convenientcovidtesting.com Open in urlscan Pro
2606:4700:3034::6815:4c1d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://convenientcovidtesting.com/
Effective URL:
https://convenientcovidtesting.com/
Submission Tags: falconsandbox
Submission: On November 11 via api (November 11th 2021, 1:51:50 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 51 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3034::6815:4c1d, located in United States and belongs to CLOUDFLARENET, US. The main domain is convenientcovidtesting.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 9th 2021. Valid for: a year.

This is the only time convenientcovidtesting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3034::6815:4c1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3035::6815:856	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3030::6815:5183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	51.161.92.183 51.161.92.183	16276 (OVH) (OVH)
17	2606:4700::68... 2606:4700::6812:15b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223d:8a00:b:d801:7900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3034::ac43:d90a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:c0e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	54.216.252.255 54.216.252.255	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	52.70.96.75 52.70.96.75	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	13.32.99.103 13.32.99.103	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	34.255.68.26 34.255.68.26	16509 (AMAZON-02) (AMAZON-02)
1	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
3 4	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	3.124.225.84 3.124.225.84	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.246.6.154 54.246.6.154	16509 (AMAZON-02) (AMAZON-02)
1	54.93.151.69 54.93.151.69	16509 (AMAZON-02) (AMAZON-02)
1 2	54.72.237.47 54.72.237.47	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	54.84.59.211 54.84.59.211	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:2c20:3113:5c28:1366	14618 (AMAZON-AES) (AMAZON-AES)
1	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
1	54.173.185.122 54.173.185.122	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.184.201.8 18.184.201.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:542e:84b1:1361:c28e	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
116	54

2 2606:4700:3034::6815:4c1d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

convenientcovidtesting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::6815:856 (United States)

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:5183 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.161.92.183 (Dorval, Canada)

ASN16276 (OVH, FR)
PTR: ip183.ip-51-161-92.net

matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:15b4 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:8a00:b:d801:7900:93a1 (United States)

ASN16509 (AMAZON-02, US)

widget.groovevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.groovevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:d90a (United States)

ASN13335 (CLOUDFLARENET, US)

v1.gdapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c0e6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.groovefunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.productstash.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.252.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-252-255.eu-west-1.compute.amazonaws.com

api.loopedin.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.70.96.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-96-75.compute-1.amazonaws.com

175592.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-103.fra60.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.68.26 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.216 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.225.84 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-225-84.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.6.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-6-154.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.151.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-151-69.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.237.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-237-47.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.59.211 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-59-211.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:2c20:3113:5c28:1366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.185.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-185-122.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.201.8 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-201-8.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:542e:84b1:1361:c28e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	grooveapps.com assets.grooveapps.com	3 MB
10	criteo.com 4 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com widget.us.criteo.com dis.criteo.com	16 KB
10	groove.cm app.groove.cm	3 MB
5	yahoo.com sp.analytics.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	3 KB
5	hyros.com 175592.tracking.hyros.com	18 KB
5	groovetech.io matomo.groovetech.io	65 KB
5	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	37 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	cloudflare.com cdnjs.cloudflare.com	126 KB
4	googleapis.com fonts.googleapis.com	411 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	2 KB
3	bidswitch.net 1 redirects x.bidswitch.net	1 KB
3	helpscout.net beacon-v2.helpscout.net	260 KB
3	bing.com bat.bing.com	11 KB
3	loopedin.io api.loopedin.io	3 KB
3	gdapis.com v1.gdapis.com	2 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com cdn.stickyadstv.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	713 B
2	360yield.com 1 redirects ad.360yield.com	854 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	3lift.com 1 redirects eb2.3lift.com	734 B
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com	1 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
2	yimg.com s.yimg.com	7 KB
2	youtube.com www.youtube.com	48 KB
2	googletagmanager.com www.googletagmanager.com	129 KB
2	productstash.io cdn.productstash.io	8 KB
2	groovevideo.com widget.groovevideo.com videos.groovevideo.com	308 KB
2	convenientcovidtesting.com 1 redirects convenientcovidtesting.com	31 KB
1	turn.com 1 redirects d.turn.com	418 B
1	tremorhub.com criteo-partners.tremorhub.com	183 B
1	postrelease.com jadserve.postrelease.com	428 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	taboola.com sync-t1.taboola.com	230 B
1	sharethrough.com match.sharethrough.com	262 B
1	revcontent.com trends.revcontent.com	336 B
1	teads.tv criteo-sync.teads.tv	172 B
1	media.net contextual.media.net	785 B
1	pubmatic.com simage2.pubmatic.com	681 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	addthis.com cw.addthis.com	427 B
1	outbrain.com sync.outbrain.com	476 B
1	mgid.com cm.mgid.com	813 B
1	rlcdn.com idsync.rlcdn.com	417 B
1	google.de www.google.de	548 B
1	google.com www.google.com	548 B
1	criteo.net static.criteo.net	14 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	groovefunnels.com 1 redirects app.groovefunnels.com	665 B
1	gstatic.com fonts.gstatic.com	13 KB
116	51

	Domain	Requested by
17	assets.grooveapps.com	convenientcovidtesting.com
10	app.groove.cm	convenientcovidtesting.com widget.groovevideo.com app.groove.cm
5	175592.tracking.hyros.com	convenientcovidtesting.com 175592.tracking.hyros.com
5	matomo.groovetech.io	convenientcovidtesting.com app.groove.cm
4	secure.adnxs.com	3 redirects convenientcovidtesting.com
4	gum.criteo.com	3 redirects static.criteo.net
4	cdnjs.cloudflare.com	app.groove.cm
4	ka-f.fontawesome.com	kit.fontawesome.com convenientcovidtesting.com
4	fonts.googleapis.com	convenientcovidtesting.com app.groove.cm
3	x.bidswitch.net	1 redirects convenientcovidtesting.com
3	dis.criteo.com	convenientcovidtesting.com
3	beacon-v2.helpscout.net	app.groove.cm beacon-v2.helpscout.net
3	bat.bing.com	convenientcovidtesting.com bat.bing.com app.groove.cm
3	api.loopedin.io	cdn.productstash.io
3	v1.gdapis.com	widget.groovevideo.com app.groove.cm
2	pixel.advertising.com	2 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects convenientcovidtesting.com
2	r.casalemedia.com	1 redirects convenientcovidtesting.com
2	eb2.3lift.com	1 redirects convenientcovidtesting.com
2	ups.analytics.yahoo.com	convenientcovidtesting.com
2	partner.mediawallahscript.com	1 redirects convenientcovidtesting.com
2	sp.analytics.yahoo.com	app.groove.cm convenientcovidtesting.com
2	s.yimg.com	convenientcovidtesting.com s.yimg.com
2	www.youtube.com	app.groove.cm www.youtube.com
2	www.googletagmanager.com	app.groove.cm www.googletagmanager.com
2	cdn.productstash.io	app.groove.cm
2	convenientcovidtesting.com	1 redirects
1	videos.groovevideo.com	convenientcovidtesting.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com	convenientcovidtesting.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com	convenientcovidtesting.com
1	jadserve.postrelease.com	convenientcovidtesting.com
1	rtb-csync.smartadserver.com	convenientcovidtesting.com
1	i6.liadm.com	convenientcovidtesting.com
1	sync-t1.taboola.com	convenientcovidtesting.com
1	match.sharethrough.com	convenientcovidtesting.com
1	trends.revcontent.com	convenientcovidtesting.com
1	criteo-sync.teads.tv	convenientcovidtesting.com
1	contextual.media.net	convenientcovidtesting.com
1	simage2.pubmatic.com	convenientcovidtesting.com
1	pixel.rubiconproject.com	convenientcovidtesting.com
1	cw.addthis.com	convenientcovidtesting.com
1	sync.outbrain.com	convenientcovidtesting.com
1	ads.yahoo.com	convenientcovidtesting.com
1	cm.mgid.com	convenientcovidtesting.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	convenientcovidtesting.com
1	widget.us.criteo.com	app.groove.cm
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	app.groove.cm
1	www.google.de	app.groove.cm
1	www.google.com	app.groove.cm
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.criteo.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	app.groovefunnels.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	widget.groovevideo.com	convenientcovidtesting.com
1	kit.fontawesome.com	convenientcovidtesting.com
116	62

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-09` - `2022-11-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.groovetech.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-18` - `2022-08-18`	a year	crt.sh
videos.groovevideo.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
cdn.productstash.io R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
api.loopedin.io R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
tracking.hyros.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.helpscout.net Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://convenientcovidtesting.com/
Frame ID: 03C55AE38C2104C06B76A9B2CB5D46F3
Requests: 34 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Frame ID: 6AD7CEE00FEBD32ADB1D3372F2BC6879
Requests: 47 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=convenientcovidtesting.com&origin=onetag
Frame ID: 949EB3793EA6A64F8F0EA3D57C82FFC8
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=4LtEPljpawjcl6rP8J47xfGhYh9oI344
Frame ID: FF1C5730241385FE94A31F4BC68F96C1
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Convenient Covid Testing

Page URL History Show full URLs

http://convenientcovidtesting.com/ HTTP 301
https://convenientcovidtesting.com/ Page URL

Page Statistics

116
Requests

85 %
HTTPS

42 %
IPv6

51
Domains

62
Subdomains

54
IPs

8
Countries

7042 kB
Transfer

19363 kB
Size

58
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://convenientcovidtesting.com/ HTTP 301
https://convenientcovidtesting.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://app.groovefunnels.com/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG HTTP 302
https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Request Chain 74

https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=convenientcovidtesting.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kmYhoXxVRk5oSElQTzltWWFLNnhZMU4zR2hIalhMOGNCTmQ0NXNLOGJRY0NJZXZyRm9tRmtYSExsZzEwSGMyYTVDNmMvR2ErQXFtSUFTS1FHKzQvUUNOeUpUVXpGRXpDb3B3MFNWeUcrbHB6d2UrVjlMN0c5SERHckNVZ25lejNXb0M5OVEzdTB1eXBSYUp5aG5OWVQzcFdmRlR3WWNXc1BCdExpSmlwaGd6dWVteDBndlFudXQ4S3RWZ1ZveEFEN0RGa2hQeW1lUlhGNGsvT0FNTDlZY3JrUVY5eENlcUpOWVNmVmpqRkMzRFdFLzQwLzJEdTNqcnd4a3NHdTNBeVFzbjhkc0gxZDg4bm9UaVhyT2JHeHRuVTVEdlJteGlDbnZTWjl3YVhBbVphbGhVVWVBOUJ3a2UwVFRQNnAyY1Q1RklORnw&cppv=2

Request Chain 75

https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fconvenientcovidtesting.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=-fraW19rTGVkNVlwamxjSUZxdTROUHk4YWpuNlJ3amR1Z0w1ZiUyRm9uWW1JOFE5bmVMbEJlR0lmSiUyQjN0cEppRWJyd0xaTk82M2FKdzRHNXFSaUx4bUdkdEpGT29xaWFhdVllYU9EV0djOXBQdTRRaTdzSjZNZVhxUVJqNUFnbkhFYml0MFFGZ25XQW9WMWJxZnNjcGV2cWRmV0klMkJDQjdQanA5amp4OVh5NjN6cDJTQTglM0Q&tld=app.groove.cm&dtycbr=98512 HTTP 302
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fconvenientcovidtesting.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=-fraW19rTGVkNVlwamxjSUZxdTROUHk4YWpuNlJ3amR1Z0w1ZiUyRm9uWW1JOFE5bmVMbEJlR0lmSiUyQjN0cEppRWJyd0xaTk82M2FKdzRHNXFSaUx4bUdkdEpGT29xaWFhdVllYU9EV0djOXBQdTRRaTdzSjZNZVhxUVJqNUFnbkhFYml0MFFGZ25XQW9WMWJxZnNjcGV2cWRmV0klMkJDQjdQanA5amp4OVh5NjN6cDJTQTglM0Q&tld=app.groove.cm&dtycbr=98512

Request Chain 79

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=4LtEPljpawjcl6rP8J47xfGhYh9oI344

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1TYW5lcmZkdjVQSEFxekg5a0RMdU0yNUJGaGhBelIwZlFrLXNHUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 81

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ&custom=&tag_format=img&tag_action=sync&custom=&cb=0fb14a14-dc2d-4ec7-9580-f88aa3626764 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0fb14a14-dc2d-4ec7-9580-f88aa3626764&final=true&reqid=82638130-42f6-11ec-81b6-8b84d996e1bf&timestamp=2021-11-11T13%3A51%3A45.860Z

Request Chain 87

https://secure.adnxs.com/setuid?entity=52&code=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A%26seg%3D95287

Request Chain 88

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&expires=30&user_group=5

Request Chain 92

https://eb2.3lift.com/xuid?mid=2711&xuid=k-tSzmJvdv5PHAqzH9kDLuM25BFhjsIIxxsZoStw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-tSzmJvdv5PHAqzH9kDLuM25BFhjsIIxxsZoStw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 93

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ&C=1

Request Chain 98

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XTy0h_dv5PHAqzH9kDLuM25BFhhc021ChT5QJg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XTy0h_dv5PHAqzH9kDLuM25BFhhc021ChT5QJg

Request Chain 100

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg&_li_chk=true&previous_uuid=5db7e2525adb4a28880e586366cc2515 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg

Request Chain 103

https://pixel.advertising.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1&apid=UP826fdd90-42f6-11ec-8d3e-02431aa5aea6

Request Chain 105

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-6kf-Jfdv5PHAqzH9kDLuM25BFhgPgJe9SG725Q&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 110

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1073911879336673956

Request Chain 111

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/eGummWCr0uicyrfHzoScUNy01UYE0nXr/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2887159548728553375

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
convenientcovidtesting.com/
Redirect Chain

http://convenientcovidtesting.com/
https://convenientcovidtesting.com/

526 KB
30 KB

232ms
212ms

Document
text/html

2606:4700:3034::6815:4c1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4c1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96dae7ce864f50fae8653e108c5f0a08d112f8521f7d16691ae400b346a643b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-type: text/html
last-modified: Wed, 10 Nov 2021 16:19:19 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNgAUXrPtuiCM64q4vXjMTmEmAfQRP8sWWZsiy0DVke3Gb31cRqAkNfyq5Qd%2FyQ55aGvQnG1Zvl1WJiDsKJzMe0%2FysVeAs8DbxgtYmcIoFnPcDkCYjrIwc4NGM%2B5ngo3pZsiYMVwkwpESWSX6fNNFza%2B3cauAzhdSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac7ff3689e1d6bd-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 11 Nov 2021 13:51:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 11 Nov 2021 14:51:43 GMT
Location: https://convenientcovidtesting.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jj8bgUyWqU4GO42oKsL1BgkRGzvJCt6K%2BQn0vfAHH1JvA6uVF2ANUE3RiZI4yjaMBq6WV3rn8oDjLzV3KhccDSayrUO1gQAUU2TxWt%2BZVyq7qlWXbCRcsFflxBtfAjyCS9fhHIPBbHB1dL1wzFRy9X7lRJrbgXBZKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac7ff363e3005cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 713 KB
137 KB 69ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3269946a9744042e1466aca934fac6d44c1b567fd420d348ef256d69ccdec4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 13:51:43 GMT
server: ESF
date: Thu, 11 Nov 2021 13:51:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 13:51:43 GMT

GET
H2 200 inpage_published.css
app.groove.cm/groovepages/css/ 362 KB
52 KB 50ms
22ms Stylesheet
text/css 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published.css
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5949002a116a1582e56d4b4ddc5a6263f24087df3945c9ad2dbc5f6c54578ae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 09:22:59 GMT
server: cloudflare
age: 6119
etag: W/"618ce0f3-5a968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LseJM5K%2BHlJzmY9ZgMTTlhEWLLBZzw5g1%2F0L0ZbLMzfqmOb6WkYBl5cnKGK7b3Ld1qAOF1hX2r0zYcqUFupfBNxi6Bj4VEUWLzvoewVPsmqt0JhOPMUKWl7onRJoJh09JtE8N2NhtZ036Y7u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff381aef5bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chunk-vendors.css
app.groove.cm/groovepages/css/ 0
0 61ms
34ms Stylesheet
text/html 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 62ms
43ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e7647a48d4.js

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://convenientcovidtesting.com/
Origin: https://convenientcovidtesting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6ac7ff3809ab4e31-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FrYGQQPAtapMetgWkSTB

GET
H2 200 css2
fonts.googleapis.com/ 694 KB
136 KB 45ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6e2332041c94375e83950471b387ea1dc291f2696c8842b65069f623901c514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 13:51:43 GMT
server: ESF
date: Thu, 11 Nov 2021 13:51:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 13:51:43 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 49ms
32ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoMk2qDpGKD%2FZq5P01jb4ija1tc97fcy8kPtQd8YYh9Olv%2FQ3fWjb2zHU1BR6pmWwvw2EJkB2tUIE63XG3ltqpTIfNwt1SyW%2BojKRqYJRO6DZqlXdDWGNIB3ZXt1WWHmdxJyMy1QTnzmw0cbXOkxFkMarw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ac7ff3948c82c2a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RgC94gFPpyPmnZMw-QLVf6MI_-Piv6xWmEf1wSiFM1_O86ZB-Rve9Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 46ms
28ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRX3%2FpgDnLA6YATA4K4Pj08UE4bqzfFDuxeM1oja%2FKxhuNoBqFe9CJvOPA7ZqLXJYHrITXQ0VVvrCfLC5ep2UQhu1ZB8G%2B2XIcVppi%2B1B3HgHrjQ6A5r0ZAXsWysTjOYnzPrp3EcjKC2Y8v8ToXU5Q0mSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ac7ff3948cb2c2a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: t2PUE0PveNt7IQhqrND4PFWnX_1BTE1XpF_NTRX5AqbY5SmXY_4_Aw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 85ms
68ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqkZJKTOzOAXmedRqr0ieEZa15O2YHA6KEIDVu3UTP78xyDqngaXyaz74UlHzbZAKi04pr71TnhOysI61dW%2BsIXYHcgcV13Uvv6%2BMpew8TyH1KoBktCUIbgXFDHRfJEltrB9AvFb8vq3xuMpOJPrQ1jGdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ac7ff3948cf2c2a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 70va58-7FfpQ2_YbsdHPxN1-ee-9MRr-nmi104QRpdaJHOR9zzMEIg==

GET
H/1.1 200
OK matomo.js Show response
matomo.groovetech.io/ 100 KB
32 KB 415ms
185ms Script
application/javascript 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Dorval, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 /
Resource Hash: 68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 21:11:02 GMT
server: nginx/1.19.2
etag: "19167-5aafa0f820d0f-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 32444

GET
H2 200 1636478280_IMG_7417(1).jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 303 KB
304 KB 393ms
360ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636478280_IMG_7417(1).jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e1cd13d5ad970e3b342931c9149cd2fc8cb5e53f357891525a195cab691c859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdvE2K9ndlK7FC78xN24Xe4cKCS0zJqo9j9qmf-O7M4bxM1lT8721ntg9TUYCP8NXYTAdPy4M-V_n31OBJE2eislH1eCWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 310621
last-modified: Tue, 09 Nov 2021 17:18:00 GMT
server: cloudflare
etag: "3b5bd9365c438afe2474c020a36f900a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=2cT9Mg==, md5=O1vZNlxDiv4kdMAgo2+QCg==
x-goog-generation: 1636478280633139
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 310621
accept-ranges: bytes
cf-ray: 6ac7ff3ade0e062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636482604_378-3784956_veteran-owned-business-logo-vector-veteran-owned-business.png
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 81 KB
81 KB 387ms
354ms Image
image/png 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636482604_378-3784956_veteran-owned-business-logo-vector-veteran-owned-business.png?update=2
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5643b5129482fb1cabce7eba987433823148b450c5fcc7703647c55ca17edb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdu4Q-2I7H025ZElxnBzpT4QlbUFWRpSsoegCZAbhxg8Uc4uQuLVZ_w_PQasIRYR46umY_efvaAo3Me0tP-7a9bQP73ryQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 82468
last-modified: Tue, 09 Nov 2021 18:30:12 GMT
server: cloudflare
etag: "ce9a200ef902f7d5f45b70ebe5ce569b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=myVNNA==, md5=zpogDvkC99X0W3Dr5c5Wmw==
x-goog-generation: 1636482612386766
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 82468
accept-ranges: bytes
cf-ray: 6ac7ff3ade13062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 groovemail-lib.web.js Show response
assets.grooveapps.com/plugins/ 74 KB
23 KB 173ms
141ms Script
application/javascript 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.grooveapps.com/plugins/groovemail-lib.web.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae97d7481cbcc86896bb517565e034033a25ceed60cfe93096f3517ac124af2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsyuQ7EyP73_Vc0MTWXnSQAUPfyULlB6iU8jOJ-GN8BeiYHq4YxZaFR5ORNNFMxq-RMBBCLGCk5bsk1bcfDqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 15 Sep 2021 18:49:09 GMT
server: cloudflare
etag: W/"6856c8e60abc3af6dc0b1b18fc25e14d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=nbWtLQ==, md5=aFbI5gq8OvbcCxsY/CXhTQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1631731749727385
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 75265
cf-ray: 6ac7ff3ade11062d-FRA
expires: Fri, 11 Nov 2022 13:51:43 GMT

GET
H2 200 1636479494_Covid-test-1024x576.png
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 150 KB
151 KB 412ms
380ms Image
image/png 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636479494_Covid-test-1024x576.png
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610d206e9ade60d892a0e3c5cca5c97684ce6899f845da9e6c381ebe4a40cf6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdu5CAtz9UZFGBq1JxtNPveJd7TQKBXqsC1E8j41kYLQlPEN2x4eIK2C_xCpR9voBnbFl69zleeubpfSm1-NtkxObZJmaA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 153644
last-modified: Tue, 09 Nov 2021 17:38:14 GMT
server: cloudflare
etag: "908a0a0649336137ff15a313902f79f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=GAt5Ig==, md5=kIoKBkkzYTf/FaMTkC958Q==
x-goog-generation: 1636479494910629
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 153644
accept-ranges: bytes
cf-ray: 6ac7ff3ade14062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636482685_hippa.png
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 25 KB
25 KB 568ms
536ms Image
image/png 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636482685_hippa.png
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa2d31e507c20a51d4bee8ab76aa86abf82ca9e7f4f7ee9cac4eff9e9111214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdsC3A4ytIYHSUUO8gIkktCT6GWUsjiu5gJdF2NgFrpeXXyGNTV_OUCFbmAaL4q17ZUPErXXiVRd82kvdaytSaT3c4-h_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 25331
last-modified: Tue, 09 Nov 2021 18:31:26 GMT
server: cloudflare
etag: "32604d03c3cae0649acc177e1c901876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=tB73nA==, md5=MmBNA8PK4GSazBd+HJAYdg==
x-goog-generation: 1636482686008485
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 25331
accept-ranges: bytes
cf-ray: 6ac7ff3ade15062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636479236_Screenshot_20211105-074415_Chrome.jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 108 KB
109 KB 415ms
383ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636479236_Screenshot_20211105-074415_Chrome.jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb7d8c1c852ef4bbe847a78f948b1d443bb32eeeb6430a943102dae10300b188

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycds8BHUVfWkiTJlqPl8knYurGrwLQeYjxifFTR-JWNk0-J3_kOTbyfT6nrfOV-uSZWIFZNsoKCJgkPJ5GoUQM5xg2HtJYg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 110614
last-modified: Tue, 09 Nov 2021 17:33:56 GMT
server: cloudflare
etag: "5a136064e81e537a159dbbadb4af0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=teLAyQ==, md5=WhNgZOgeU3oVnbuttK8OAA==
x-goog-generation: 1636479236642591
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 110614
accept-ranges: bytes
cf-ray: 6ac7ff3ade16062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636479861_FB_IMG_1636114711754.jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 49 KB
49 KB 634ms
633ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636479861_FB_IMG_1636114711754.jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbde4353cc29c010797e86b669a5f83ee4b61fd762078e29f94a08b5a020f2aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdviDm4DhS_1ScTgw_UTP2xgNTCDQhOpsRTO4ir_JsQzrje-EhFBAGzQjsJQO0mukGLAuNSIKnDRoXF34iQHY9NZ9VvEuw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 50067
last-modified: Tue, 09 Nov 2021 17:44:21 GMT
server: cloudflare
etag: "d00a3c8637426722a9554e16f3a9f2e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=7meT8Q==, md5=0Ao8hjdCZyKpVU4W86ny5Q==
x-goog-generation: 1636479861967064
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 50067
accept-ranges: bytes
cf-ray: 6ac7ff3ade19062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636479918_Screenshot_20211105-074525_Chrome.jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 114 KB
114 KB 375ms
374ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636479918_Screenshot_20211105-074525_Chrome.jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 723bba2291d88812c496902bc36915788b8076220d0e2fe1f698eada782dac37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycduC8ySBc6vJFQxH4mde9tyJqm7WoK-u-0V8s1lMLs95LkwUz5wnjBo9N6iJyP_VKkmlEmshmy3ABkEGy_NLc0JtXgdJWA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 116298
last-modified: Tue, 09 Nov 2021 17:45:18 GMT
server: cloudflare
etag: "fe715a4bf9eba526740308647c7029d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=PVvLFw==, md5=/nFaS/nrpSZ0AwhkfHAp1g==
x-goog-generation: 1636479918857637
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 116298
accept-ranges: bytes
cf-ray: 6ac7ff3ade1a062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 app.js Show response
widget.groovevideo.com/widget/ 308 KB
308 KB 59ms
10ms Script
application/javascript 2600:9000:223d:8a00:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.groovevideo.com/widget/app.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8a00:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7518a7a99a478dbdc3d20124309f0f5c0d4362a3049270b1914648bdc59f5339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 08:55:20 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
last-modified: Sun, 10 Jan 2021 06:08:26 GMT
server: AmazonS3
age: 18382
etag: "d60d1cc82997d66a45cf4e61717e6d3b"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 315153
x-amz-cf-id: h3LqunpgZtaxYoDOCmkFX4OmNSJ4yAtJBfuXnAJaqcWh4N01AfqnHA==

GET
H2 200 1636494088_unnamed%20(2).jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 97 KB
98 KB 343ms
342ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636494088_unnamed%20(2).jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2041224a92f528f370b91e355bc02659c0e6307a115536c616afd8ed2a69b3de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycds_IqeJJ81tJIJm9KMZHAsyZuow86hY1TyJBjbBXipQX-MkmhCtFDIrh1gZDyt1iiCk0PBRio8FDe6J3W0CY0Sbay2Dew
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 99833
last-modified: Tue, 09 Nov 2021 21:41:29 GMT
server: cloudflare
etag: "49859bd07a4ecbf421e1c9b0cf88c33e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Z6LGkQ==, md5=SYWb0HpOy/Qh4cmwz4jDPg==
x-goog-generation: 1636494089053777
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 99833
accept-ranges: bytes
cf-ray: 6ac7ff3ade1c062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636494122_unnamed%20(3).jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 90 KB
90 KB 482ms
481ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636494122_unnamed%20(3).jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81ce956f96b82418416aeaca025b916cc64dfc2e9aa283efc11661185ea389bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdtfm1Zu6iSfdHCUOIDhOCYVVE-iMI5DiiWL1McSZUrc5htI0dRbJKN_PJTGVgrU7X_0zXJYdNzIolLcokKPTpvDlJYCGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 92205
last-modified: Tue, 09 Nov 2021 21:42:02 GMT
server: cloudflare
etag: "f90c5de8acfdc4efca99638ea35bf158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RyLUgA==, md5=+Qxd6Kz9xO/KmWOOo1vxWA==
x-goog-generation: 1636494122695853
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 92205
accept-ranges: bytes
cf-ray: 6ac7ff3ade1d062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636494174_unnamed%20(4).jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 267 KB
268 KB 167ms
166ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636494174_unnamed%20(4).jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec1d694ca0dfaaaa1ebc35e76d2909a61b9dc50f07d4504a6046448657a846cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdvvYokvh1LaBWrLiEBAzuFGt80Mu-D2DaDfeXCC77gw7yoaeymXOvlEZBdLBeOh-EFfOE0r2Zu6h4rwMJRqVg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 273591
last-modified: Tue, 09 Nov 2021 21:42:55 GMT
server: cloudflare
etag: "34c1659eec0de1d363fd15cf3d181a1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=1L9EsQ==, md5=NMFlnuwN4dNj/RXPPRgaGw==
x-goog-generation: 1636494175019142
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 273591
accept-ranges: bytes
cf-ray: 6ac7ff3ade1f062d-FRA
expires: Thu, 11 Nov 2021 17:51:43 GMT

GET
H2 200 carousel-lib.web.js Show response
assets.grooveapps.com/plugins/ 20 KB
7 KB 155ms
153ms Script
application/javascript 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.grooveapps.com/plugins/carousel-lib.web.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1e8569f7f8c36c25ffec9a1cb61d3e3a36b7dcb05f8ac8a6b6e98afb141a90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtU8DNgRWltvVvn2iT99teYqDhcCtDNR2LJHLDCzeRq5ekaubsn9a80HeW4bzIt9iyQ8spYT4ChsxoKZBT0WC7IacnFBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 15 Sep 2021 18:49:05 GMT
server: cloudflare
etag: W/"1d62de2f01933fbc6530c0ac8a450298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=BP2grw==, md5=HWLeLwGTP7xlMMCsikUCmA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1631731745139203
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 20727
cf-ray: 6ac7ff3ade17062d-FRA
expires: Fri, 11 Nov 2022 13:51:43 GMT

GET
H2 200 1636481248_download%20(2).jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 84 KB
84 KB 498ms
497ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636481248_download%20(2).jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66addb120b9f9171f92fff1d98b858b08edb2a508f086ff6340e9c30fad6d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdtJ2jHH6K-MjawWmdFqv2eG4oYdB_A7XLeehJCIETlTNgVpbw3OD67LeSW7jCutCFrQsNK0cznqcmrNGNxWJ7klxasiYA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 85549
last-modified: Tue, 09 Nov 2021 18:07:28 GMT
server: cloudflare
etag: "6e957e2df9ddc3fe86e1b851de8dfa1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Rc7JiA==, md5=bpV+Lfndw/6G4bhR3o36HA==
x-goog-generation: 1636481248417219
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 85549
accept-ranges: bytes
cf-ray: 6ac7ff3ade20062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 1636481952_happy-business-team-12940897.jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 64 KB
64 KB 560ms
559ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636481952_happy-business-team-12940897.jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cde9bd71c581c978fab8309d26c38a4ae2e6ea65b9a9d2d5c3637bb4532dc880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdvdd3k1xXVS21ZPShvvji0e4vf804tZVWLUdLJWO7CB-GHN2FW5CUh_mpsA366enu95Ia4cWrGd3UEjtqnS-zrPn84-RA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 65215
last-modified: Tue, 09 Nov 2021 18:19:12 GMT
server: cloudflare
etag: "9a7d2cbedc03f7d668d35670673f04d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=60g5qw==, md5=mn0svtwD99Zo01ZwZz8E0w==
x-goog-generation: 1636481952334004
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 65215
accept-ranges: bytes
cf-ray: 6ac7ff3ade21062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 zapier-lib.web.js Show response
assets.grooveapps.com/plugins/ 73 KB
23 KB 165ms
164ms Script
application/javascript 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.grooveapps.com/plugins/zapier-lib.web.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8d2db88c6ff2f4cef6c0aca43b5913718cace7fbd0a6e65f017710fe8a5f32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdt9SNVga40sbm85a_OCFlszLCdkOOPe3hPwzI2F0RXaWa5kBNQIRlWh8dHt_IQejfYzxiaDVSCD63uwI1Bw90VEa9tG-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 15 Sep 2021 18:49:13 GMT
server: cloudflare
etag: W/"4cb93b2e7aa872ac4fd14bd77967c478"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WcaR1w==, md5=TLk7LnqocqxP0UvXeWfEeA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1631731753143657
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 75095
cf-ray: 6ac7ff3ade18062d-FRA
expires: Fri, 11 Nov 2022 13:51:43 GMT

GET
H2 200 inpage_published.js Show response
app.groove.cm/groovepages/js/ 71 KB
26 KB 24ms
23ms Script
application/javascript 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745feaeddbb7a1255116ee49493f811da2eac940ac5039c6b14b32e7a02df58a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 09:22:59 GMT
server: cloudflare
age: 6119
etag: W/"618ce0f3-11cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krhEWG5MGPQ4NNCM48CQyburuGDFA0MoNe%2FHQnj3VP31q0o7vWRjOChabuddRBQK%2FmYnYvUOmw9CbJpb5nWcuOGJnBm212jGwT%2Fx5WMyCRBnR4sVIRBq%2BsyY%2F8kwvl8joQ7aeo695tubqyIN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff3aa91a5bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chunk-vendors.js Show response
app.groove.cm/groovepages/js/ 0
0 18ms
17ms Script
text/html 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 1636479072_covid19testinggraphic.jpg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 31 KB
32 KB 292ms
290ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636479072_covid19testinggraphic.jpg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ec2b4efde071dbe2439f80f707ca6428cc788978aab845a1f07f3a6fec4ff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdvm8-D_pJc9AqU53UOUvMc-O6u2ni79P9K0b9rJ-8kRPNhPY1FbqlRxEQYuqV1wZYkLyS2RjXZOLg2xzptcv6HIYGtoQA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 32245
last-modified: Tue, 09 Nov 2021 17:31:13 GMT
server: cloudflare
etag: "cee099825a65b3393efc6c16384fc1c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=pUTc3Q==, md5=zuCZglplszk+/GwWOE/ByA==
x-goog-generation: 1636479073250010
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 32245
accept-ranges: bytes
cf-ray: 6ac7ff3ade22062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
13 KB 37ms
37ms Font
font/woff2 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://convenientcovidtesting.com/
Origin: https://convenientcovidtesting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:43 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEgcNxFsWmrmxbOuKAIl8tGh0FIAgvp0Oa%2BdWN5k7NVEAPrG4sMfQQTTUaj9fDSOJttE%2FshfFHbtc9o7E3Esa4Qd%2FZpPJhc2zFNfHjgm2cZc3zcgKgJno5a5tcF4p%2BiLUeqMirFj8QuFX7C%2BXFFEractrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6ac7ff3aebf22c2a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 22rtCw49fid1_mQX1Ht2-iCvYCV1Z4yXuJ5CfZfaV4k6YZL0-mX-wA==

GET
H2 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v2/ 13 KB
13 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v2/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://convenientcovidtesting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:41:44 GMT
x-content-type-options: nosniff
age: 122999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13092
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 10 Nov 2022 03:41:44 GMT

GET
H2 200 Rgr1W1YifRD09SkEhiiG
v1.gdapis.com/api/groovevideo/generate-css/74638/ 374 B
822 B 357ms
330ms Stylesheet
text/css 2606:4700:3034::ac43:d90a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/generate-css/74638/Rgr1W1YifRD09SkEhiiG
Requested by: Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: a007b806acfa601cf195a2f213f73e8f09c00a9570cbb84c817f9c3b9ccbfd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCGEAXSDRcevQPq6YOVfroWPVV2Y1nfNnKRE4MIM1KQMQI4Tj1yUqsOBCFOHWQMFe3UNj8pP8nYjcMeHeqE%2FgRU2ORk0kjxFkHAieSBytCg%2F5dt5CA9GXuMRckQhHGxSkmE7ZKVWZ5Hr6CNt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-ratelimit-remaining: 599
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 6ac7ff3c2ed9d6b1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

Rgr1W1YifRD09SkEhiiG Show response
app.groove.cm/groovevideo/video/74638/ Frame 6AD7
Redirect Chain

https://app.groovefunnels.com/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

5 KB
2 KB

210ms
210ms

Document
text/html

2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Requested by: Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550f31893fe18b01638730252b67d5bc52d7b641bf803f409372e04ce909d28a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 11 Nov 2021 09:37:14 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meNHZ9F1FiXwRq2wldtpm9EeyCbu6XT3P%2BuzW9FxtzRSi335X2bc0KT6zWVxU%2F9BWzaA8%2FlDx4BzWpAb1sjmUzjEVwYKTl3lDu%2BBICMUIYGPY%2BdnKSELf2BTHX32GdtK25qHac3FF5fXQ4Bb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac7ff3c5d195bfd-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIDPRB0m9Ld1ADpNcOjy3NXGMKzpDoxAnDiACSstFGqWGllwfg303Z03zRiwmmL9Eig1c5ODjTokfcOhm4ha%2BaEXiYgR2Dz3hx7xygDeqcUt1rGkW7Vo9rzUBhPMmfqEt0ATwe0P4hz5knjcFMorZPr8JdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ac7ff3c3bc6c29a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK matomo.php
matomo.groovetech.io/ 43 B
217 B 118ms
118ms Image
image/gif 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matomo.groovetech.io/matomo.php?action_name=convenientcovidtesting.com%2FConvenient%20Covid%20Testing&idsite=4&rec=1&r=174617&h=13&m=51&s=44&url=https%3A%2F%2Fconvenientcovidtesting.com%2F&_id=bc898f3c00356e78&_idts=1636638704&_idvc=1&_idn=0&_refts=0&_viewts=1636638704&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=474292&dimension2=2ADGg_l4X&gt_ms=665&pv_id=9UJIvl
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Dorval, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 / PHP/7.4.16
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cache-control: no-store
server: nginx/1.19.2
x-powered-by: PHP/7.4.16
content-length: 43
content-type: image/gif

GET
H2 200 1636486010_covid.jpeg
assets.grooveapps.com/images/5f61328a754dea0077d84f79/ 1 MB
1 MB 399ms
399ms Image
image/jpeg 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f61328a754dea0077d84f79/1636486010_covid.jpeg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3f689fc1829b9fe632712c5bd0dc2e12a1b99536dbd866166970cf893ecb92f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://convenientcovidtesting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cf-cache-status: EXPIRED
x-guploader-uploadid: ADPycdtCVw2HH3Ps-xvIHgOby1EyCKQrDI9zhSyVWry_6EUR7evmfaBjoGmwMY9Wmqb1Ed5MIWAglGw_O6OONjAkUrIQLAr2kQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 1331556
last-modified: Tue, 09 Nov 2021 19:26:50 GMT
server: cloudflare
etag: "4598dca85a49e8792068bc937982926f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=DLmzfQ==, md5=RZjcqFpJ6HkgaLyTeYKSbw==
x-goog-generation: 1636486010668040
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1331556
accept-ranges: bytes
cf-ray: 6ac7ff3c7935062d-FRA
expires: Thu, 11 Nov 2021 17:51:44 GMT

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 6AD7 39 KB
9 KB 60ms
40ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 667598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-9c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDpsyShYl6TTl6zVmpJ0FSFhPhf86JHnseESI6Z1w2hxTBDBm9zP0q8P69VyRk2gRU%2BHJWrym41pObebKEEW024HGWsRgHpn2N3cg1DMbTBVjrrInlOdB42YhE6%2FPwNNUYq76%2B11Qjx136FV5SF728eS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ac7ff3dedf74aa4-FRA
expires: Tue, 01 Nov 2022 13:51:44 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 6AD7 470 KB
106 KB 44ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 232421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107564
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-757c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0e6tc5XL1JIHfUq9jW17WvI3RPclfW1Z2SxVgQRenWzWdrAxfP8f0cc9U1EEr0SX94sQXptCrUrRiPO2ZyZpOL%2BWI%2F%2Bk%2FR%2BM4vVnloGmwgYN8JLa%2BO1AGnybsKyWtqdCDyoLeEqUkpEZflfA%2BEStkS2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ac7ff3dedfa4aa4-FRA
expires: Tue, 01 Nov 2022 13:51:44 GMT

GET
H2 200 videojs-ie8.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 6AD7 19 KB
6 KB 58ms
39ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3066168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5911
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401e-4a99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wh9P8eE5lrYgIAMKfmu29ufghbBa7f1o61Z1aBerZKoC5VUifobjWUlesZIBMAVcUYRdmL%2FmBVn7Vb6UnGwZb%2BXsOIvkAvYciSRdJSa1mitpf6eHwLhfZlKqC6A17y2Ycr9VYVN%2FrYQ4op7yOq5Nv5pQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ac7ff3dedfb4aa4-FRA
expires: Tue, 01 Nov 2022 13:51:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6AD7 12 KB
886 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 13:48:31 GMT
server: ESF
date: Thu, 11 Nov 2021 13:51:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 13:51:44 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 6AD7 70 KB
4 KB 57ms
38ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 235035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BA%2FRuC3ddB9Q3DYlMyjZlfCKucDhuxuEwfNABMGlQ9dNekdm3b%2FIQOcJGbyPXxOaUTu6LJIMEICgh8EQOiuX36zvCFgCMTWpQf1QLKszfYO17K%2Fo5%2BZV7VwOzB2KRKOUTZNIkjlQZHkJUmyNk%2F60onP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ac7ff3dedf94aa4-FRA
expires: Tue, 01 Nov 2022 13:51:44 GMT

GET
H2 200 app.c4c12659.css
app.groove.cm/groovevideo/css/ Frame 6AD7 43 KB
8 KB 15ms
13ms Stylesheet
text/css 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/css/app.c4c12659.css
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b027e629ed2a2d5badd8fe1a36af323a9f23bd86842cc75147014794a53d077b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 09:37:13 GMT
server: cloudflare
age: 6108
etag: W/"618ce449-ac09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvkIwmDGzygCxCO06AzxnVmtpBbzVmzMXhhvKbi8KMdfzp1t5tOPlVtdzHQjTIxJ39o1apMpCJgThd4weo%2BDegI3HJH9Awrd%2Fzr22HkAQ1iiFFpuBjdp8CdQzlZeD1QIqbhM8wisJK%2BM%2B98A"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff3dc8605bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame 6AD7 2 MB
210 KB 39ms
38ms Stylesheet
text/css 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691b584f0ed8697c3d836e8a07d39d2e96183db76a72e0e971be392c1ca00659

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 09:37:13 GMT
server: cloudflare
age: 6108
etag: W/"618ce449-1e274a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qapZFAw7nFTqBixer16OtM%2F2Ddy8IErwoaC8Qu651%2B7N49aXQmSRfCmvtxKpIiFbAz751zlgVRctdm4Ap9gjRonavx5fo6%2BLpz1qwuw1m5nIr%2BSUedEwW5Ho7bvpJKBa%2FenUzlpxobLmr6Z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff3dc8625bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.d269c6a7.js Show response
app.groove.cm/groovevideo/js/ Frame 6AD7 1 MB
252 KB 25ms
25ms Script
application/javascript 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/js/app.d269c6a7.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb02acd0cc3fa040084e21ac5247a39793c2575956beea38ffed6f23bcace75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 09:37:13 GMT
server: cloudflare
age: 5945
etag: W/"618ce449-15565c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WShSMBCN0ji4Lnt2U6VTT9iznb8nSdg0sIDojCyD6t%2FzuiYQUI%2BOmyEvtkeDMuZSkbtd5Tj823KfLtmEDwrrPpSeq4%2BjZ73Sf9e%2FHIAkEDxvEIC4TE0oYWGdzMzprLQ%2F4%2BVQ6091ekStyJH2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff3dc8635bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chunk-vendors.f3ad11b4.js Show response
app.groove.cm/groovevideo/js/ Frame 6AD7 7 MB
2 MB 47ms
47ms Script
application/javascript 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f3ad11b4.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddce9aec542cb50c6c028e5cc4b95b296382f646a41d01c4db08d8e61b5cdb5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 09:37:13 GMT
server: cloudflare
age: 5945
etag: W/"618ce449-6bec7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyEeB69QDUd44VPr8nkRc3zcIJ%2FvnW0ktHMM4dS4ABVPw5Y%2F1GJJBE3%2B4AuvWyuh3UkHUuTifYAyzXmy0WAnL3XdoLFP0X9JrI%2F86stDIxTyysU4cV0jbZOX%2FsPWvcsu8asIhacZNrEzgRbY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff3dc8645bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 widget.min.js Show response
cdn.productstash.io/js/ Frame 6AD7 23 KB
6 KB 76ms
8ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.productstash.io/js/widget.min.js?v=0.8

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cdn-edgestorageid: 756
x-dns-prefetch-control: off
cdn-cachedat: 09/06/2021 12:25:53
cdn-pullzone: 173232
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: 48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control: public, max-age=31536000
cdn-requestid: bdd7f2b84a3a25cb239384bca742b796
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 6AD7 197 KB
69 KB 71ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1b2e7758b54a276222a25cf3bcdf020d9f7e76eab53f827f21fc2125a202e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69721
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Nov 2021 13:51:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6AD7 713 KB
137 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3269946a9744042e1466aca934fac6d44c1b567fd420d348ef256d69ccdec4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 13:51:44 GMT
server: ESF
date: Thu, 11 Nov 2021 13:51:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 13:51:44 GMT

GET
BLOB 200
OK 3810964e-c32e-4f5e-b74f-83dc532dddab
https://app.groove.cm/ Frame 6AD7 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.groove.cm/3810964e-c32e-4f5e-b74f-83dc532dddab
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

OPTIONS
H/1.1 204
No Content ping
api.loopedin.io/v1/users/ Frame 0
0 152ms
31ms Preflight 54.216.252.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/v1/users/ping

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-252-255.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control: off
Expect-Ct: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: Content-Type,Authorization
Content-Length: 0
Date: Thu, 11 Nov 2021 13:51:45 GMT
Via: 1.1 vegur

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 6AD7 980 B
1 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f3ad11b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f30e248083e0d6b10aaca731f91410b61b998dca9eea554cac95abb6873b2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Thu, 11 Nov 2021 13:51:44 GMT

GET
H/1.1 200
OK matomo.js Show response
matomo.groovetech.io/ Frame 6AD7 100 KB
32 KB 106ms
105ms Script
application/javascript 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f3ad11b4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Dorval, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 /
Resource Hash: 68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 21:11:02 GMT
server: nginx/1.19.2
etag: "19167-5aafa0f820d0f-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 32444

GET
BLOB 200
OK 715998cd-92b1-4aa9-9e90-715913b98345 Show response
https://app.groove.cm/ Frame 6AD7 98 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.groove.cm/715998cd-92b1-4aa9-9e90-715913b98345
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f3ad11b4.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae62be59e72fc8918db6854ca141e3d5544285d740994d22cb19d8ce8295591b

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 98
Content-Type: text/javascript

POST
H/1.1 200
OK ping Show response
api.loopedin.io/v1/users/ Frame 6AD7 3 B
1 KB 31ms
31ms Fetch
application/json 54.216.252.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/v1/users/ping

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-252-255.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Date: Thu, 11 Nov 2021 13:51:45 GMT
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct: max-age=0
X-Ratelimit-Remaining: 48
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset: 1636638728
X-Ratelimit-Limit: 50
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK app-config Show response
api.loopedin.io/ Frame 6AD7 525 B
2 KB 154ms
34ms XHR
application/json 54.216.252.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.216.252.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-252-255.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

3b2637396d82d107eb6abc3d9d649285bce741ce698f11b39de77df91a08ff9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Date: Thu, 11 Nov 2021 13:51:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 525
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
Etag: W/"20d-tgqCsIwyLXaYkhY93xmwnlfTyzg"
Expect-Ct: max-age=0
X-Ratelimit-Remaining: 49
Access-Control-Allow-Methods: GET
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset: 1636638728
X-Ratelimit-Limit: 50
Content-Type: application/json; charset=utf-8

GET
H2 200 notification.png
cdn.productstash.io/images/ Frame 6AD7 1 KB
2 KB 7ms
7ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productstash.io/images/notification.png

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cdn-edgestorageid: 756
x-dns-prefetch-control: off
cdn-cachedat: 08/11/2021 08:30:54
cdn-pullzone: 173232
content-length: 1156
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cdn-cache: HIT
cdn-uid: 48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control: public, max-age=31536000
cdn-requestid: 7775f8f10f3598068e28849e31a269c8
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 config.js Show response
app.groove.cm/config/ Frame 6AD7 324 B
516 B 16ms
15ms Script
application/javascript 2606:4700:3035::6815:856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/config/config.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 10:01:54 GMT
server: cloudflare
age: 5944
etag: W/"618cea12-144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbPZmaVBKi9R7SMpQPwqbx6mIrepbPT1Tb%2FULOBpWtowk3mReshwdkA%2BMXL7q5JFEJC2Yxlr%2B4pcoPbTYqiqo4obwiIVGnlKrcXjF9srJtiIuyoiiu6d%2B%2BBrRqkWMK0rsHamQvo5S7JoFVp%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7ff431e625bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6AD7 163 KB
60 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dd8234b674830731a4ca44026b13e3f61142b8dc1902f95ccd273eeba9ac433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61676
x-xss-protection: 0
expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6AD7 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6639
date: Thu, 11 Nov 2021 12:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 14:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 6AD7 37 KB
15 KB 57ms
19ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1b5f1cf2147c10f37ac1e6a14635b8fcda9a5569e2492152a08ed6fe781d6db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14366
x-xss-protection: 0
server: cafe
etag: 5620846958848637340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 6AD7 15 KB
6 KB 34ms
8ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 11 Nov 2021 13:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1813
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: mlsSLz9Rk3nONJbaIwYXxoOHcK+uToL91R0ElFaMipoyHrXPEVEhIcjvuRmTBPfYsi3qncjrITA=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: PA1X9Q2W1QWGE04D
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 6AD7 35 KB
10 KB 50ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE787C6062E94A3796B7485BADF9E4E7 Ref B: FRAEDGE1313 Ref C: 2021-11-11T13:51:45Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame 6AD7 41 KB
14 KB 61ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 08:29:00 GMT
server: nginx
etag: W/"615c0ccc-a373"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Nov 2021 13:51:45 GMT

GET
H2 200 universal-script Show response
175592.tracking.hyros.com/v1/lst/ Frame 6AD7 17 KB
17 KB 371ms
180ms Script
text/plain 52.70.96.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-96-75.compute-1.amazonaws.com
Software: Jetty(9.4.41.v20210516) /
Resource Hash: eb08dce982f6718896f23beb41f4ee5c6b8b63dc416516bbb6d734e3e9875f09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
access-control-allow-credentials: true
server: Jetty(9.4.41.v20210516)
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/ea6a4ba6/www-widgetapi.vflset/ Frame 6AD7 143 KB
47 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c377f7fc3f9ad6b80bfc97f627aebb748040badefcba03f74be1a996559b53fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 09:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47372
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Nov 2022 09:15:35 GMT

OPTIONS
H2 204 fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 0
0 398ms
379ms Preflight
text/html 2606:4700:3034::ac43:d90a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=Rgr1W1YifRD09SkEhiiG&id=74638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-auth-provider
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.24
cache-control: no-cache, private
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKa%2Bw2%2BXG%2FdKB8SYKjD0w%2FS9Vcso%2FIZ9M0BvQMssPwwvWg83ZHJL2K143znU4DiFICcSH5kwa7FMgy96u%2Bv%2BrB%2BLEnNjpFQ01WeDced9axczA1X5%2F4pwI1FBs1MzIUjtyLHE3w7XxHJCxPpi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac7ff437f1f697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fetch-with-permalink Show response
v1.gdapis.com/api/groovevideo/ Frame 6AD7 2 KB
1 KB 237ms
237ms XHR
application/json 2606:4700:3034::ac43:d90a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=Rgr1W1YifRD09SkEhiiG&id=74638
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f3ad11b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: fd334905204cb6621838b7b073ded9a9027c470a5b509061b1113391ba725cbc

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.groove.cm/
x-auth-provider: auth0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0U29SQFk7n9H2UPKGsRI%2FRFu3IHBzZtEPEj%2BCBEWM9xh%2FaRMcTNQp2XoCCFFtU7tGxCQGMMzy7cwAB2h9HQWcNRfW%2FV4QEglzHRdNCN%2FPrVN0b8yHWiRonIDwna1GJBVvcX4uAkVm%2BOPC0B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 6ac7ff45dd24697b-FRA

GET
H2 200 10139345.json Show response
s.yimg.com/wi/config/ Frame 6AD7 2 B
450 B 27ms
13ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10139345.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:09:18 GMT
x-content-type-options: nosniff
age: 2547
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: SCYYSP638ZM10HZ5
x-amz-id-2: 2cTDsx0KLFBg2bwJIpShJBCKWdzc70jo9oIi6mevW8NMRCXzGz6LnMHouDF3azjDZK6yjxPLpv0=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 204 17533112.js Show response
bat.bing.com/p/action/ Frame 6AD7 0
93 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17533112.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Nov 2021 13:51:44 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1A3DC357D2E64636A8693138DDCCA5DA Ref B: FRAEDGE1313 Ref C: 2021-11-11T13:51:45Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 6AD7 0
150 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=29b4f92f-9883-4aff-8421-a690fa136793&sid=8201ee7042f611ecbdd9812cbd3e4270&vid=8202154042f611ecbfbadb5aecbcbec4&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fconvenientcovidtesting.com%2F&r=&lt=996&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=955923
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 253A9D5BA1694ECFBC6B32C51FA586AC Ref B: FRAEDGE1313 Ref C: 2021-11-11T13:51:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 6AD7 2 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1636638705226&cv=9&fst=1636638705226&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgb80&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&ref=https%3A%2F%2Fconvenientcovidtesting.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44c6ef17000c96dc306507a6f2c1ea03d6607a8b322159be0939ef7278e98ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ Frame 6AD7 43 B
964 B 115ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2011%20Nov%202021%2013%3A51%3A45%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&e=https%3A%2F%2Fconvenientcovidtesting.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:45 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 949E 11 KB
5 KB 51ms
18ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=convenientcovidtesting.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2187
date: Thu, 11 Nov 2021 13:51:45 GMT
content-length: 4683

GET
H/1.1 200
OK matomo.php
matomo.groovetech.io/ Frame 6AD7 43 B
217 B 149ms
149ms Image
image/gif 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=411370&h=13&m=51&s=45&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&urlref=https%3A%2F%2Fconvenientcovidtesting.com%2F&_id=e2dcbb8efa45a82c&_idts=1636638705&_idvc=1&_idn=1&_refts=1636638705&_viewts=1636638705&_ref=https%3A%2F%2Fconvenientcovidtesting.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=210&pv_id=rQF0X1
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Dorval, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 / PHP/7.4.24
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: no-store
server: nginx/1.19.2
x-powered-by: PHP/7.4.24
content-length: 43
content-type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/646915355/ Frame 6AD7 42 B
548 B 44ms
23ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/646915355/?random=1636638705226&cv=9&fst=1636635600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgb80&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&ref=https%3A%2F%2Fconvenientcovidtesting.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=1104417467&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/646915355/ Frame 6AD7 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/646915355/?random=1636638705226&cv=9&fst=1636635600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgb80&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&ref=https%3A%2F%2Fconvenientcovidtesting.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=1104417467&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 949E
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=convenientcovidtesting.com&lsw=1
https://mug.criteo.com/sid?cpp=kmYhoXxVRk5oSElQTzltWWFLNnhZMU4zR2hIalhMOGNCTmQ0NXNLOGJRY0NJZXZyRm9tRmtYSExsZzEwSGMyYTVDNmMvR2ErQXFtSUFTS1FHKzQvUUNOeUpUVXpGRXpDb3B3MFNWeUcrbHB6d2UrVjlMN0c5SERHckNVZ2...

452 B
643 B

50ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kmYhoXxVRk5oSElQTzltWWFLNnhZMU4zR2hIalhMOGNCTmQ0NXNLOGJRY0NJZXZyRm9tRmtYSExsZzEwSGMyYTVDNmMvR2ErQXFtSUFTS1FHKzQvUUNOeUpUVXpGRXpDb3B3MFNWeUcrbHB6d2UrVjlMN0c5SERHckNVZ25lejNXb0M5OVEzdTB1eXBSYUp5aG5OWVQzcFdmRlR3WWNXc1BCdExpSmlwaGd6dWVteDBndlFudXQ4S3RWZ1ZveEFEN0RGa2hQeW1lUlhGNGsvT0FNTDlZY3JrUVY5eENlcUpOWVNmVmpqRkMzRFdFLzQwLzJEdTNqcnd4a3NHdTNBeVFzbjhkc0gxZDg4bm9UaVhyT2JHeHRuVTVEdlJteGlDbnZTWjl3YVhBbVphbGhVVWVBOUJ3a2UwVFRQNnAyY1Q1RklORnw&cppv=2

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

16ed6294724b36589b2b3b583bb96786509a0fbd1e1d3226e88366082a10b109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 11 Nov 2021 13:51:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2262
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=kmYhoXxVRk5oSElQTzltWWFLNnhZMU4zR2hIalhMOGNCTmQ0NXNLOGJRY0NJZXZyRm9tRmtYSExsZzEwSGMyYTVDNmMvR2ErQXFtSUFTS1FHKzQvUUNOeUpUVXpGRXpDb3B3MFNWeUcrbHB6d2UrVjlMN0c5SERHckNVZ25lejNXb0M5OVEzdTB1eXBSYUp5aG5OWVQzcFdmRlR3WWNXc1BCdExpSmlwaGd6dWVteDBndlFudXQ4S3RWZ1ZveEFEN0RGa2hQeW1lUlhGNGsvT0FNTDlZY3JrUVY5eENlcUpOWVNmVmpqRkMzRFdFLzQwLzJEdTNqcnd4a3NHdTNBeVFzbjhkc0gxZDg4bm9UaVhyT2JHeHRuVTVEdlJteGlDbnZTWjl3YVhBbVphbGhVVWVBOUJ3a2UwVFRQNnAyY1Q1RklORnw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2378
content-length: 594
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/ Frame 6AD7
Redirect Chain

https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fconvenientcovidtesting.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=-fraW19rTGVkNVlwam...
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fconvenientcovidtesting.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=-fraW19rTGVkNVlwam...

7 KB
8 KB

295ms
108ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fconvenientcovidtesting.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=-fraW19rTGVkNVlwamxjSUZxdTROUHk4YWpuNlJ3amR1Z0w1ZiUyRm9uWW1JOFE5bmVMbEJlR0lmSiUyQjN0cEppRWJyd0xaTk82M2FKdzRHNXFSaUx4bUdkdEpGT29xaWFhdVllYU9EV0djOXBQdTRRaTdzSjZNZVhxUVJqNUFnbkhFYml0MFFGZ25XQW9WMWJxZnNjcGV2cWRmV0klMkJDQjdQanA5amp4OVh5NjN6cDJTQTglM0Q&tld=app.groove.cm&dtycbr=98512
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a0f3abdfab94bd1921a2291f078e4c1104fe3ab190da1c3a7b2603fd5ae7f4e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: application/x-javascript
server: Kestrel
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17347969
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fconvenientcovidtesting.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=-fraW19rTGVkNVlwamxjSUZxdTROUHk4YWpuNlJ3amR1Z0w1ZiUyRm9uWW1JOFE5bmVMbEJlR0lmSiUyQjN0cEppRWJyd0xaTk82M2FKdzRHNXFSaUx4bUdkdEpGT29xaWFhdVllYU9EV0djOXBQdTRRaTdzSjZNZVhxUVJqNUFnbkhFYml0MFFGZ25XQW9WMWJxZnNjcGV2cWRmV0klMkJDQjdQanA5amp4OVh5NjN6cDJTQTglM0Q&tld=app.groove.cm&dtycbr=98512
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3553853
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 gusid Show response
175592.tracking.hyros.com/v1/lst/ Frame 6AD7 0
524 B 102ms
102ms XHR
text/plain 52.70.96.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by: Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-96-75.compute-1.amazonaws.com
Software: Jetty(9.4.41.v20210516) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
Product-ID: 175592

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
session-id: HB-ET_e67bfb3ca90d9cd0d02806b8bc55f35ea6d6774ad421e302655d58b22b1f0f19
etag: HB-ET_e67bfb3ca90d9cd0d02806b8bc55f35ea6d6774ad421e302655d58b22b1f0f19
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://app.groove.cm
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0
server: Jetty(9.4.41.v20210516)

OPTIONS
H2 200 gusid
175592.tracking.hyros.com/v1/lst/ Frame 0
0 306ms
103ms Preflight
application/vnd.sun.wadl+xml 52.70.96.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-96-75.compute-1.amazonaws.com
Software: Jetty(9.4.41.v20210516) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: product-id
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 1557
access-control-allow-origin: https://app.groove.cm
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: product-id
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Thu, 11 Nov 2021 13:51:45 UTC
server: Jetty(9.4.41.v20210516)

GET
H2 200 / Show response
beacon-v2.helpscout.net/ Frame 6AD7 293 B
629 B 34ms
7ms Script
application/javascript 13.32.99.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/74638/Rgr1W1YifRD09SkEhiiG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 100e1afeeaa53b7f7312069b76f1c3c3609b20c9663a2527cf8b55b2fb3f0ab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 13:54:08 GMT
server: AmazonS3
age: 18
etag: "96bde67547afba204a4e7ec364d700a1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5b6e22c950501920595c86fc25834583.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=120, public
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 243
x-amz-cf-id: ezLGU__PPaIqzCQt2HYnWGYP9Io7PlWRjNCr7v7x4fpwrkNmxgQimw==

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame FF1C
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=4LtEPljpawjcl6rP8J47xfGhYh9oI344

42 B
417 B

41ms
13ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=4LtEPljpawjcl6rP8J47xfGhYh9oI344
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 13:51:45 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=4LtEPljpawjcl6rP8J47xfGhYh9oI344
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2394
date: Thu, 11 Nov 2021 13:51:45 GMT
content-length: 197
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FF1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1TYW5lcmZkdjVQSEFxekg5a0RMdU0yNUJGaGhBelIwZlFrLXNHUQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

24ms
13ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 232859
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame FF1C
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ&custom=&tag_format=img&tag_action=sync&custom=&cb=0fb14a14-dc2d-4ec7-9580-f88aa36...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0fb14a14-dc2d-4ec...

0
638 B

31ms
31ms

Image
text/plain

34.255.68.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0fb14a14-dc2d-4ec7-9580-f88aa3626764&final=true&reqid=82638130-42f6-11ec-81b6-8b84d996e1bf&timestamp=2021-11-11T13%3A51%3A45.860Z
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Server: 34.255.68.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:45 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 11 Nov 2021 13:51:45 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0fb14a14-dc2d-4ec7-9580-f88aa3626764&final=true&reqid=82638130-42f6-11ec-81b6-8b84d996e1bf&timestamp=2021-11-11T13%3A51%3A45.860Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
cm.mgid.com/ Frame FF1C 43 B
813 B 101ms
73ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617660&c=k-Sanerfdv5PHAqzH9kDLuM25BFhhAzR0fQk-sGQ
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ac7ff470bfb5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 v1
ads.yahoo.com/cms/ Frame FF1C 0
300 B 10ms
7ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame FF1C 43 B
964 B 37ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:45 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame FF1C 0
482 B 41ms
10ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-6fviLfdv5PHAqzH9kDLuM25BFhgnpjMMwuFKwg

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame FF1C 0
476 B 364ms
88ms Image
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-9e68kPdv5PHAqzH9kDLuM25BFhhU_eghZw3A7Q
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:46 GMT
Cache-Control: no-cache
X-TraceId: b1abe810ed846a0b892c191942040cae
Content-Length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame FF1C
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A%26seg%3D95287

43 B
1 KB

16ms
16ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A%26seg%3D95287

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 13:51:45 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ca00c16d-8178-4116-8db5-ba60466dbd4c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 13:51:45 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b0ee78b0-58c4-4c2a-920f-507412e408dd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame FF1C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&expires=30&user_group=5

43 B
495 B

16ms
16ms

Image
image/gif

3.124.225.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&expires=30&user_group=5
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Server: 3.124.225.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-225-84.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mJBxPfdv5PHAqzH9kDLuM25BFhh2XhtY60bo9A&expires=30&user_group=5
Date: Thu, 11 Nov 2021 13:51:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame FF1C 0
427 B 226ms
179ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-uEwLkPdv5PHAqzH9kDLuM25BFhhwdMlWGVF1cg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame FF1C 0
239 B 39ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uEwLkPdv5PHAqzH9kDLuM25BFhhwdMlWGVF1cg&expires=30
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FF1C 42 B
681 B 57ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-khnJWvdv5PHAqzH9kDLuM25BFhjwylNF7jKW_A
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:44 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:431
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame FF1C
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-tSzmJvdv5PHAqzH9kDLuM25BFhjsIIxxsZoStw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-tSzmJvdv5PHAqzH9kDLuM25BFhjsIIxxsZoStw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-tSzmJvdv5PHAqzH9kDLuM25BFhjsIIxxsZoStw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-tSzmJvdv5PHAqzH9kDLuM25BFhjsIIxxsZoStw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame FF1C
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ&C=1

43 B
1 KB

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ&C=1
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 13:51:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 13:51:45 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 13:51:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame FF1C 45 B
785 B 63ms
39ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-QvQdKvdv5PHAqzH9kDLuM25BFhgvs4NmeEaXhg

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 11 Nov 2021 13:51:45 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame FF1C 23 B
172 B 93ms
53ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-3Qpnefdv5PHAqzH9kDLuM25BFhg-RVvNcmymag
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Nov 2021 13:51:45 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame FF1C 35 B
336 B 111ms
38ms Image
image/gif 54.246.6.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ZAjRRfdv5PHAqzH9kDLuM25BFhiF-2krk9Wgxg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.6.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-6-154.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame FF1C 68 B
262 B 34ms
7ms Image
image/png 54.93.151.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-cp4_nfdv5PHAqzH9kDLuM25BFhjT9tQqjwpITg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.151.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-151-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame FF1C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XTy0h_dv5PHAqzH9kDLuM25BFhhc021ChT5QJg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XTy0h_dv5PHAqzH9kDLuM25BFhhc021ChT5QJg

43 B
448 B

32ms
32ms

Image
image/gif

54.72.237.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XTy0h_dv5PHAqzH9kDLuM25BFhhc021ChT5QJg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Server: 54.72.237.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-237-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XTy0h_dv5PHAqzH9kDLuM25BFhhc021ChT5QJg
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FF1C 0
230 B 76ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-HywH0Pdv5PHAqzH9kDLuM25BFhjdJ-RhO4feJg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6960

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame FF1C
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg&_li_chk=true&previous_uuid=5db7e2525adb4a28880e586366cc2515
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg

43 B
447 B

312ms
101ms

Image
image/gif

2600:1f18:444a:4602:2c20:3113:5c28:1366
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:46 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: a312acb513512a34
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JSqEKvdv5PHAqzH9kDLuM25BFhhWyAxEpzEzHg
Date: Thu, 11 Nov 2021 13:51:45 GMT
Connection: keep-alive
trace-id: cd664de580f46504
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame FF1C 43 B
163 B 410ms
127ms Image
image/gif 199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-OKhrtfdv5PHAqzH9kDLuM25BFhhSjgWRganGlA
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame FF1C 43 B
428 B 325ms
101ms Image
image/gif 54.173.185.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-p0v9rvdv5PHAqzH9kDLuM25BFhiJ4dNXxsWaNg
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-185-122.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:46 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame FF1C
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1&apid=UP826fdd90-42f6-11ec-8d3e-02431aa5aea6

0
343 B

10ms
9ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1&apid=UP826fdd90-42f6-11ec-8d3e-02431aa5aea6

Requested by

Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:45 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-8I3uGPdv5PHAqzH9kDLuM25BFhg3KloGsaI1Qw&_origin=1&apid=UP826fdd90-42f6-11ec-8d3e-02431aa5aea6
date: Thu, 11 Nov 2021 13:51:45 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame FF1C 43 B
183 B 285ms
90ms Image
image/gif 2600:1f18:612b:4232:542e:84b1:1361:c28e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-LNupRPdv5PHAqzH9kDLuM25BFhh6BOpvMuslpw
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:542e:84b1:1361:c28e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame FF1C
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-6kf-Jfdv5PHAqzH9kDLuM25BFhgPgJe9SG725Q&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

254ms
26ms

Image
image/gif

2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:46 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1636638706.dop022.ml1.t,1636638706.cds034.ml1.shn,1636638706.cds034.ml1.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 13:51:45 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1636638705872047-546
Expires: Thu, 11 Nov 2021 13:51:45 GMT

GET
H2 200 vendor.61535ce4.js Show response
beacon-v2.helpscout.net/static/js/ Frame 6AD7 701 KB
196 KB 9ms
9ms Script
application/javascript 13.32.99.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.61535ce4.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2272aa9b00d8075c53f4a1dd758a89b5529e13ac8cf3998cfea368d111647074

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:13:21 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 13:54:08 GMT
server: AmazonS3
age: 2305
etag: "af4a3896ce7200d19c698123cb812429"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5b6e22c950501920595c86fc25834583.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 199652
x-amz-cf-id: zPnoKp1UVpJHk7lmo2reqed1VxPZEcyNG3a9E57ev-JMZtPWO0V-wQ==

GET
H2 200 main.4ac9f4e1.js Show response
beacon-v2.helpscout.net/static/js/ Frame 6AD7 256 KB
64 KB 25ms
25ms Script
application/javascript 13.32.99.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.4ac9f4e1.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad775b8ae98460566602de42d96ff7ca4690406d9f01f7d200cf186b6a43e941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 12:03:28 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 13:54:08 GMT
server: AmazonS3
age: 6498
etag: "d24ed15ee8fb98b4082ad226deba059c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5b6e22c950501920595c86fc25834583.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 65333
x-amz-cf-id: LpJ5QMMep_jxOclJHeZcnjfUjgXf7k4zrGrAF4cWct5zeSLS67SWPw==

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame FF1C 43 B
220 B 12ms
11ms Image
image/gif 3.124.225.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xex0Mvdv5PHAqzH9kDLuM25BFhiRF_mVbE8EJA&expires=30&user_group=5
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.225.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-225-84.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 13:51:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 6AD7 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame FF1C
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1073911879336673956

43 B
342 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1073911879336673956
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1856895
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 13:51:45 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fa74641d-72ee-4010-a992-e36f3edc84a5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1073911879336673956
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame FF1C
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/eGummWCr0uicyrfHzoScUNy01UYE0nXr/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2887159548728553375

43 B
342 B

15ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2887159548728553375
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2067529
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2887159548728553375
pragma: no-cache
date: Thu, 11 Nov 2021 13:51:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 206 groovevideo-7ce970f939e436d8980cc4724aa10dd3.mp4
videos.groovevideo.com/5f61328a754dea0077d84f79/ Frame 6AD7 151 KB
0 535ms
506ms Media
video/mp4 2600:9000:223d:8a00:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.groovevideo.com/5f61328a754dea0077d84f79/groovevideo-7ce970f939e436d8980cc4724aa10dd3.mp4
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8a00:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://app.groove.cm/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 11 Nov 2021 13:51:47 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 22:01:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "67ac8afcc482a14908a2b1f6bf0dccf4"
x-cache: Miss from cloudfront
content-type: video/mp4
Content-Range: bytes 0-13517320/13517321
accept-ranges: bytes
Content-Length: 13517321
x-amz-cf-id: ShBmCTAMItvjNXbMq8g6Qc9tE5oOyoN7-M0O1z726nG5Una7GwBBoQ==

OPTIONS
H2 200 pc
175592.tracking.hyros.com/v1/lst/ Frame 0
0 103ms
103ms Preflight
application/vnd.sun.wadl+xml 52.70.96.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fconvenientcovidtesting.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-96-75.compute-1.amazonaws.com
Software: Jetty(9.4.41.v20210516) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 11 Nov 2021 13:51:46 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 2985
access-control-allow-origin: https://app.groove.cm
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Thu, 11 Nov 2021 13:51:46 UTC
server: Jetty(9.4.41.v20210516)

GET
H2 200 pc Show response
175592.tracking.hyros.com/v1/lst/ Frame 6AD7 117 B
392 B 103ms
103ms XHR
application/json 52.70.96.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fconvenientcovidtesting.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36
Requested by: Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-96-75.compute-1.amazonaws.com
Software: Jetty(9.4.41.v20210516) /
Resource Hash: 8d7c23b4bddae332e666268f291cd53e252f17a9381b6b5259838049a361c1b7

Request headers

Session-ID: HB-ET_e67bfb3ca90d9cd0d02806b8bc55f35ea6d6774ad421e302655d58b22b1f0f19
Product-ID: 175592
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
Access-Control-Allow-Headers: *

Response headers

date: Thu, 11 Nov 2021 13:51:46 GMT
server: Jetty(9.4.41.v20210516)
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.groove.cm
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 117

GET
H/1.1 200
OK matomo.php
matomo.groovetech.io/ Frame 6AD7 43 B
217 B 134ms
133ms Image
image/gif 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=999115&h=13&m=51&s=45&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F74638%2FRgr1W1YifRD09SkEhiiG&urlref=https%3A%2F%2Fconvenientcovidtesting.com%2F&_id=d903f06581f0c9ca&_idts=1636638706&_idvc=1&_idn=1&_refts=1636638706&_viewts=1636638706&_ref=https%3A%2F%2Fconvenientcovidtesting.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=210&pv_id=DenMMM
Requested by: Host: convenientcovidtesting.com
URL: https://convenientcovidtesting.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Dorval, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 / PHP/7.4.16
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:51:46 GMT
cache-control: no-store
server: nginx/1.19.2
x-powered-by: PHP/7.4.16
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-19 23:20:30	Name: _li_ss Value: MgkI_____wcQ7BA
convenientcovidtesting.com/	1970-01-20 08:03:13	Name: _pk_id.4.720d Value: bc898f3c00356e78.1636638704.1.1636638704.1636638704.
convenientcovidtesting.com/	1970-01-19 22:37:20	Name: _pk_ses.4.720d Value: 1
convenientcovidtesting.com/	1969-12-31 23:59:59	Name: hasVisitedPopupPage Value: true
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: B0-mgykzxwk
.youtube.com/	1970-01-20 02:56:30	Name: VISITOR_INFO1_LIVE Value: 6cJZZl7yiXw
.bing.com/	1970-01-20 07:58:54	Name: MUID Value: 280EF73175BD6FB804B2E7DD746F6ED7
.criteo.com/	1970-01-20 07:58:54	Name: uid Value: a7850091-d8b2-48df-81c3-8f87597e6b25
.doubleclick.net/	1970-01-20 07:58:54	Name: IDE Value: AHWqTUm727GrJZaut4tHRf1fcTi9c12V8SSZb-o4F7bAvbFfEvEAeyiqss02BoLcCqg
.yahoo.com/	1970-01-20 07:23:16	Name: A3 Value: d=AQABBPEfjWECEElIl9S30u4b3Rx1VHpwaMgFEgEBAQFxjmGXYQAAAAAA_eMAAA&S=AQAAAv43bdQ859He279LWSyzzP0
.bidswitch.net/	1970-01-20 07:22:54	Name: tuuid Value: 62a4fced-a588-4266-acb7-b9c170c1f85c
.bidswitch.net/	1970-01-20 07:22:54	Name: c Value: 1636638705
.bidswitch.net/	1970-01-20 07:22:54	Name: tuuid_lu Value: 1636638705
.adnxs.com/	1970-01-20 00:46:54	Name: uuid2 Value: 1073911879336673956
.3lift.com/	1970-01-20 00:46:54	Name: tluid Value: 10185970188127535124
.adnxs.com/	1970-01-20 00:46:54	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In9x/1f[!]tbPl@/D!9hy6]/Cr.^gKh`12_%_Ncw-Jbg29!meQd8?fSN@e/NytVYIs>6.A_6w??lP92Rrsd%nugO%v4VB%nrzf+f.3%
.rlcdn.com/	1970-01-20 07:22:54	Name: rlas3 Value: 6xTzuYifilzJFm3JwUntsZ1g4wN02JEZo+TXX6rkoO4=
.rlcdn.com/	1970-01-20 00:03:42	Name: pxrc Value: CAA=
.casalemedia.com/	1970-01-20 07:22:54	Name: CMID Value: YY0f8RPyPPGjH3Uyb4ArmQAA
.casalemedia.com/	1970-01-20 00:46:54	Name: CMPS Value: 3165
.pubmatic.com/	1970-01-19 23:20:30	Name: KRTBCOOKIE_97 Value: 3385-uid:k-khnJWvdv5PHAqzH9kDLuM25BFhjwylNF7jKW_A&KRTB&23286-uid:k-khnJWvdv5PHAqzH9kDLuM25BFhjwylNF7jKW_A&KRTB&23287-uid:k-khnJWvdv5PHAqzH9kDLuM25BFhjwylNF7jKW_A&KRTB&23288-uid:k-khnJWvdv5PHAqzH9kDLuM25BFhjwylNF7jKW_A
.pubmatic.com/	1970-01-19 23:20:30	Name: PugT Value: 1636638704
.pubmatic.com/	1970-01-20 00:46:54	Name: PUBMDCID Value: 3
cm.mgid.com/	1970-01-19 23:20:30	Name: mg_sync Value: {"617660":1636638705}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: labJRr_fNgP5
.mgid.com/	1970-01-19 22:37:20	Name: __cf_bm Value: XXYhDDHlwW7m_COCrcepj2ue5D5SsCU82RTPsS72oUw-1636638705-0-AflUTpNRywmRp6kBNQACejIpKyOtvQcolg1ECCiK5IKSGXyw3WMFGw+hspjuZyHiTV4/3gMX7JGuDFZjAUIZl1Y=
.media.net/	1970-01-20 07:22:54	Name: visitor-id Value: 2796403059868335000V10
.media.net/	1970-01-19 23:20:30	Name: data-c-ts Value: 1636638705
.media.net/	1970-01-19 23:20:30	Name: data-c Value: k-QvQdKvdv5PHAqzH9kDLuM25BFhgvs4NmeEaXhg~~3
.sharethrough.com/	1970-01-20 07:22:54	Name: stx_user_id Value: 52e18a6d-9378-4432-aaaa-4cc1cad68274
.casalemedia.com/	1970-01-20 00:46:54	Name: CMPRO Value: 1210
.casalemedia.com/	1970-01-19 22:38:45	Name: CMST Value: YY0f8WGNH-EA
.casalemedia.com/	1970-01-20 07:22:54	Name: CMRUM3 Value: 14618d1ff12760k-VE_fV_dv5PHAqzH9kDLuM25BFhiUCkaSTN-OqQ
.mediawallahscript.com/	1970-01-20 16:08:30	Name: mCookie Value: 82694d90-42f6-11ec-9148-39db6d65bb9b
.mediawallahscript.com/	1970-01-20 16:08:30	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
175592.tracking.hyros.com/	1970-01-24 13:43:58	Name: __mh_tt_s Value: HB-ET_e67bfb3ca90d9cd0d02806b8bc55f35ea6d6774ad421e302655d58b22b1f0f19
.revcontent.com/	1970-02-07 04:37:18	Name: __ID Value: f9c2ccad0821403cab1ce48a6b49dd04
.revcontent.com/	1970-01-19 23:20:30	Name: v1_151 Value: 1
.advertising.com/	1970-01-20 07:24:21	Name: APID Value: UP826fdd90-42f6-11ec-8d3e-02431aa5aea6
.taboola.com/	1970-01-20 07:22:54	Name: t_gid Value: cfb0c032-b1bf-455b-90b3-4cb1731cc323-tuct886a571
.360yield.com/	1970-01-20 00:46:54	Name: tuuid Value: 131718ec-bc26-4f16-91f6-d25c33842204
.360yield.com/	1970-01-20 00:46:54	Name: tuuid_lu Value: 1636638705
.addthis.com/	1970-01-20 07:58:54	Name: ouid Value: 618d1ff100011b4f75f60963d2a189a09cfdb6455b7df817773c
.addthis.com/	1970-01-20 07:58:54	Name: uid Value: 618d1ff1952abec5
.addthis.com/	1970-01-20 07:58:54	Name: na_id Value: 2021111113514591000226486703
.analytics.yahoo.com/	1970-01-20 07:24:21	Name: IDSYNC Value: "18zh~21h1:1761~21h1"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP826fdd90-42f6-11ec-8d3e-02431aa5aea6
.yahoo.com/	1970-01-19 22:38:45	Name: APIDTS Value: 1636638705
ads.stickyadstv.com/	1970-01-19 23:20:30	Name: UID Value: cdd1d1e8ef96b8528a9aa1ab647351d
ads.stickyadstv.com/	1970-01-19 23:20:30	Name: uid-bp-11554 Value: k-6kf-Jfdv5PHAqzH9kDLuM25BFhgPgJe9SG725Q
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 10ffbabec944e65efcb1ce212fcf20
.360yield.com/	1970-01-20 00:46:54	Name: um Value: !38,SBZ.RoQ3xJ0fGLG-XC8eZbyc9eZzVuH2KF10rDL5U3dzY4vRLZXd082Aq9PhyTzSDnxR5tO.,1644414705
.360yield.com/	1970-01-20 00:46:54	Name: umeh Value: !38,0,1698846705,-1
.outbrain.com/	1970-01-20 00:46:54	Name: obuid Value: a2b21977-6b1b-4e57-b31b-2020e5b23b0c
.outbrain.com/	1970-01-19 23:20:30	Name: criteo Value: k-9e68kPdv5PHAqzH9kDLuM25BFhhU_eghZw3A7Q
.postrelease.com/	1970-01-20 07:22:54	Name: opt_out Value: 1
.turn.com/	1970-01-20 02:56:30	Name: uid Value: 2887159548728553375
.liadm.com/	1970-01-20 16:08:30	Name: lidid Value: 5db7e252-5adb-4a28-880e-586366cc2515

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://widget.groovevideo.com/widget/app.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175592.tracking.hyros.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
api.loopedin.io
app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
bat.bing.com
beacon-v2.helpscout.net
cdn.productstash.io
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
contextual.media.net
convenientcovidtesting.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
ka-f.fontawesome.com
kit.fontawesome.com
match.sharethrough.com
matomo.groovetech.io
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
v1.gdapis.com
videos.groovevideo.com
widget.groovevideo.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
104.111.242.245
104.19.135.78
104.75.88.126
13.32.99.103
141.226.228.48
142.250.181.226
172.217.16.130
178.250.2.146
178.250.2.151
18.156.0.31
18.184.201.8
185.33.220.216
185.64.189.110
199.187.193.166
2.18.234.21
2.18.234.233
2.18.235.93
2001:4de0:ac19::1:b:2b
212.82.100.181
2600:1f18:444a:4602:2c20:3113:5c28:1366
2600:1f18:612b:4232:542e:84b1:1361:c28e
2600:9000:223d:8a00:b:d801:7900:93a1
2606:4700:3030::6815:5183
2606:4700:3034::6815:4c1d
2606:4700:3034::ac43:d90a
2606:4700:3035::6815:856
2606:4700:3035::ac43:c0e6
2606:4700::6810:135e
2606:4700::6812:15b4
2606:4700::6812:1634
2620:112:f002:bbbb::23
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638::3
3.124.225.84
34.255.68.26
35.244.174.68
51.161.92.183
52.70.96.75
54.173.185.122
54.216.252.255
54.246.6.154
54.72.237.47
54.84.59.211
54.93.151.69
64.202.112.159
69.173.144.165
74.119.119.150
76.223.111.18
89.187.169.47
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
100e1afeeaa53b7f7312069b76f1c3c3609b20c9663a2527cf8b55b2fb3f0ab8
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
16ed6294724b36589b2b3b583bb96786509a0fbd1e1d3226e88366082a10b109
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
1b5f1cf2147c10f37ac1e6a14635b8fcda9a5569e2492152a08ed6fe781d6db2
2041224a92f528f370b91e355bc02659c0e6307a115536c616afd8ed2a69b3de
2272aa9b00d8075c53f4a1dd758a89b5529e13ac8cf3998cfea368d111647074
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2a1e8569f7f8c36c25ffec9a1cb61d3e3a36b7dcb05f8ac8a6b6e98afb141a90
3269946a9744042e1466aca934fac6d44c1b567fd420d348ef256d69ccdec4e8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b2637396d82d107eb6abc3d9d649285bce741ce698f11b39de77df91a08ff9e
3c8d2db88c6ff2f4cef6c0aca43b5913718cace7fbd0a6e65f017710fe8a5f32
3dd8234b674830731a4ca44026b13e3f61142b8dc1902f95ccd273eeba9ac433
3e1cd13d5ad970e3b342931c9149cd2fc8cb5e53f357891525a195cab691c859
3f30e248083e0d6b10aaca731f91410b61b998dca9eea554cac95abb6873b2e3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c6ef17000c96dc306507a6f2c1ea03d6607a8b322159be0939ef7278e98ff9
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f31893fe18b01638730252b67d5bc52d7b641bf803f409372e04ce909d28a
5949002a116a1582e56d4b4ddc5a6263f24087df3945c9ad2dbc5f6c54578ae4
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
610d206e9ade60d892a0e3c5cca5c97684ce6899f845da9e6c381ebe4a40cf6b
66addb120b9f9171f92fff1d98b858b08edb2a508f086ff6340e9c30fad6d720
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946
691b584f0ed8697c3d836e8a07d39d2e96183db76a72e0e971be392c1ca00659
6aa2d31e507c20a51d4bee8ab76aa86abf82ca9e7f4f7ee9cac4eff9e9111214
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
723bba2291d88812c496902bc36915788b8076220d0e2fe1f698eada782dac37
745feaeddbb7a1255116ee49493f811da2eac940ac5039c6b14b32e7a02df58a
7518a7a99a478dbdc3d20124309f0f5c0d4362a3049270b1914648bdc59f5339
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80ec2b4efde071dbe2439f80f707ca6428cc788978aab845a1f07f3a6fec4ff9
81ce956f96b82418416aeaca025b916cc64dfc2e9aa283efc11661185ea389bb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d7c23b4bddae332e666268f291cd53e252f17a9381b6b5259838049a361c1b7
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
9f5643b5129482fb1cabce7eba987433823148b450c5fcc7703647c55ca17edb
a007b806acfa601cf195a2f213f73e8f09c00a9570cbb84c817f9c3b9ccbfd7f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f3abdfab94bd1921a2291f078e4c1104fe3ab190da1c3a7b2603fd5ae7f4e3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a6e2332041c94375e83950471b387ea1dc291f2696c8842b65069f623901c514
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad775b8ae98460566602de42d96ff7ca4690406d9f01f7d200cf186b6a43e941
ae62be59e72fc8918db6854ca141e3d5544285d740994d22cb19d8ce8295591b
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afb02acd0cc3fa040084e21ac5247a39793c2575956beea38ffed6f23bcace75
b027e629ed2a2d5badd8fe1a36af323a9f23bd86842cc75147014794a53d077b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bae97d7481cbcc86896bb517565e034033a25ceed60cfe93096f3517ac124af2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061
c377f7fc3f9ad6b80bfc97f627aebb748040badefcba03f74be1a996559b53fd
c96dae7ce864f50fae8653e108c5f0a08d112f8521f7d16691ae400b346a643b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb7d8c1c852ef4bbe847a78f948b1d443bb32eeeb6430a943102dae10300b188
cde9bd71c581c978fab8309d26c38a4ae2e6ea65b9a9d2d5c3637bb4532dc880
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458
dbde4353cc29c010797e86b669a5f83ee4b61fd762078e29f94a08b5a020f2aa
ddce9aec542cb50c6c028e5cc4b95b296382f646a41d01c4db08d8e61b5cdb5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb08dce982f6718896f23beb41f4ee5c6b8b63dc416516bbb6d734e3e9875f09
ec1d694ca0dfaaaa1ebc35e76d2909a61b9dc50f07d4504a6046448657a846cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b2e7758b54a276222a25cf3bcdf020d9f7e76eab53f827f21fc2125a202e1c
f3f689fc1829b9fe632712c5bd0dc2e12a1b99536dbd866166970cf893ecb92f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd334905204cb6621838b7b073ded9a9027c470a5b509061b1113391ba725cbc

convenientcovidtesting.com Open in urlscan Pro 2606:4700:3034::6815:4c1d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

116 Requests

85 %HTTPS

42 %IPv6

51 Domains

62 Subdomains

54 IPs

8 Countries

7042 kBTransfer

19363 kBSize

58 Cookies

0 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

convenientcovidtesting.com Open in urlscan Pro
2606:4700:3034::6815:4c1d Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

85 %
HTTPS

42 %
IPv6

51
Domains

62
Subdomains

54
IPs

8
Countries

7042 kB
Transfer

19363 kB
Size

58
Cookies

116 HTTP transactions
1 data transactions