video3446.grooveblog.com Open in urlscan Pro
2606:4700::6812:e03 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cqo.be/to6n8
Effective URL:
https://video3446.grooveblog.com/?v=4
Submission: On October 22 via manual (October 22nd 2021, 6:05:51 pm UTC) from FR — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2606:4700::6812:e03, located in United States and belongs to CLOUDFLARENET, US. The main domain is video3446.grooveblog.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2021. Valid for: a year.

This is the only time video3446.grooveblog.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:161a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:e03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3037::ac43:dafe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::ac43:a12f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
26	10

1 2606:4700:3035::6815:161a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cqo.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:e03 (United States)

ASN13335 (CLOUDFLARENET, US)

video3446.grooveblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:dafe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2bpr.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	grooveblog.com video3446.grooveblog.com	13 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
2	fbcdn.net static.xx.fbcdn.net	3 KB
2	2bpr.xyz 1 redirects 2bpr.xyz	10 KB
2	unpkg.com 1 redirects unpkg.com	163 KB
2	cloudflare.com cdnjs.cloudflare.com	9 KB
1	amung.us whos.amung.us	27 B
1	imgur.com i.imgur.com	9 KB
1	cqo.be 1 redirects cqo.be	3 KB
26	10

	Domain	Requested by
10	video3446.grooveblog.com	video3446.grooveblog.com
4	fonts.googleapis.com	video3446.grooveblog.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	static.xx.fbcdn.net	video3446.grooveblog.com
2	2bpr.xyz	1 redirects video3446.grooveblog.com
2	unpkg.com	1 redirects video3446.grooveblog.com
2	cdnjs.cloudflare.com	video3446.grooveblog.com
1	whos.amung.us	video3446.grooveblog.com
1	i.imgur.com	video3446.grooveblog.com
1	kit.fontawesome.com	video3446.grooveblog.com
1	cqo.be	1 redirects
26	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-26` - `2022-01-25`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://video3446.grooveblog.com/?v=4
Frame ID: 4B12F2BC6657C8206B0D092328B9CFC8
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cqo.be/to6n8 HTTP 301
https://video3446.grooveblog.com/?v=4 Page URL

Page Statistics

26
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

233 kB
Transfer

2209 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cqo.be/to6n8 HTTP 301
https://video3446.grooveblog.com/?v=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/tailwindcss@%5E1.0/dist/tailwind.min.css HTTP 302
https://unpkg.com/tailwindcss@1.9.6/dist/tailwind.min.css

Request Chain 7

https://2bpr.xyz/async?&user=Wason07&html=mobile HTTP 301
https://2bpr.xyz/async/?&user=Wason07&html=mobile

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
video3446.grooveblog.com/
Redirect Chain

https://cqo.be/to6n8
https://video3446.grooveblog.com/?v=4

55 KB
7 KB

343ms
257ms

Document
text/html

2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef561f912604eb47ec5a3697da4c7f2811f58a7dd485742c56fa800e5a02406

Request headers

:method: GET
:authority: video3446.grooveblog.com
:scheme: https
:path: /?v=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-type: text/html
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a24a7da4a70f923-MXP
content-encoding: gzip

Redirect headers

date: Fri, 22 Oct 2021 18:05:45 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
location: https://video3446.grooveblog.com/?v=4
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; preload
content-security-policy: default-src 'self'; connect-src 'self' https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://onesignal.com https://*.onesignal.com https://yoast.com https://*.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://*.google.com https://*.google-analytics.com https://onesignal.com https://*.onesignal.com https://*.googlesyndication.com https://wcs.naver.net https://*.google-analytics.com https://*.google.co.kr https://*.doubleclick.net https://*.gstatic.com; img-src 'self' data: https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://*.google-analytics.com https://secure.gravatar.com https://wcs.naver.com https://*.doubleclick.net https://*.w.org/ https://wordpress.org/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://onesignal.com; font-src 'self' data: https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://fonts.gstatic.com; frame-src 'self' https://*.doubleclick.net https://*.youtube.com https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://*.google.com; object-src 'none'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83kvbf7PxdDSa0Na1m%2BcD0WIJayDPhST1KOHSf9xBiLTGmaE%2Byb0Fa%2FnS%2FMXa6%2Ba3VdeswK3sDWHfPsjKWnLIODZKPa%2B3KCpLSSMlKdnCt7jy%2B623DTtHf9dMI%2FrFk7ieECk2oM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a24a7d75b1b3742-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 66ms
36ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e7647a48d4.js

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://video3446.grooveblog.com/
Origin: https://video3446.grooveblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6a24a7dbf91a6939-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FrBSixBHpCZyELpqbAVB

GET
H2 200 mustache.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.1.0/ 9 KB
3 KB 39ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.1.0/mustache.min.js

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452b32f99948d551d5c7b6c6a5e4ddb8935e6413d2755c4e2cfe09aba75ff68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5153609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2384
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f29-23ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKlaAlKvCfAglNLcXtAQMk9j9H%2BsFG%2FJm9tT1vUbc5R6P%2FVYoM1QxHpI47sXcCowuyUo1uziBVYlJ3uXsxf9K0WN25J%2FYR7QQXMzEejTWZ7cAuLjHs%2FYxt7bLImaEZXKhyCppeKU2iZ7v%2BLOQV6j%2FZk3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a24a7dbebaf7046-FRA
expires: Wed, 12 Oct 2022 18:05:46 GMT

GET
H2

200

tailwind.min.css
unpkg.com/tailwindcss@1.9.6/dist/
Redirect Chain

https://unpkg.com/tailwindcss@%5E1.0/dist/tailwind.min.css
https://unpkg.com/tailwindcss@1.9.6/dist/tailwind.min.css

2 MB
162 KB

36ms
36ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tailwindcss@1.9.6/dist/tailwind.min.css

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18478662
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1e0602-+7g5GxBqQ0BFI5Mmd9f2Ke69Z3U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 633cb77615179598b3e70e3d12cba5cf
cache-control: public, max-age=31536000
cf-ray: 6a24a7dc1c54435d-FRA

Redirect headers

date: Fri, 22 Oct 2021 18:05:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FJMJS7XK8JMP1YHV4KAEFDB7
server: cloudflare
age: 100
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /tailwindcss@1.9.6/dist/tailwind.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a24a7dbfc17435d-FRA
access-control-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
756 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 17:47:48 GMT
server: ESF
date: Fri, 22 Oct 2021 18:05:46 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 22 Oct 2021 18:05:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
671 B 41ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9bcb14eb9a8f58d76f9ce83393c299c1e3a06169e6990b9c8cd4e0ef70e53aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 17:58:52 GMT
server: ESF
date: Fri, 22 Oct 2021 18:05:46 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 22 Oct 2021 18:05:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700&display=swap

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

beb3786141808cd77d5b8c076a6ec78804558a92452d087a2f084ef69e5e4453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 17:40:35 GMT
server: ESF
date: Fri, 22 Oct 2021 18:05:46 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 22 Oct 2021 18:05:46 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 33ms
15ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5157163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HKxsnuex4rCzwMj6C932QFjrBLZEXwNvCU4P0y6vOyiXshay4SBm1voCRp5OsoeWLMn9Z4Fz1EfkV6VbC5frxnj0BIi4IWUCf159QSLPhYxS5iByOWLnC6bPHmbcfCFa3kUzZaLY7sJLy79ddcjMO6Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a24a7dbebab7046-FRA
expires: Wed, 12 Oct 2022 18:05:46 GMT

GET
H2

200

/ Show response
2bpr.xyz/async/
Redirect Chain

https://2bpr.xyz/async?&user=Wason07&html=mobile
https://2bpr.xyz/async/?&user=Wason07&html=mobile

43 KB
9 KB

623ms
623ms

Script
text/html

2606:4700:3037::ac43:dafe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2bpr.xyz/async/?&user=Wason07&html=mobile
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dafe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: f87d6b287a054c081b661f8460089dd02a69f5f31ec051ac36f11d6c54d0154a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRW1nx7yX3z4VZIQ1RgM6E4cSr6l5OxJS%2FY23rqCiJXltvf1LD7DlAjz%2FA7osN9KL9T9%2FsBB3x64J8B4sS3c15uPkaqwNJ3yNSxhYXYp%2FDyB0OClUa%2FMUjRaclLfm%2BiBe8kZxTJJrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 6a24a7e10d9b59d1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Fri, 22 Oct 2021 18:05:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLe1udtAZYuSwQPzQz7GeXdR6LrfqD9mBIjYACAucH2lkhb5sQnv%2BPmfAJsFG2xO0itryARrgxW1jVTzMYNC7ykRe6qhxLm9QWCHh%2FzU4YgFLxSkMJEOp3InPoe1zmLzL%2BmLdzbY7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://2bpr.xyz/async/?&user=Wason07&html=mobile
x-turbo-charged-by: LiteSpeed
cf-ray: 6a24a7dc9a0659d1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 77ms
28ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
via: 1.1 b6c77de995859d945c2d7fed268670b2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1213
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev%2BCZks1mHiMUgui7rCbBci8rE9s2juT7IStek7%2BX%2B8RtPuDnQ0se0LT4EhHCdF4Ze6yJuv1jaKUf1KZbIcolSfHn2CdjtT1Hx%2B0l9ei2Db1H0rBzS7WKHjX0Ms1njsSPE0cZFmCZ36p88JluGSIlOG4UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 6a24a7dc9e415a25-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: lmiZSrdkRlrl7XQ_ZwuzIT_Md1KUPnBljR6K1hwjCIiQ3u8n2_GQqA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 82ms
34ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
via: 1.1 e99fe2b78fa4752ff3db0f5bbeab2863.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1213
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfaGXv9Tc70F4V2gXWb1s5tRwBBDZOIkrHoHS391NA7rmAjpduraoVF0%2BADgSdd9KM4oJJZJGkigVQXA52MrYNCJgAC0VBXUxaIJ8lacD4lWBuPRts5UoeMVdarUzMZK8t257W%2F3xRUuuLTw%2B%2BPqlLf%2FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 6a24a7dc9e425a25-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9wzChvivlHtTh9TCXMEQZ_Ln8QzVGnxT_npFTcqkQSyU_mopwqo-JQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 79ms
30ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
via: 1.1 0b3aabf27b5332d4cc604adbe2f7f804.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1213
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imnceGIjVBU%2BljryGXZtRtDUXlNhoEPA0X80yhoprdJxirYb4cbR1frdRzavMKXRMfP45QmosEEUSMIYC0q0uX9GGI06dx7M2lsD8NVHrbm1TCeRorh55%2FAQEYqi39dejWLfCz4qmmj4Ic4bwJdfn1u8Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 6a24a7dc9e455a25-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: vzaimgx7AF-5dPZNYqzu324wmBEKN1mFTpIQND6k6cl0Ktv-r1Xuyg==

GET
H2 200 version.js Show response
video3446.grooveblog.com/js/ 129 B
266 B 235ms
234ms Script
application/x-javascript 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/js/version.js?v=1634925946000
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64faecb3252d8ceb331f6942b83f288c37210f5350a3a7a3b52f6c16e8471cc6

Request headers

:path: /js/version.js?v=1634925946000
pragma: no-cache
origin: https://video3446.grooveblog.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://video3446.grooveblog.com/?v=4
Origin: https://video3446.grooveblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
etag: W/"61728831-81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6a24a7dceda9f923-MXP
expires: Fri, 22 Oct 2021 22:05:46 GMT

GET
H2 200 style.css
video3446.grooveblog.com/css/ 11 KB
2 KB 32ms
32ms Stylesheet
text/css 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/css/style.css?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f65445eada0a4eb45baa9aaa572982ce7c907dd098e866daf6cf3b301fcf44

Request headers

:path: /css/style.css?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
age: 1212
etag: W/"61728831-2ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 6a24a7de6f7df923-MXP
expires: Fri, 22 Oct 2021 22:05:46 GMT

GET
H2 200 blogpostlist.json Show response
video3446.grooveblog.com/json/ 7 KB
1 KB 245ms
245ms Fetch
text/plain 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/json/blogpostlist.json?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adcc462cfb07093f7ce07d68b9a6c004c5a273f292f138a2811d17f777be8027

Request headers

:path: /json/blogpostlist.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:20 GMT
server: cloudflare
etag: W/"61728830-1afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a24a7de6f80f923-MXP
expires: Fri, 22 Oct 2021 19:05:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
588 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito&display=swap

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/css/style.css?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2483fa39123610a3b3a0111663a4211fdf03d173d9f4c670ba40eb726314844f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 16:17:36 GMT
server: ESF
date: Fri, 22 Oct 2021 18:05:46 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 22 Oct 2021 18:05:46 GMT

GET
H2 200 setting.json Show response
video3446.grooveblog.com/json/ 996 B
696 B 228ms
227ms Fetch
text/plain 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/json/setting.json?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0993948f76f9b7143450a40962b280ecf3f27450c06af5a13d1a0768ff9cb171

Request headers

:path: /json/setting.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
etag: W/"61728831-3e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a24a7dfe98ef923-MXP
expires: Fri, 22 Oct 2021 19:05:47 GMT

GET
H2 200 navigations.json Show response
video3446.grooveblog.com/json/ 1 KB
361 B 227ms
226ms Fetch
text/plain 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/json/navigations.json?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5ad6c3fb2d2b5b008a746dbe9328dffc39905d3cdc9e0e4ef3ce56ea2b5ab7

Request headers

:path: /json/navigations.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
etag: W/"61728831-4bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a24a7e15b3bf923-MXP
expires: Fri, 22 Oct 2021 19:05:47 GMT

GET
H2 200 categories.json Show response
video3446.grooveblog.com/json/ 1 KB
371 B 228ms
228ms Fetch
text/plain 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/json/categories.json?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d258f0d3f2ac658f42ecda0d26693398ddf51ed8921070f51ece4fe97cd1b963

Request headers

:path: /json/categories.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
etag: W/"61728831-415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a24a7e2dd1af923-MXP
expires: Fri, 22 Oct 2021 19:05:47 GMT

GET
H2 200 header.html Show response
video3446.grooveblog.com/templates/ 2 KB
793 B 224ms
224ms Fetch
text/html 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/templates/header.html?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f47045dc97d9cff6626bc48248cdb9a778351a7c69d709dcf1004fbbd68b8e4f

Request headers

:path: /templates/header.html?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
cache-control: max-age=3600
cf-ray: 6a24a7e44edaf923-MXP
expires: Fri, 22 Oct 2021 19:05:47 GMT

GET
H2 200 wCOStwT.png
i.imgur.com/ 9 KB
9 KB 493ms
10ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/wCOStwT.png

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:48 GMT
x-content-type-options: nosniff
age: 645492
x-cache: HIT, HIT
content-length: 9180
x-served-by: cache-bwi5173-BWI, cache-fra19146-FRA
last-modified: Mon, 08 Mar 2021 04:50:40 GMT
server: cat factory 1.0
x-timer: S1634925948.150716,VS0,VE1
etag: "168c57cb0a4861565d8db5b896f40218"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 /
whos.amung.us/pingjs/ 27 B
27 B 606ms
124ms Image
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=wason01&t=%F0%9F%94%A5wason01%F0%9F%94%A5&x=chrome%3A%2F%2Fversion
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.214 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:48 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 5NR43BsYs8o.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 1 KB
2 KB 489ms
9ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5NR43BsYs8o.png

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: wnYf59tRvaa0d5ftP1XvQBYccpvgE05lhliXTMNftjXa+nrbNHVsLnmD0VTAeoJLFkgna0GTB8AqC5jxfPp5LQ==
x-fb-trip-id: 917726464
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: zS7nNbuF+qoavNDFbgWDdA==
date: Fri, 22 Oct 2021 18:05:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1307
x-fb-rlafr: 0
expires: Wed, 12 Oct 2022 05:25:46 GMT

GET
H2 200 lqbz1hqlAFx.png
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ 1 KB
2 KB 489ms
9ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lqbz1hqlAFx.png

Requested by

Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fd58536eb089f2060e86f14e60ef83f68169fbe34d95f8cdc2ad60abe4bb8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:48 GMT
x-content-type-options: nosniff
content-md5: 8kNJ+LeRDyhmr8oF+ZZjoQ==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1364
x-fb-rlafr: 0
x-fb-debug: FEG6oJrObukPvHMTTUC1C9LpRUS/yzNN28u76s6hn0wTOyAUAfNENDp3S87mCh/KZANQUkCuPBVVsV2cZUV96Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 15 Oct 2022 11:49:02 GMT

GET
H2 200 footer.html Show response
video3446.grooveblog.com/templates/ 1 KB
601 B 128ms
128ms Fetch
text/html 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/templates/footer.html?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ad62307622987a14baad415c0ad1177a249376da5c1e3de69dbe35b6ddda3e

Request headers

:path: /templates/footer.html?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
cache-control: max-age=3600
cf-ray: 6a24a7e7fc08f923-MXP
expires: Fri, 22 Oct 2021 19:05:48 GMT

GET
H2 200 layout.html Show response
video3446.grooveblog.com/templates/ 187 B
212 B 141ms
141ms Fetch
text/html 2606:4700::6812:e03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video3446.grooveblog.com/templates/layout.html?v=4
Requested by: Host: video3446.grooveblog.com
URL: https://video3446.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9658b60811d5756d78f29b953dff0616d10276ad5d5d176e6f701e036c265d3e

Request headers

:path: /templates/layout.html?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video3446.grooveblog.com
referer: https://video3446.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video3446.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0 ; Win64 ; x64) AppleWebKit/537.36 (KHTML, comme Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 18:05:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 09:45:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
cache-control: max-age=3600
cf-ray: 6a24a7e8cd5af923-MXP
expires: Fri, 22 Oct 2021 19:05:48 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bpr.xyz
cdnjs.cloudflare.com
cqo.be
fonts.googleapis.com
i.imgur.com
ka-f.fontawesome.com
kit.fontawesome.com
static.xx.fbcdn.net
unpkg.com
video3446.grooveblog.com
whos.amung.us
151.101.12.193
2606:4700:3035::6815:161a
2606:4700:3037::ac43:a12f
2606:4700:3037::ac43:dafe
2606:4700::6810:125e
2606:4700::6810:7baf
2606:4700::6812:1734
2606:4700::6812:e03
2a00:1450:4001:808::200a
2a03:2880:f02d:12:face:b00c:0:3
67.202.114.214
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
0993948f76f9b7143450a40962b280ecf3f27450c06af5a13d1a0768ff9cb171
0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784
0fd58536eb089f2060e86f14e60ef83f68169fbe34d95f8cdc2ad60abe4bb8c9
10f65445eada0a4eb45baa9aaa572982ce7c907dd098e866daf6cf3b301fcf44
2483fa39123610a3b3a0111663a4211fdf03d173d9f4c670ba40eb726314844f
25ad62307622987a14baad415c0ad1177a249376da5c1e3de69dbe35b6ddda3e
452b32f99948d551d5c7b6c6a5e4ddb8935e6413d2755c4e2cfe09aba75ff68d
64faecb3252d8ceb331f6942b83f288c37210f5350a3a7a3b52f6c16e8471cc6
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404
9658b60811d5756d78f29b953dff0616d10276ad5d5d176e6f701e036c265d3e
adcc462cfb07093f7ce07d68b9a6c004c5a273f292f138a2811d17f777be8027
b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69
bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061
beb3786141808cd77d5b8c076a6ec78804558a92452d087a2f084ef69e5e4453
bef561f912604eb47ec5a3697da4c7f2811f58a7dd485742c56fa800e5a02406
c9bcb14eb9a8f58d76f9ce83393c299c1e3a06169e6990b9c8cd4e0ef70e53aa
d258f0d3f2ac658f42ecda0d26693398ddf51ed8921070f51ece4fe97cd1b963
de5ad6c3fb2d2b5b008a746dbe9328dffc39905d3cdc9e0e4ef3ce56ea2b5ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f47045dc97d9cff6626bc48248cdb9a778351a7c69d709dcf1004fbbd68b8e4f
f87d6b287a054c081b661f8460089dd02a69f5f31ec051ac36f11d6c54d0154a
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

video3446.grooveblog.com Open in urlscan Pro 2606:4700::6812:e03 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

26 Requests

100 %HTTPS

82 %IPv6

10 Domains

11 Subdomains

10 IPs

3 Countries

233 kBTransfer

2209 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

video3446.grooveblog.com Open in urlscan Pro
2606:4700::6812:e03 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

233 kB
Transfer

2209 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!