba/l249nbgWmG/MsViuRJSNswkPROEBKurVlcU62sSddpZ2ctqpQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403065172923042180"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| months_localized object| days_localized function| AdcLandDate function| getLocalizedEntity function| dtime_nums function| dtime function| dtimes function| noregret function| trytosee function| fbq function| _fbq

3 Cookies

Domain/Path Name / Value
beauty-cf2.tech/grovilow/me/grovilowv5 Name: randDate
Value: 1721068408920
beauty-cf2.tech/ Name: 3e19110dbf64aa6bc39a671320358a39282bc32e
Value: eNqrVipNVrJSMo7RN1LSUSrNA7GBjLQcJStDQzMDMx2lAiCzWiktCShjaW5oaGJoYWlqYGhhZmioVFsLAOXZDxc_
.beauty-cf2.tech/ Name: _fbp
Value: fb.1.1723660429250.954297829541120628

5 Console Messages

Source Level URL
Text
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/index_files/saved_resource.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://beauty-cf2.tech/grovilow/me/grovilowv5/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beauty-cf2.tech
connect.facebook.net
invalid
www.facebook.com
www.gstatic.com
invalid
188.114.97.3
2a00:1450:4001:829::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
15ddbc0081f46f7d6c5afe1bb61fbfa6e0103a9f0ae8ffc8d504f97df91f00d0
23560f7a5b0e91dbbcdb01a558b0cf3e63b05616a68951baddd1880da75adb32
4c710365f15f49d23d68ad5f59262d016fff112ff20bdfa2e6d6efa600c3ecb5
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
524390ab15c2b8f6e842d0e806d5dea9fd370a4e2ab5f5507e6e3f8c03bf9ee0
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
6e6db61d63ac3b8f0a9bee71a551649fc72552476094d04eed11cb530f6a690d
73e891d5d3e8c9737980eddaf3d38e45a897d578b7b24ad79b554d0eb0eb44fe
79430b7c728cdbbd4e05212f1abb4c3540ce3cf766273bc5ce6233f74211c774
8103afda475c49cc7977f82b1677cc9ac947f1a59741030c06b779c713932f18
824834ef587f5415ee0023fd33483db5cca24a6664ca70ff1b76393130e0a551
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
a6cece927e2d5ece0c7ae320ef9615a238314eff5cb9840bc8960bdce3310cb2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae5973ff96320213047ac60aca7f82336ced318ee707da670e55a486bc3c7c28
b634deb0f0217a01a40cfc29149f6ee352955c1a806b12656a16d31fec9df706
ba09bfd36216ca58fb2d60809bc704157b4c81f58fd0f9f6ebb4e05c84b83452
ba2ee04c93661f0913977397422e878c9c0653731b8d67f8c20a6e4ea88a6a1b
c2b1d83aed8954b71884faf345550f61dcebd3cf86380ba5ed07e80ebf3e8588
c339709aebe5d0bf3a5e76c9289b603a51ed6114293bc5481a627bf275b83605
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e08ddb51f92cc6a43ef20d61940f8ceb3ce35412a3cc09c4c75f490f76762801
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb8159f62e81d7f1ee90182b8e871b17e1ca4c73890742fd337167eacadec4b8