chrome.google.com Open in urlscan Pro
2a00:1450:4001:82a::200e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://group1.lol/whatspp.com/fxr0679pyfnauabEn
Effective URL:
https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb
Submission: On February 22 via manual (February 22nd 2024, 9:00:39 pm UTC) from ID — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 20 HTTP transactions. The main IP is 2a00:1450:4001:82a::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is chrome.google.com. The Cisco Umbrella rank of the primary domain is 2893.
TLS certificate: Issued by GTS CA 1C3 on February 5th 2024. Valid for: 3 months.

This is the only time chrome.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	46.4.29.237 46.4.29.237	24940 (HETZNER-AS) (HETZNER-AS)
1	149.7.16.236 149.7.16.236	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1	193.108.117.211 193.108.117.211	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:5681	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3038::6815:eb45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
20	12

4 46.4.29.237 (Bad Muenstereifel, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.237.29.4.46.clients.your-server.de

group1.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.7.16.236 (London, United Kingdom)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 236-16-7-149.clients.gthost.com

news-zacine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.117.211 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 211-117-108-193.clients.gthost.com

news-zisiyo.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5681 (United States)

ASN13335 (CLOUDFLARENET, US)

a.jsdelivr.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb45 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chrome.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
4	group1.lol 1 redirects group1.lol	157 KB
3	google.com chrome.google.com — Cisco Umbrella Rank: 2893 www.google.com — Cisco Umbrella Rank: 2	12 KB
2	iili.io iili.io — Cisco Umbrella Rank: 61816	32 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	33 KB
1	jsdelivr.plus a.jsdelivr.plus — Cisco Umbrella Rank: 877422	23 KB
1	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 120886 service.supercounters.com Failed	2 KB
1	news-zisiyo.cc news-zisiyo.cc	10 KB
1	news-zacine.com news-zacine.com	9 KB
0	amung.us Failed whos.amung.us Failed
20	11

	Domain	Requested by
4	fonts.googleapis.com	group1.lol
4	group1.lol	1 redirects group1.lol
2	www.google.com	chrome.google.com
2	iili.io	group1.lol
1	fonts.gstatic.com	fonts.googleapis.com
1	chrome.google.com	group1.lol
1	code.jquery.com	group1.lol
1	a.jsdelivr.plus	group1.lol
1	widget.supercounters.com	group1.lol
1	news-zisiyo.cc	group1.lol
1	news-zacine.com	group1.lol
0	service.supercounters.com Failed	widget.supercounters.com
0	whos.amung.us Failed	group1.lol
20	13

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
group1.lol R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
news-zacine.com ZeroSSL ECC Domain Secure Site CA	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.news-zisiyo.cc R3	`2024-02-19` - `2024-05-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
supercounters.com GTS CA 1P5	`2024-02-13` - `2024-05-13`	3 months	crt.sh
iili.io E1	`2024-02-03` - `2024-05-03`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb
Frame ID: 2810FFAAC4A80E838350311A7A031B4C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Error 404 (Nicht gefunden)!!1

Page URL History Show full URLs

https://group1.lol/whatspp.com/fxr0679pyfnauabEn Page URL
https://group1.lol/lo.php Page URL
https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

288 kB
Transfer

387 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://group1.lol/whatspp.com/fxr0679pyfnauabEn Page URL
https://group1.lol/lo.php Page URL
https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://group1.lol/img.php HTTP 302
https://a.jsdelivr.plus/res/30689966/imgs/go/in/10.jpg?_=0.1

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 fxr0679pyfnauabEn
group1.lol/whatspp.com/ 668 B
541 B 407ms
41ms Document
text/html 46.4.29.237
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://group1.lol/whatspp.com/fxr0679pyfnauabEn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.29.237 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.237.29.4.46.clients.your-server.de
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 21:00:34 GMT
vary: Accept-Encoding

GET
H2 200 lo.php Show response
group1.lol/ 24 KB
7 KB 42ms
41ms Document
text/html 46.4.29.237
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://group1.lol/lo.php
Requested by: Host: group1.lol
URL: https://group1.lol/whatspp.com/fxr0679pyfnauabEn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.29.237 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.237.29.4.46.clients.your-server.de
Software: /
Resource Hash: bdeac8654f66ec4796a75d8d7c55279a0ee8ce407d258460cb2697df33c890b4

Request headers

Referer: https://group1.lol/whatspp.com/fxr0679pyfnauabEn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 21:00:34 GMT
vary: Accept-Encoding

GET
H2 200 https-v2.js Show response
news-zacine.com/code/ 9 KB
9 KB 167ms
51ms Script
application/javascript 149.7.16.236
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://news-zacine.com/code/https-v2.js?uid=141140&site=1219416546&banadu=0&sub1=sub1&sub2=sub2&sub3=sub3&sub4=sub4
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.236 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 236-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 04c659f68279c0cd072df97b69b806e46e31e9cd0e757e6e9c80cb108eee9d10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
last-modified: Mon, 19 Feb 2024 08:40:22 GMT
server: nginx
etag: "65d313f6-230f"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8975
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 process.js
news-zisiyo.cc/ 26 KB
10 KB 217ms
77ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://news-zisiyo.cc/process.js?id=1219416546&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
562 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Requested by

Host: group1.lol
URL: https://group1.lol/lo.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af784c1cfb0603b97d3a02ab87ab1c8f43228efc2b0f87995c080ef1dbfb5b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 20:57:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:00:34 GMT

GET
H2 200 droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 1 KB
382 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css

Requested by

Host: group1.lol
URL: https://group1.lol/lo.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 22 Feb 2024 21:00:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
741 B 136ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Nastaliq+Urdu:wght@700&display=swap

Requested by

Host: group1.lol
URL: https://group1.lol/lo.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb1f90ba4fe7e30d2a85062f7daf8ac400410146656fd533a0927ddf748fddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 21:00:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:00:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 134ms
47ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Nastaliq+Urdu:wght@400;700&display=swap

Requested by

Host: group1.lol
URL: https://group1.lol/lo.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9922b420a857abd4a4c1018fcdc3b05e2407bffeec3ff496d579e6d2260ac78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 21:00:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:00:34 GMT

GET
H2 200 online_i.js
widget.supercounters.com/ssl/ 4 KB
2 KB 179ms
70ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/online_i.js
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:46:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4378
etag: W/"6220aa82-10a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op0jij6uPW0jx0kaCnQFp7PFzDmfKKXpyn3GZhplBp51eWtTYermTaTnd7gFnTwFjTJErnoXzXmCtmm0GitJFm8R0zmV76dq1cW%2Bhg0oINhN50Rut6AAXAhIJ8%2B2SotzOjiZe1AP8jT%2FpoPs7x6daHL%2FmYElSBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 859a28cd7e616f94-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 2.jpg
group1.lol/ 149 KB
149 KB 40ms
40ms Image
image/jpeg 46.4.29.237
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://group1.lol/2.jpg
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.29.237 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.237.29.4.46.clients.your-server.de
Software: /
Resource Hash: bbceb038ece936d9851f0cb69e80037f3de3c769776ab3be6226f9f714231a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/lo.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-type: image/jpeg
date: Thu, 22 Feb 2024 21:00:34 GMT
cache-control: public, max-age=604800
last-modified: Thu, 11 Jan 2024 12:29:44 GMT
accept-ranges: bytes
content-length: 152675
expires: Thu, 29 Feb 2024 21:00:34 GMT

GET
H2

200

10.jpg
a.jsdelivr.plus/res/30689966/imgs/go/in/
Redirect Chain

https://group1.lol/img.php
https://a.jsdelivr.plus/res/30689966/imgs/go/in/10.jpg?_=0.1

22 KB
23 KB

166ms
52ms

Image
image/jpeg

2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.jsdelivr.plus/res/30689966/imgs/go/in/10.jpg?_=0.1
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687048723
age: 1894
x-guploader-uploadid: ABPtcPoNnuGffXATAL-yJwn7UQT_juAMUZ-p6FXd-Bo3hQ35ogvw4gS8Skk6_2RqNnlqrikoOwM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 22497
last-modified: Sun, 18 Jun 2023 01:04:17 GMT
server: cloudflare
etag: "e92dc45008a575244b15ccdcffc8ad48"
vary: Accept-Encoding
x-goog-generation: 1687050257159606
content-type: image/jpeg
content-language: en
x-goog-hash: crc32c=6++MKA==, md5=6S3EUAildSRLFczc/8itSA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUzkDCH9g%2Bw%2BZJxIFnFzTCXM2Nq1Y6RiXw9tnwweCu1Axz4XNFg5vrGuSEN9J9Kbqo5hXhKxpPLeZK7WbdJ55Va0MdSw%2FVA54DqtYedcO1ZacankZBPjQQxZvHDDHJXItb4K24Ga4iAX0K7kBXk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 22497
accept-ranges: bytes
cf-ray: 859a28ce3e3a0b4e-AMS
expires: Thu, 22 Feb 2024 21:29:00 GMT

Redirect headers

location: http://a.jsdelivr.plus/res/30689966/imgs/go/in/10.jpg?_=0.1
date: Thu, 22 Feb 2024 21:00:34 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 Ht256j2.jpg
iili.io/ 15 KB
16 KB 178ms
61ms Image
image/jpeg 2606:4700:3038::6815:eb45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/Ht256j2.jpg
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 304364
alt-svc: h3=":443"; ma=86400
content-length: 15721
last-modified: Fri, 04 Aug 2023 09:35:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMmpINFcKBawrFOOrsGZyoMWLu4roCJzhY3O4TP6PQyXg2zl83S08V3wutvUL20EQSKCIGoaRawSmI54mLkzIBZE8xpzUGh%2BTz3q0ddOsb6omDqSqnBWvIZIOBuNFWitKUryqYHn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 859a28ce6838c2f2-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ht25DYb.jpg
iili.io/ 16 KB
17 KB 175ms
58ms Image
image/jpeg 2606:4700:3038::6815:eb45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/Ht25DYb.jpg
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 304364
alt-svc: h3=":443"; ma=86400
content-length: 16513
last-modified: Fri, 04 Aug 2023 09:35:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQnXHc6fg80y07%2BFEf90u%2Bxw7XTV16tgA0hOLOX1dgpFe1ZNhEECV9IDHSyvKZLBSSI7HJyIK2VozBHtn57ozLIquX4oqqvCf6DUCVdWq2rL5QvrZTefWu8%2FUDJQIbtP7cvjLLQA"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 859a28ce683ac2f2-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-latest.min.js
code.jquery.com/ 94 KB
33 KB 181ms
58ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: group1.lol
URL: https://group1.lol/lo.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://group1.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 13833435
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-sof1510020-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708635635.958241,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 5, 191374

GET /
whos.amung.us/pingjs/ 0
0

GET fc.php
service.supercounters.com/ 0
0

GET
H2 404 Primary Request ceffdbkknpflmgklmhoiifkkcihpepgb Show response
chrome.google.com/webstore/detail/value%20/ 2 KB
2 KB 177ms
84ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb

Requested by

Host: group1.lol
URL: https://group1.lol/lo.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bd1c73dfc4fbd77ac1c0c551496e7af7e668d3d65fa658f677337920a43a4fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tUdoNukWcVKa7_mfuAYHVA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';worker-src 'self';report-uri /webstore/cspreport require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/chromewebstore/2
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://group1.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tUdoNukWcVKa7_mfuAYHVA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';worker-src 'self';report-uri /webstore/cspreport require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/chromewebstore/2
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none; report-to="coop_chromewebstore"
date: Thu, 22 Feb 2024 21:00:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"coop_chromewebstore","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chromewebstore"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://group1.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 14:49:04 GMT
x-content-type-options: nosniff
age: 22290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 14:49:04 GMT

GET
H2 200 robot.png
www.google.com/images/errors/ 6 KB
7 KB 127ms
40ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/errors/robot.png

Requested by

Host: chrome.google.com
URL: https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chrome.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:07:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
age: 157966
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6327
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Feb 2025 01:07:49 GMT

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ 3 KB
3 KB 136ms
48ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: chrome.google.com
URL: https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chrome.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:00:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 21:00:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: whos.amung.us
URL: https://whos.amung.us/pingjs/?k=lopez24&t=VIDEO%20PANEL%20&x=https://www.whatsapp.com/

Domain: service.supercounters.com
URL: https://service.supercounters.com/fc.php?id=1682618&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.57%20Safari%2F537.36&ref=https%3A%2F%2Fgroup1.lol%2Fwhatspp.com%2Ffxr0679pyfnauabEn&url=https%3A%2F%2Fgroup1.lol%2Flo.php%23&sw=1600&sh=1200&rand=53

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 23:00:46	Name: NID Value: 511=ewE_UgdLfW18wnZSO91RiV6kca8hQNW85LskGEVRk2D1e5-vlaCopS3T4oPPb8qaEG8XOxAOsgHyJH1muEA0v7t-XBqaIlqUYkZr8he64z5T4qJCA8LxdLo0fmjIFwbgw4NhYxnPRQIGUBARs9-n-un940YIhsZKZQt7CDG-u4E

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://chrome.google.com/webstore/detail/value%20/ceffdbkknpflmgklmhoiifkkcihpepgb Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jsdelivr.plus
chrome.google.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
group1.lol
iili.io
news-zacine.com
news-zisiyo.cc
service.supercounters.com
whos.amung.us
widget.supercounters.com
www.google.com
service.supercounters.com
whos.amung.us
149.7.16.236
193.108.117.211
2606:4700:3032::6815:5681
2606:4700:3038::6815:eb45
2a00:1450:4001:813::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a04:4e42:200::649
2a06:98c1:3121::3
46.4.29.237
04c659f68279c0cd072df97b69b806e46e31e9cd0e757e6e9c80cb108eee9d10
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
2bd1c73dfc4fbd77ac1c0c551496e7af7e668d3d65fa658f677337920a43a4fa
5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7
af784c1cfb0603b97d3a02ab87ab1c8f43228efc2b0f87995c080ef1dbfb5b3c
b9922b420a857abd4a4c1018fcdc3b05e2407bffeec3ff496d579e6d2260ac78
bb1f90ba4fe7e30d2a85062f7daf8ac400410146656fd533a0927ddf748fddab
bbceb038ece936d9851f0cb69e80037f3de3c769776ab3be6226f9f714231a61
bdeac8654f66ec4796a75d8d7c55279a0ee8ce407d258460cb2697df33c890b4
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

chrome.google.com Open in urlscan Pro 2a00:1450:4001:82a::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

73 %IPv6

11 Domains

13 Subdomains

12 IPs

3 Countries

288 kBTransfer

387 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

chrome.google.com Open in urlscan Pro
2a00:1450:4001:82a::200e Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

288 kB
Transfer

387 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions