groansoo.top Open in urlscan Pro
104.21.0.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7342544774928269416&website=26345-928a1496-5cbe...
Effective URL:
https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=786958...
Submission: On March 05 via api (March 5th 2024, 9:21:43 pm UTC) from US — Scanned from US

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 6 countries across 16 domains to perform 73 HTTP transactions. The main IP is 104.21.0.185, located in and belongs to . The main domain is groansoo.top.
TLS certificate: Issued by E1 on January 15th 2024. Valid for: 3 months.

This is the only time groansoo.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.68.81.31 51.68.81.31	16276 (OVH) (OVH)
1 1	104.26.7.190 104.26.7.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:303... 2606:4700:3036::6815:670	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:1362	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.8 185.66.201.8	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1 1	35.204.59.16 35.204.59.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	139.45.196.64 139.45.196.64	9002 (RETN-AS) (RETN-AS)
31	104.21.0.185 104.21.0.185	() ()
1	2a02:6b8::1:119 2a02:6b8::1:119	() ()
2	139.45.195.8 139.45.195.8	() ()
2	139.45.197.248 139.45.197.248	() ()
73	9

1 51.68.81.31 (France) 1 redirects

ASN16276 (OVH, FR)

cimentbuilder.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.190 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

admoustache.aftrad-visit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:670 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mety.panparan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

05790.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu

vmvne.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.59.16 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com

get.contenfordphone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.64 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

ptaumtee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
berokoaleske.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.21.0.185 (None, )

ASN- ()

groansoo.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::1:119 (None, )

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (None, )

ASN- ()

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.248 (None, )

ASN- ()

arleavannya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	groansoo.top groansoo.top	235 KB
4	panparan.com 1 redirects mety.panparan.com	6 KB
2	arleavannya.com arleavannya.com Failed
2	rtmark.net my.rtmark.net	1 KB
1	yandex.ru mc.yandex.ru
1	berokoaleske.com 1 redirects berokoaleske.com	824 B
1	ptaumtee.com 1 redirects ptaumtee.com	651 B
1	contenfordphone.com 1 redirects get.contenfordphone.com	270 B
1	vmvne.click vmvne.click	336 B
1	05790.click 05790.click	854 B
1	addlnk.com cdn.addlnk.com	1 KB
1	aftrad-visit.com 1 redirects admoustache.aftrad-visit.com — Cisco Umbrella Rank: 979210	555 B
1	cimentbuilder.one 1 redirects cimentbuilder.one	425 B
0	offpichuan.com Failed offpichuan.com Failed
0	ofklefkian.com Failed ofklefkian.com Failed
0	datatechonert.com Failed datatechonert.com Failed
73	16

	Domain	Requested by
31	groansoo.top	vmvne.click groansoo.top
4	mety.panparan.com	1 redirects mety.panparan.com
2	arleavannya.com	groansoo.top
2	my.rtmark.net	groansoo.top
1	mc.yandex.ru	groansoo.top
1	berokoaleske.com	1 redirects
1	ptaumtee.com	1 redirects
1	get.contenfordphone.com	1 redirects
1	vmvne.click	05790.click
1	05790.click	mety.panparan.com
1	cdn.addlnk.com	mety.panparan.com
1	admoustache.aftrad-visit.com	1 redirects
1	cimentbuilder.one	1 redirects
0	offpichuan.com Failed	groansoo.top
0	ofklefkian.com Failed	groansoo.top
0	datatechonert.com Failed	groansoo.top
73	16

This site contains no links.

Subject Issuer	Validity	Valid
panparan.com GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
addlnk.com GTS CA 1P5	`2024-02-04` - `2024-05-04`	3 months	crt.sh
05790.click R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
vmvne.click R3	`2024-02-28` - `2024-05-28`	3 months	crt.sh
groansoo.top E1	`2024-01-15` - `2024-04-14`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
arleavannya.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US
Frame ID: DF7029022353CA7D4D2ADAA3FB6E8AE6
Requests: 68 HTTP requests in this frame

Frame: https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: B7115B71AA7E86CC893F8EB879B3BB6C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7342544774928269416&website... HTTP 302
https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008... HTTP 302
https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNB... Page URL
https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub19c69f14697341d0b9cbb492798abf05&plac... Page URL
https://vmvne.click/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3... Page URL
https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1709673699aff4a3c31e28430... HTTP 302
https://ptaumtee.com/link?z=6510871&var=2243_29611306&ymid=65e78ce4eae3fd0001a6d569 HTTP 302
https://berokoaleske.com/link?z=6968411&var=${zone_id}&ymid=${SUBID} HTTP 302
https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=201696... Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

73
Requests

56 %
HTTPS

25 %
IPv6

16
Domains

16
Subdomains

9
IPs

6
Countries

244 kB
Transfer

1010 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7342544774928269416&website=26345-928a1496-5cbe6122&placement=26345&eyeg=3&eyer=0.25233338930092786&eyei=0&eyew=1440&eyeh=900&eyetd=210&eyef=ref.beheracrossa.com HTTP 302
https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008a57863bc05807c0c47f971f1022440d0305-202403-flb*5738009-ccc5a*m7342544774928269416*sl_5738009-ccc5a*e1850427a0e148616c7fd7352c886550d825674c*26345-928a1496-5cbe6122*26345 HTTP 302
https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf Page URL
https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub19c69f14697341d0b9cbb492798abf05&placementName=5d45d13c Page URL
https://vmvne.click/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1709673699aff4a3c31e284301a100a424%26sub5%3D29611306&do=ae233a93ff175da17697e6def7e02606 Page URL
https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1709673699aff4a3c31e284301a100a424&sub5=29611306 HTTP 302
https://ptaumtee.com/link?z=6510871&var=2243_29611306&ymid=65e78ce4eae3fd0001a6d569 HTTP 302
https://berokoaleske.com/link?z=6968411&var=${zone_id}&ymid=${SUBID} HTTP 302
https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7342544774928269416&website=26345-928a1496-5cbe6122&placement=26345&eyeg=3&eyer=0.25233338930092786&eyei=0&eyew=1440&eyeh=900&eyetd=210&eyef=ref.beheracrossa.com HTTP 302
https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008a57863bc05807c0c47f971f1022440d0305-202403-flb*5738009-ccc5a*m7342544774928269416*sl_5738009-ccc5a*e1850427a0e148616c7fd7352c886550d825674c*26345-928a1496-5cbe6122*26345 HTTP 302
https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf

Request Chain 2

https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

a91581ead4 Show response
mety.panparan.com/rc/
Redirect Chain

http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7342544774928269416&website=26345-928a1496-5cbe6122&placement=26345&eyeg=3&eyer=0.25233338930092786&eyei=0&eyew=1440&eyeh=9...
https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008a57863bc05807c0c47f971f1022440d0305-202403-flb*5738009-ccc5a*m7342544774928269416*sl...
https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf

2 KB
1 KB

371ms
244ms

Document
text/html

2606:4700:3036::6815:670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835d90e4f7e6b3b7330b394ed4ed9ca362ef806cf7d373247660a47b1688e744

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85fd281ffc0732d0-EWR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 21:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MGi%2BDaW3C1nOf7s1XBLP7oPi5LAj6aVIJFENklMJW2VQ2hZ3y2REQoCH47AWNhfLqN%2BSy6siqEvHx%2B1ghYspwHf2xnlANIKN4TTv6lHI8Fs5VdWVCfVB79cw1Z8AaIf%2FF5saKO24SmYgkOY9RKfEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 85fd281daace6a4f-EWR
content-length: 195
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 21:21:37 GMT
location: https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx0pc%2B2W4vj6rRsqZer8XR1puY69zEZec1X5Sz1I%2BS78CNUgPV9Pq6Cjjxt3URLJzVZYjTxfBvCiwxJRwnDNl299f58IBOiqfcqEyk614Yl3RS1ROCeZFCnvS%2FOJ%2BqWeCDJTXc8Cj1x0SjikAHk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 518ms
112ms Stylesheet
text/css 2606:4700:3034::6815:1362
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E9AYJ9XB99W6EV0M
age: 6080
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oEPNQVHTui2ieRjfzFq6frPLloJJiy2q6MCQyw+q33XkFna8+jQXmfY5pnS3RJ1Q7nauiuX2Vqc=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51JgYjBCnkzikyw3JLpvffnl5bKrYVzuMmouTbR3sN%2BEpM02YOSuxD1Ozf599Qc7x%2F3Nme2SBmeZm3qH2F2ZLS5qtNuD01CTcuOoQ529084fBFtJb6U6J6sChRV77I2tldYQwYgSFtewaDvvpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 85fd28242b0c32dc-EWR

GET
H2

200

main.js
mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame B711
Redirect Chain

https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

8 KB
4 KB

124ms
124ms

Script
application/javascript

2606:4700:3036::6815:670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

Protocol

Server

2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B138DCfeAFTf4AmJlch3kHOtL%2FMCGz%2BGEe8yUqo4ULmrlZPeg1LBp7wkdXbVIAMtVvHBjTdcuXFk6e1lxTXfY9cA2aa6yXEU29WPzq9hv84CA%2FGXyLwm0DsU5le90UOOMNvrpzPolz613m36%2Bsl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85fd2825b98432d0-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 05 Mar 2024 21:21:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68JRwhTOvWzRog%2BmHgBarw7a8d4%2Fn4PU9Oq5pLJ7SJH2TxbJl%2F%2B9k7nQ0YM9a73ebsqmwtJ2yMiIiXlT6vqKt5jfC3Hwo1ZJO1enAVaWL8s5HiNDorZ%2BmohPqEymKb2Fn0a8tWR4%2Beh4hj3iid1DXA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 85fd282518f732d0-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
05790.click/692fdd6300e7c8ac6d37/d93493d774/ 646 B
854 B 1050ms
187ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub19c69f14697341d0b9cbb492798abf05&placementName=5d45d13c

Requested by

Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=2014Fhk1bm5Q2nym3L3XsJrnFL6jJrV79smV3cxJrHnPmC1jmapNBZuctvQNAox38b1X8S&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 21:21:39 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

POST
H3 200 85fd281ffc0732d0
mety.panparan.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B711 0
641 B 48ms
44ms XHR
text/plain 2606:4700:3036::6815:670
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/jsd/r/85fd281ffc0732d0
Requested by: Host: mety.panparan.com
URL: https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 21:21:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYQmop2mmTo6JEEIgYfqCMy%2FZ%2FtMwexqsACIa%2BnOO1CAPL0Jmd2t2szi9E7iAJbhjd5POqs1oLYz5mDVXb9n5PiOkMElCqYMRO7snS7ixksIUcrvLCkrmWyzVOfKTZF%2BY71ktklWrzHYX7IE%2Bd5Y8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85fd28275ebf5e70-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 go.php
vmvne.click/ 593 B
336 B 568ms
256ms Document
text/html 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://vmvne.click/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1709673699aff4a3c31e284301a100a424%26sub5%3D29611306&do=ae233a93ff175da17697e6def7e02606

Requested by

Host: 05790.click
URL: https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub19c69f14697341d0b9cbb492798abf05&placementName=5d45d13c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.8.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://05790.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 21:21:39 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Primary Request sweeps-survey.html Show response
groansoo.top/
Redirect Chain

https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1709673699aff4a3c31e284301a100a424&sub5=29611306
https://ptaumtee.com/link?z=6510871&var=2243_29611306&ymid=65e78ce4eae3fd0001a6d569
https://berokoaleske.com/link?z=6968411&var=${zone_id}&ymid=${SUBID}
https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US

8 KB
4 KB

606ms
280ms

Document
text/html

104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US

Requested by

Host: vmvne.click
URL: https://vmvne.click/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1709673699aff4a3c31e284301a100a424%26sub5%3D29611306&do=ae233a93ff175da17697e6def7e02606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb9d3e9e4ad2bd4e53a18ca322f49f4cf00c64ca19e03c8384019377552eec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://vmvne.click/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1709673699aff4a3c31e284301a100a424%26sub5%3D29611306&do=ae233a93ff175da17697e6def7e02606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85fd283aea5cc3f3-EWR
content-encoding: br
content-type: text/html
date: Tue, 05 Mar 2024 21:21:41 GMT
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqh2ZmXX%2FxJY6XkdGozIfrrlakFI6vZv4GICso%2FQd8Dm8PUQDMY6yZ7j%2BUDqDXEIQihLdA1hA6aYag5VPA1PwK%2BQcfjZ1M87%2BQW%2Bipor019Q8o2FrucPnzLd8bMj51c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Tue, 05 Mar 2024 21:21:41 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://groansoo.top>; rel="dns-prefetch preconnect"
location: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff
x-trace-id: 9285ec893caeb386e9734e4b5eb71fbd

GET
H2 200 _rtc.1772caa1.js Show response
groansoo.top/js/ 12 KB
5 KB 103ms
102ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/_rtc.1772caa1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4975f5a7924743f31e435dd796c5a476bab4087f33d49097398a3b368f5ef820

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:31 GMT
server: cloudflare
etag: W/"65df236b-2fbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8V68U1Wdj9oD2Ap9hv6iCj39%2BcJpcsKJ%2Fp8PZuDS4DDsX3rOQG9sQ86TAz1l%2FTZtFpWur2wWR959FGas3KSYUAUHb6ypyTJ2QbQA4uEW5uLtJvYXf8CJ4njRr3CqBB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283ccd02c3f3-EWR

GET
H2 200 v-index.js.aa165aa7.js Show response
groansoo.top/js/ 40 KB
14 KB 101ms
98ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-index.js.aa165aa7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb64ac6f21dc78d280c3766d677e59c0b9791ca9402097bdd49301072b55a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
cf-polished: origSize=40988
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-a01c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv2XA8TuUj0d0M%2Ftj7vumzFpgUMYnX6Nj3BdTUK4ZB6uqMxjxZqySeyp6WKvYS2q3pNE3RsuP%2Fz8GbVuXu%2FjLgQ9caxuJjG5gzI09g5GHgICi6n41xpS5zEkzuiLHfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283ccd03c3f3-EWR

GET
H2 200 s-storageService.js.7b388b68.js Show response
groansoo.top/js/ 2 KB
1 KB 221ms
217ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/s-storageService.js.7b388b68.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8ec1508e01560b5dc7de1be7bb2ff0de3b8dc4ad61f29ec433a1f9f725fa238a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MX3oi%2BgNZhRMPv3zlSyU%2FYoV58QX0TsDXfBNRSItfH59P9NifxPG8LrarSJWa%2FtN%2FkzDXv9CALtR%2FB%2Fqq8uZiWONgC6AQ1eKxrT48U%2BOLpugOuxDMHWpOWa7AwRIWkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283cfd5ec3f3-EWR

GET
H2 200 s-checkSessionStorageAvailable.ts.328e2c88.js Show response
groansoo.top/js/ 330 B
487 B 219ms
215ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/s-checkSessionStorageAvailable.ts.328e2c88.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f187adbe5338c3d7bb4afa22cd9ff5eedda1f82d89f64ce5f6f078b48548ca72

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvyV8d2EXFhml0gPqWWHdHC8tL%2FS9lGjx1wBlnCRQCU7YwgxXOlEeIwmjMW5r0SwAgKOIuHFCsKuXfvO%2Fcce73eW8sJje%2BYXtn0dZMFC4YwebmJCGNrVMrd19YX3jWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283cfd60c3f3-EWR

GET
H2 200 s-checkLocalStorageAvailable.ts.364af98c.js Show response
groansoo.top/js/ 330 B
492 B 220ms
216ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/s-checkLocalStorageAvailable.ts.364af98c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f1076eacbcc8fd7c7b0ec60ee7a9f5ca33ab9a1fca61528c3ff4b47368e412a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82LGXYCofh7HhJmfXmKeuiVU3Zh%2F6AUQHHK%2By%2BaftgByjphJCZYA9qpVpfKG%2BJEbXXoK8qz2E1VJOVVKBjjKmQluDbeDP7P5QeTB9KxUTXkPPPMsgg%2BX1ul97CBtSkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283cfd63c3f3-EWR

GET
H2 200 v-redux-toolkit.esm.js.98abe0a5.js Show response
groansoo.top/js/ 11 KB
5 KB 270ms
267ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-redux-toolkit.esm.js.98abe0a5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fa4e661cf1c3971a2b6dab948956f7a3f2a02c9ed3c5facb802f8b7bd2d53581

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-2c37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bfl52TxgKqrBtvz7INZAclbcUppitthBaYPxktCPTc390abYPG69KFcN2riw1AQY5teAAJhxWKzyH4jy0XCVjPF6PuPp6iEw1JPTHKO20UAza%2FjrNR%2BBwDz4B6rWWjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283cfd65c3f3-EWR

GET
H2 200 _each-land-config.8c62fc40.js Show response
groansoo.top/js/ 70 KB
21 KB 272ms
269ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/_each-land-config.8c62fc40.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

48bc3edbcf98e4ece598dca8a08f10947a1126cbe6b0a220f02d0e89426ff6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
cf-polished: origSize=71784
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-11868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwTgNwtnZfDPVlZbfPqukwB8GLvXXQwW%2FUI%2BOMQZ25TNVriFINyFWaUo3QAHomTeO6FScDRhJgBEoWcmrOFAvetIQbAN%2FrkR%2Bk3p3bm9oJ8qyzUxoaZLt9oMC%2BR%2BCz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283cfd68c3f3-EWR

GET
H2 200 v-react-dom.production.min.js.00a08f5d.js Show response
groansoo.top/js/ 126 KB
41 KB 274ms
271ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-react-dom.production.min.js.00a08f5d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

80aaeb08262bbe3bb282f3b142fca4298823dd0b5fbc4ce5147b646a5c15eec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
cf-polished: origSize=129359
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:31 GMT
server: cloudflare
etag: W/"65df236b-1f94f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ax1t38ghIsjkaB39mu4OTd%2BCm%2FO18slIJsx2V8HMSemEzBr%2BxCKdZfLc1jalOEoJu6uypxRCIqshJF%2FU92ZNK%2Fj3nntIAshiSOOCOrZQ7R3JUkRTeKHSyfg%2BqFHydzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283cfd69c3f3-EWR

GET
H2 200 _core-survey.6e5cd820.js Show response
groansoo.top/js/ 165 KB
44 KB 420ms
418ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/_core-survey.6e5cd820.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb79473a96132395cc94f5c4fcd7974904cf5f3a87542802111ff5af3ca1d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
cf-polished: origSize=168746
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-2932a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaNJkfrJjCVYoJJ2o42wOxYqGq1CnLIRE8kUwoQjxxMlDaAPElcwWuM1l1mo137H%2B3IyxVEot4C6G4V6flSJn9IfGnGR5SS3GsHG3PP3SxC0DDz8D56VnJhT%2BxIiAzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283d1da7c3f3-EWR

GET
H2 200 sweeps-survey.b9da1582.js Show response
groansoo.top/js/ 6 KB
3 KB 418ms
415ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/sweeps-survey.b9da1582.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d8fdbb2ea94e51703933b2e59a5397affb025d2ca34fc98ea7b7f28d1f3b57d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:31 GMT
server: cloudflare
etag: W/"65df236b-16d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ss9U3kPY4zElESMLnhh5Gp3hERJIcIuqSZeBlOUWqWv1UEoPlrFzafqTp9YFatIOCky7KFu%2FW3QjZd%2BLHD594N4t78tG%2FxCfeFeq1Mw9j32Nhfhotn0DYZyouQuh52Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283d1daac3f3-EWR

GET
H2 200 _core-survey.d3ac2ee0.css
groansoo.top/css/ 83 B
398 B 103ms
100ms Stylesheet
text/css 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/css/_core-survey.d3ac2ee0.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
cf-polished: origSize=84
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kgzUbemE19WJMun%2FzJYx3UyNs%2FY0gulzQ8eexpB5xOTMn40%2F6GEEZPJettwwMuFdVTzsvE5x4MBM5WrEJVdxWMGOmtuusVin3qKTP%2FjvOksSE86bLNEg6LqjjCcDlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 85fd283cdd2cc3f3-EWR

GET
H2 200 sweeps-survey.f790ab2b.css
groansoo.top/css/ 91 KB
34 KB 104ms
101ms Stylesheet
text/css 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/css/sweeps-survey.f790ab2b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4783dfbdc80ead5b62e8f53188ea61b7f0836604c74ee43c065589807783290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2054
cf-polished: origSize=93615
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-16daf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYOw5aIn3bCjDphhWnCR8AHOx75DwHAwg87U9%2BE3oxr7SfI7pBuBHpy%2BEWRY1%2FHj6IyWD5snasrOlHdbRWtyjmZWxNFly8EV0RnESwXoG6Ck9NFqZT%2B2bNwZpbvYZwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 85fd283cdd2dc3f3-EWR

GET
H2 200 tag.js
mc.yandex.ru/metrika/ 113 KB
0 902ms
339ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Mar 2024 11:37:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65e1be04-1192e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71982
expires: Tue, 05 Mar 2024 22:21:42 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 496ms
174ms Fetch
application/json 139.45.195.8

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=ibs6wbuhbo3rm3uoxd93inodkh3lmu4i

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_each-land-config.8c62fc40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1ab7b2527aff1aa5f3fd3f4f25efa64b5a051f9dadcf20181c4974a6e59eba36

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://groansoo.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 sd-11956037-en.js Show response
groansoo.top/js/config/sd/ 6 KB
3 KB 108ms
107ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/config/sd/sd-11956037-en.js?v=10

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_each-land-config.8c62fc40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

607fe363c1f0dee454620e29dd454d64f7ebe28fdc15c666082760fafc63edea

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://groansoo.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7092
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-18cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBiYBhTyav6Lhv%2BVV3do4YZzlWvyUolQbOiHTxk3ps%2BE%2FyLR%2BpJGfNhaUZTZeVMmIkco2DuFj61B9A7viH41sRefLEQeM5Ws2H%2Ba3rBZJtQo1LlqqPOGqkCRQXwOrLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283eb8fc5e6a-EWR

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/webp

POST sync-metrics
arleavannya.com/ 0
0

OPTIONS
H2 200 sync-metrics
arleavannya.com/ Frame 0
0 427ms
168ms Preflight 139.45.197.248

General

Check archive.org

Show headers Download Go to

Full URL

https://arleavannya.com/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://groansoo.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://groansoo.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Tue, 05 Mar 2024 21:21:42 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H3 200 micro.tag.min.js Show response
groansoo.top/pfe/current/ 27 KB
11 KB 240ms
239ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/pfe/current/micro.tag.min.js?z=6954462&sw=/sw/sw6954462.js&var=6968411&var_3=788991158715167389&var_4=null&ymid=${zone_id}&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_each-land-config.8c62fc40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65df2369-6a26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJfW3fMQMM2Qpmqozt7%2BRxtwfPlB4LejbOMiNp4Tw9C3u6t3jZmvNG%2Fo1fPJOkBO%2FyWoH5PkaxkWxBVg2ik%2Fqtgy22H%2BTozNNSqEjJOidNx%2BVoszRdYgWuQzWaXvk%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283f79d85e6a-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 stattag.js Show response
groansoo.top/pfe/current/ 19 KB
8 KB 34ms
33ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/pfe/current/stattag.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7091
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:31 GMT
server: cloudflare
etag: W/"65df236b-4a6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G4oqwWga7jS0hB9833RG1hpPPwC6bg8CFZE271mnlddHmQ2ocEPiCYv3Dq6NFgjcVPS95DkjJ28HL1QvAU82tco0DlfFer7jRq%2BePEl8pogbFEz1m9oHMTOSNN563I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd283fda2a5e6a-EWR

GET
H3 200 en-sweep.json Show response
groansoo.top/js/config/comments/ 5 KB
1 KB 216ms
215ms Fetch
application/json 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/config/comments/en-sweep.json

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba9996bb189c0214098e767af678c6f9ecfc70edd78543b0ecc84e7793303c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65df2368-12f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmUsBcrKngShabQsa50oH5K49x%2Ffb1y5imlA6%2FEEsEIlb4DQJXAdNZqgXYs0b%2FkVfwlhVE%2FMMWRmdu7qc2ePCxE4IjOJoO8VytNazLCOq0qZQvSCj6DILFTmGkVCTXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 85fd283ffa915e6a-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 cookie-consent-1.json Show response
groansoo.top/js/config/dict/ 7 KB
3 KB 196ms
196ms Fetch
application/json 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/config/dict/cookie-consent-1.json?v=10

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_each-land-config.8c62fc40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65df2368-1a65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcGVnqHQ%2B9AAoW58zU13KHLXy3oheWISUXUFsn%2Fw9M8QSx4DgvjAoIlMbP7%2BvtqKjQ4ClzQfABdT2f82a%2B4e%2FwRKj9iEsf2Y6Pp4tHNQwLzJNJP4o8QKgT2Be2HexbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 85fd283ffa9a5e6a-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 SweepHeader.8e7220ee.css
groansoo.top/css/ 369 B
686 B 31ms
31ms Stylesheet
text/css 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/css/SweepHeader.8e7220ee.css

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

be1433fba47a27551a04629ff55f1a1d944922016569342433d79f0200d8959d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7091
cf-polished: origSize=370
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-172"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFEmScbfCxXXFJ7I6aKQGQv%2F2M86j7HxnDh5MJL5pxGJNHwzul4wsNLupfLA8j1XQlcLwY%2F9MQSHEptHGviYedw52WqDLD3eoivrEAdLfFW1kV24bm0MGJHFZnGd%2Fmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 85fd28400ab35e6a-EWR

GET
H3 200 SweepHeader.60e770f7.js Show response
groansoo.top/js/ 1009 B
970 B 64ms
64ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/SweepHeader.60e770f7.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f6645cd9c6a9901c287eea686823e2d1872ee49bd9e89f4fe304223e9563ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7087
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-3f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw39MBQuzBDkFD8fmZmaHQ%2BHHnOkgHKx6iqX48qfNpAtAB0E0uHhpEH8w%2BdQyVMpBcsHWva1Pe%2FeqZyKEPrFyLv6ppBtxUDGvj8vudHR1qkThQz9KVny1voiw4RAAxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ab85e6a-EWR

GET
H3 200 v-index.mjs.1f3547dd.js Show response
groansoo.top/js/ 34 KB
8 KB 35ms
35ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-index.mjs.1f3547dd.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

10ddb6a2f5118427a59f0b3c57df61e66e5fa25266f70e8edb2cb10e2c59013c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7087
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-89d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St6SRhFbpjBk44mpkTbX4BuYGUQ1NYRNh0yUGgUY6DbNpb1vC6NlVwp1t4gbcbPLHPeb36becV6IgtMcVrzl8eKiTTtBOtHmX6j0Eu7XAbRY%2B6akzZv6bWba7J6fPg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401abb5e6a-EWR

GET
H3 200 v-node.js.6e6a61fb.js Show response
groansoo.top/js/ 6 KB
2 KB 63ms
63ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-node.js.6e6a61fb.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

24c714c0d7489a9d7ec5b591b4c5bdc7a9081977dd9221947bcf101cc80f1d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7087
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-186b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTzCGf7v27VCLNVKI78UTFxaAmMq791B1PthZpJkHsTP4aRgk8WzcxUqeLaWRzv49%2Bik6Q6BUr5%2Fvte8i1K99wc08TQ4UiFKBebjCToA8%2FC%2FFPbnGBJXCpS89%2F%2FNm08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ac35e6a-EWR

GET
H3 200 v-possibleStandardNamesOptimized.js.5c80d7cf.js Show response
groansoo.top/js/ 7 KB
3 KB 78ms
78ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-possibleStandardNamesOptimized.js.5c80d7cf.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3efdbf9d4fcdf1f062a54171bc8be6ee64dcc0c67fb26c8c15976bef2c8731a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7087
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-1d99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vafwzhA51hAR5qtRF01jHFqNvg%2FVwK9Y6hvJAIB2r6eYORWHASPeIDPSMsQT1fSxNFBDGQSCiAzIP9AVq2ELUoc8lO%2F7lGudf1zx1yKOxjj4gdPF7ALz%2Fev%2B%2Be2dn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ac55e6a-EWR

GET
H3 200 v-utilities.js.0b42a76d.js Show response
groansoo.top/js/ 3 KB
2 KB 35ms
35ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-utilities.js.0b42a76d.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ada90af30448feaa59551953c9f22d79b6ccc4dadfe6cbee1472d179fd0f0cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7087
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-a11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDSa9Bxd9KG3%2BWOzmrYwiU673aJO7E%2FtsRYpLS3qeXrPL1juw58LMiX4XVfIUuTK36cEhdDgJtznZIKwNFEKubXE1hseT95GfzKLa3mI7%2B3BQXS9LqPIZjRl%2FFsCEe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ac65e6a-EWR

GET
H3 200 v-domparser.js.7cfe031d.js Show response
groansoo.top/js/ 2 KB
1 KB 79ms
79ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-domparser.js.7cfe031d.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6513f3043f6406e34c88c03f2c42404e08ed2e6135604df8d50d483692510cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7086
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-6b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1xL0i151PPx5nn5pWQFZ1yEk9KGGtyiAw1xMUgxkluuVy5F86vK2FWwp2mklyIptOFLeKCsG6JbJ3lgAP9EeUWKzt93dUFaVjHaikiVSLlzaejCDARn8DGN%2FKIZKew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ac85e6a-EWR

GET
H3 200 v-dom-to-react.js.6ea65e02.js Show response
groansoo.top/js/ 1 KB
1 KB 80ms
79ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-dom-to-react.js.6ea65e02.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f74bd69fe12528ab302b7f8c53e8afd730f4a48e938ad29fa2269c1e562a76b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7086
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:31 GMT
server: cloudflare
etag: W/"65df236b-43d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dl32EXa%2BG7nYAZIgBuf%2BDcra2u1p1Cut9PXovGGA%2FyQXvZKooeFRjljEr1ZMe65wZluRlyLTQPg0ANx%2FCAK7%2Fh7gAJgdJyvZB1ih16fegyacoI7XM1ubsF1w70l9DXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ac95e6a-EWR

GET
H3 200 v-attributes-to-props.js.4ba424fa.js Show response
groansoo.top/js/ 702 B
932 B 80ms
79ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-attributes-to-props.js.4ba424fa.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

15fe065c2a59fdf723583841a3c9e328fc8df5fa0481e4744c15655a5756010f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7086
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:29 GMT
server: cloudflare
etag: W/"65df2369-2be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBdGtzFpFTCn5Ip2fSwnlWBZ1PsUeSddnPIBxTEFwKEvQ6nOR%2Bz3PbO8Px13xITSTV%2BMzx6EiZ%2BmufJ%2BEfcjzZgW7iJAMptqiJKjwN9hN51IZ9AiWcr9bye5tkEBL5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401acb5e6a-EWR

GET
H3 200 v-html-to-dom.js.e4de7a6e.js Show response
groansoo.top/js/ 364 B
723 B 37ms
36ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-html-to-dom.js.e4de7a6e.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

257552eea73f70a4d7c21c3a55f6ca8326047b7958598f27497bddf0c9131b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7086
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-16c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8OYJHBptP%2BP1frHlz96XoqFJTqnNaqr8zL9zu9qhvFPednSdVgexJb9eI5HvKigeOpzaXE3TnvacS%2FrkIML1riBjBfmvoGiq2Y309Fq6iM5wgyAMmIDY1d2feauinc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401acc5e6a-EWR

GET
H3 200 v-constants.js.302423bc.js Show response
groansoo.top/js/ 600 B
823 B 80ms
79ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/v-constants.js.302423bc.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f60bc8ecca860f287680a5dc50d8d85b6afb00cd8ce35db480313d656c50da

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7086
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:31 GMT
server: cloudflare
etag: W/"65df236b-258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReUcN%2F0CsB%2FC7jcc14uRY1ADg4cRG0%2BIz%2Frn8IfNcsQ7dLo4UbPDWpQ8Jnt9UupPnY%2FEuQ6b440h9JSMuY06BDNamg3NOrum6bccJYyVu04L5ZHJuHPith5lAJwKKs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401acf5e6a-EWR

GET
H3 200 SurveyContainer.e4ddc868.js Show response
groansoo.top/js/ 56 KB
15 KB 80ms
80ms Script
application/javascript 104.21.0.185

General

Check archive.org

Show headers Download Go to

Full URL

https://groansoo.top/js/SurveyContainer.e4ddc868.js

Requested by

Host: groansoo.top
URL: https://groansoo.top/js/_core-survey.6e5cd820.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

640d9bbc9149771a338398d1f9b2e8797ab704dddea693ffd49c9acedeabfd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7085
cf-polished: origSize=57085
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: W/"65df2368-defd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBHkMTpI%2Fn6O3e29aFD61OH0N0GXin51yZSCAjoLwuRMnLG8SZ7hUVqHL6Bg9lgyJiirAx0xKmOqEMJpdKmtjdqxm2PTYRzug%2FhoGJ1iHGLaFfaSNMGw07dKkjgblLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 85fd28401ad15e6a-EWR

POST add
datatechonert.com/log/ 0
0

GET
H3 200 abstract-gift.png
groansoo.top/img/sweep/ 178 KB
0 33ms
33ms Image
image/png 104.21.0.185

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groansoo.top/img/sweep/abstract-gift.png

Requested by

Host: groansoo.top
URL: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US&utm_campaign=${zone_id}&utm_medium=6968411&utm_source=zd_7869586&utm_term=20169620&utm_content=zd_public_v2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.185 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7090
alt-svc: h3=":443"; ma=86400
content-length: 233638
last-modified: Wed, 28 Feb 2024 12:13:28 GMT
server: cloudflare
etag: "65df2368-390a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1dWMRDYRm2r7oe7Quah8idMBqslL3U3vo0oAEZ8n4G14PGG2KtuotBbiKUsbaOUqCP0%2B1OIlB6WVzvHyw7r6bGOORKJhgyKlDNIi5cMr836Hjdz%2BANmZnEDCnmDDWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 85fd2840dbc75e6a-EWR

OPTIONS
H2 200 sync-do
arleavannya.com/ Frame 0
0 175ms
175ms Preflight 139.45.197.248

General

Check archive.org

Show headers Download Go to

Full URL

https://arleavannya.com/sync-do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://groansoo.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://groansoo.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Tue, 05 Mar 2024 21:21:42 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

POST sync-do
arleavannya.com/ 0
0

GET sw6954462.js
groansoo.top/sw/ 0
0

POST zone
ofklefkian.com/ 0
0

GET confetti-1.webp
groansoo.top/img/rain/ 0
0

GET confetti-2.webp
groansoo.top/img/rain/ 0
0

GET confetti-3.webp
groansoo.top/img/rain/ 0
0

GET abstract-gift.webp
groansoo.top/img/sweep/ 0
0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 183ms
180ms Fetch
application/json 139.45.195.8

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6954462&checkDuplicate=true&ymid=${zone_id}&var=6968411

Requested by

Host: groansoo.top
URL: https://groansoo.top/pfe/current/micro.tag.min.js?z=6954462&sw=/sw/sw6954462.js&var=6968411&var_3=788991158715167389&var_4=null&ymid=${zone_id}&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

3170fa7e1cbd0da3b02a7760af50626aba361cf8b3aa9e2a26c0b8f0719e95fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:21:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://groansoo.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET zone
ofklefkian.com/ 0
0

GET person-sweep-1.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-2.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-3.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-4.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-5.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-6.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-7.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-8.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-9.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-10.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-11.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-12.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-13.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-14.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-15.webp
groansoo.top/img/comments/ 0
0

GET person-sweep-16.webp
groansoo.top/img/comments/ 0
0

GET rotate
offpichuan.com/ 0
0

POST sync-metrics
arleavannya.com/ 0
0

OPTIONS sync-metrics
arleavannya.com/ Frame 0
0

POST sync-metrics
arleavannya.com/ 0
0

OPTIONS sync-metrics
arleavannya.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Domain: datatechonert.com
URL: https://datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=3af204ae-c947-4b61-aa56-d75959ac66d5

Domain: arleavannya.com
URL: https://arleavannya.com/sync-do

Domain: groansoo.top
URL: https://groansoo.top/sw/sw6954462.js?var=6968411&var_3=788991158715167389&var_4=null&ymid=%24%7Bzone_id%7D&ab2_ttl=5184000000

Domain: ofklefkian.com
URL: https://ofklefkian.com/zone?&pub=0&zone_id=6954462&is_mobile=false&domain=groansoo.top&var=6968411&ymid=%24%7Bzone_id%7D&var_3=788991158715167389&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest

Domain: groansoo.top
URL: https://groansoo.top/img/rain/confetti-1.webp

Domain: groansoo.top
URL: https://groansoo.top/img/rain/confetti-2.webp

Domain: groansoo.top
URL: https://groansoo.top/img/rain/confetti-3.webp

Domain: groansoo.top
URL: https://groansoo.top/img/sweep/abstract-gift.webp

Domain: ofklefkian.com
URL: https://ofklefkian.com/zone?&pub=0&zone_id=6954462&is_mobile=false&domain=groansoo.top&var=6968411&ymid=%24%7Bzone_id%7D&var_3=788991158715167389&var_4=null&dsig=&tg=1&sw=3.1.472&action=settings

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-1.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-2.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-3.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-4.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-5.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-6.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-7.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-8.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-9.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-10.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-11.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-12.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-13.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-14.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-15.webp

Domain: groansoo.top
URL: https://groansoo.top/img/comments/person-sweep-16.webp

Domain: offpichuan.com
URL: https://offpichuan.com/rotate?zz=5866182;5866173;5866192;5866197;5866204&var=6968411&ymid=${zone_id}&uid=ibs6wbuhbo3rm3uoxd93inodkh3lmu4i&var_3={var_3}

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
05790.click/692fdd6300e7c8ac6d37/d93493d774	1970-01-20 18:56:00	Name: shown1 Value: 0
05790.click/692fdd6300e7c8ac6d37/d93493d774	1970-01-20 18:55:01	Name: total_impressions Value: 1
.panparan.com/	1970-01-21 03:40:09	Name: cf_clearance Value: abue8qCeGhlOSzsbPkrJEVPZoAqSlJc.f036Ka8VTmA-1709673698-1.0.1.1-Hsia8Gja6J7cI1u3X8tuFLs9JwpFYzJcZPaQRebP.CL5217VETokaJngiMStRLNjTXM7WMIc6YrGFg_LtQ_dzA
05790.click/	1970-01-20 18:55:01	Name: used_ad2911498 Value: 1
05790.click/	1970-01-20 18:56:00	Name: used_c_70714 Value: 1
get.contenfordphone.com/	1970-01-21 03:40:09	Name: afclick Value: 65e78ce4eae3fd0001a6d569
ptaumtee.com/	1970-01-21 03:40:09	Name: OAID Value: 0480163addcc46eefa2f39e8b4497f62
ptaumtee.com/	1970-01-21 03:40:09	Name: oaidts Value: 1709673700
berokoaleske.com/	1970-01-21 03:40:09	Name: OAID Value: 0480163226e74bdef9546da61eeed2f9
berokoaleske.com/	1970-01-21 03:40:09	Name: oaidts Value: 1709673701
berokoaleske.com/	1970-01-21 03:40:09	Name: OXCCLK Value: 7869586.1
berokoaleske.com/	1970-01-21 03:40:09	Name: allcnt Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US&utm_campaign=${zone_id}&utm_medium=6968411&utm_source=zd_7869586&utm_term=20169620&utm_content=zd_public_v2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US&utm_campaign=${zone_id}&utm_medium=6968411&utm_source=zd_7869586&utm_term=20169620&utm_content=zd_public_v2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US&utm_campaign=${zone_id}&utm_medium=6968411&utm_source=zd_7869586&utm_term=20169620&utm_content=zd_public_v2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://groansoo.top/sweeps-survey.html?offer_id=11956037&z=6968411&s=788991158715167389&b=20169620&campaignid=7869586&var=${zone_id}&ymid=788991158715167389&var_3={var_3}&geo=US&utm_campaign=${zone_id}&utm_medium=6968411&utm_source=zd_7869586&utm_term=20169620&utm_content=zd_public_v2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05790.click
admoustache.aftrad-visit.com
arleavannya.com
berokoaleske.com
cdn.addlnk.com
cimentbuilder.one
datatechonert.com
get.contenfordphone.com
groansoo.top
mc.yandex.ru
mety.panparan.com
my.rtmark.net
offpichuan.com
ofklefkian.com
ptaumtee.com
vmvne.click
arleavannya.com
datatechonert.com
groansoo.top
offpichuan.com
ofklefkian.com
104.21.0.185
104.26.7.190
139.45.195.8
139.45.196.64
139.45.197.248
185.66.201.43
185.66.201.8
2606:4700:3034::6815:1362
2606:4700:3036::6815:670
2a02:6b8::1:119
35.204.59.16
51.68.81.31
03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
10ddb6a2f5118427a59f0b3c57df61e66e5fa25266f70e8edb2cb10e2c59013c
15fe065c2a59fdf723583841a3c9e328fc8df5fa0481e4744c15655a5756010f
1ab7b2527aff1aa5f3fd3f4f25efa64b5a051f9dadcf20181c4974a6e59eba36
24c714c0d7489a9d7ec5b591b4c5bdc7a9081977dd9221947bcf101cc80f1d81
257552eea73f70a4d7c21c3a55f6ca8326047b7958598f27497bddf0c9131b2f
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
3170fa7e1cbd0da3b02a7760af50626aba361cf8b3aa9e2a26c0b8f0719e95fe
3efdbf9d4fcdf1f062a54171bc8be6ee64dcc0c67fb26c8c15976bef2c8731a7
4783dfbdc80ead5b62e8f53188ea61b7f0836604c74ee43c065589807783290d
48bc3edbcf98e4ece598dca8a08f10947a1126cbe6b0a220f02d0e89426ff6fd
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
4975f5a7924743f31e435dd796c5a476bab4087f33d49097398a3b368f5ef820
4ba9996bb189c0214098e767af678c6f9ecfc70edd78543b0ecc84e7793303c1
607fe363c1f0dee454620e29dd454d64f7ebe28fdc15c666082760fafc63edea
640d9bbc9149771a338398d1f9b2e8797ab704dddea693ffd49c9acedeabfd5a
6513f3043f6406e34c88c03f2c42404e08ed2e6135604df8d50d483692510cd3
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
7cb9d3e9e4ad2bd4e53a18ca322f49f4cf00c64ca19e03c8384019377552eec3
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
80aaeb08262bbe3bb282f3b142fca4298823dd0b5fbc4ce5147b646a5c15eec9
835d90e4f7e6b3b7330b394ed4ed9ca362ef806cf7d373247660a47b1688e744
8ec1508e01560b5dc7de1be7bb2ff0de3b8dc4ad61f29ec433a1f9f725fa238a
a1f60bc8ecca860f287680a5dc50d8d85b6afb00cd8ce35db480313d656c50da
ada90af30448feaa59551953c9f22d79b6ccc4dadfe6cbee1472d179fd0f0cf3
bcb64ac6f21dc78d280c3766d677e59c0b9791ca9402097bdd49301072b55a86
be1433fba47a27551a04629ff55f1a1d944922016569342433d79f0200d8959d
c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
d8fdbb2ea94e51703933b2e59a5397affb025d2ca34fc98ea7b7f28d1f3b57d4
d9f6645cd9c6a9901c287eea686823e2d1872ee49bd9e89f4fe304223e9563ea
f1076eacbcc8fd7c7b0ec60ee7a9f5ca33ab9a1fca61528c3ff4b47368e412a5
f187adbe5338c3d7bb4afa22cd9ff5eedda1f82d89f64ce5f6f078b48548ca72
f74bd69fe12528ab302b7f8c53e8afd730f4a48e938ad29fa2269c1e562a76b3
fa4e661cf1c3971a2b6dab948956f7a3f2a02c9ed3c5facb802f8b7bd2d53581
ffb79473a96132395cc94f5c4fcd7974904cf5f3a87542802111ff5af3ca1d8b

groansoo.top Open in urlscan Pro 104.21.0.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

56 %HTTPS

25 %IPv6

16 Domains

16 Subdomains

9 IPs

6 Countries

244 kBTransfer

1010 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

groansoo.top Open in urlscan Pro
104.21.0.185 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

56 %
HTTPS

25 %
IPv6

16
Domains

16
Subdomains

9
IPs

6
Countries

244 kB
Transfer

1010 kB
Size

12
Cookies

73 HTTP transactions
1 data transactions