video4646.grooveblog.com Open in urlscan Pro
104.18.14.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cqo.be/flh1a
Effective URL:
https://video4646.grooveblog.com/?v=4
Submission: On October 25 via api (October 25th 2021, 8:25:57 pm UTC) from IE — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 104.18.14.3, located in United States and belongs to CLOUDFLARENET, US. The main domain is video4646.grooveblog.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2021. Valid for: a year.

This is the only time video4646.grooveblog.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.202.14 172.67.202.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.18.14.3 104.18.14.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.22.52 104.18.22.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.16.124.175 104.16.124.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1 2	104.21.94.32 104.21.94.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.21.81.131 104.21.81.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
26	10

1 172.67.202.14 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cqo.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.14.3 (United States)

ASN13335 (CLOUDFLARENET, US)

video4646.grooveblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.52 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.124.175 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.94.32 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2bpr.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.81.131 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	grooveblog.com video4646.grooveblog.com	13 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
2	fbcdn.net static.xx.fbcdn.net	3 KB
2	2bpr.xyz 1 redirects 2bpr.xyz	10 KB
2	unpkg.com 1 redirects unpkg.com	163 KB
2	cloudflare.com cdnjs.cloudflare.com	9 KB
1	amung.us whos.amung.us	31 B
1	imgur.com i.imgur.com	9 KB
1	cqo.be 1 redirects cqo.be	3 KB
26	10

	Domain	Requested by
10	video4646.grooveblog.com	video4646.grooveblog.com
4	fonts.googleapis.com	video4646.grooveblog.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	static.xx.fbcdn.net	video4646.grooveblog.com
2	2bpr.xyz	1 redirects video4646.grooveblog.com
2	unpkg.com	1 redirects video4646.grooveblog.com
2	cdnjs.cloudflare.com	video4646.grooveblog.com
1	whos.amung.us	video4646.grooveblog.com
1	i.imgur.com	video4646.grooveblog.com
1	kit.fontawesome.com	video4646.grooveblog.com
1	cqo.be	1 redirects
26	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-26` - `2022-01-25`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://video4646.grooveblog.com/?v=4
Frame ID: 927FDD7FF06C047C0EFC4A7D13858760
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cqo.be/flh1a HTTP 301
https://video4646.grooveblog.com/?v=4 Page URL

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

233 kB
Transfer

2209 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cqo.be/flh1a HTTP 301
https://video4646.grooveblog.com/?v=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/tailwindcss@%5E1.0/dist/tailwind.min.css HTTP 302
https://unpkg.com/tailwindcss@1.9.6/dist/tailwind.min.css

Request Chain 7

https://2bpr.xyz/async?&user=Wason07&html=mobile HTTP 301
https://2bpr.xyz/async/?&user=Wason07&html=mobile

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
video4646.grooveblog.com/
Redirect Chain

https://cqo.be/flh1a
https://video4646.grooveblog.com/?v=4

55 KB
7 KB

275ms
228ms

Document
text/html

104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef561f912604eb47ec5a3697da4c7f2811f58a7dd485742c56fa800e5a02406

Request headers

:method: GET
:authority: video4646.grooveblog.com
:scheme: https
:path: /?v=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 25 Oct 2021 20:25:52 GMT
content-type: text/html
last-modified: Fri, 22 Oct 2021 20:40:14 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a3e2d385becf9e6-PRG
content-encoding: gzip

Redirect headers

date: Mon, 25 Oct 2021 20:25:52 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
location: https://video4646.grooveblog.com/?v=4
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; preload
content-security-policy: default-src 'self'; connect-src 'self' https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://onesignal.com https://*.onesignal.com https://yoast.com https://*.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://*.google.com https://*.google-analytics.com https://onesignal.com https://*.onesignal.com https://*.googlesyndication.com https://wcs.naver.net https://*.google-analytics.com https://*.google.co.kr https://*.doubleclick.net https://*.gstatic.com; img-src 'self' data: https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://*.google-analytics.com https://secure.gravatar.com https://wcs.naver.com https://*.doubleclick.net https://*.w.org/ https://wordpress.org/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://onesignal.com; font-src 'self' data: https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://fonts.gstatic.com; frame-src 'self' https://*.doubleclick.net https://*.youtube.com https://*.cqo.be https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.c0de.kr https://*.googlesyndication.com https://*.cuo.kr https://*.cqo.kr https://*.nesez.com https://*.gooogle.com https://cse.gooogle.com https://*.noticecode.com https://*.nesez.net https://*.c-o.pw https://nesez.com https://www.google-analytics.com https://*.coa.pw https://*.conn.pw https://*.ampproject.org https://*.google.com; object-src 'none'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BtNVN%2B6S1qSvp%2BP2lxH6S8Elt%2F%2Bfw8li06kd7w9uLc%2FA0lNzocj3rqyYkkS9xvKpm7FP0GyvbmqV4WhZKe20%2Bvrs%2BYQQMkb99hpdQU6l0127aWtLuaDFKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a3e2d35fec82790-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 58ms
28ms Script
text/javascript 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e7647a48d4.js

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://video4646.grooveblog.com/
Origin: https://video4646.grooveblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:52 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 2
strict-transport-security: max-age=31536000; preload
x-request-id: FrFf3uDHTjbkbFO3ULbB
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6a3e2d3a1eb44131-PRG
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 mustache.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.1.0/ 9 KB
3 KB 50ms
21ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.1.0/mustache.min.js

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452b32f99948d551d5c7b6c6a5e4ddb8935e6413d2755c4e2cfe09aba75ff68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 661175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2384
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f29-23ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5YVtdn32ZHR90yu%2BrSSTfR2qt4qW%2FZ%2BFE4sjdkvV%2BvoyBtiH6cc4%2Fbuz5q6O3iz1TvFyVqZn%2BlnPr7VzquebBjUdV59Uav%2BE%2BIto3ZKvfU3Kb1sJBDAimwF5GGZUv%2BXFmvHVjNH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a3e2d3a1f782794-PRG
expires: Sat, 15 Oct 2022 20:25:52 GMT

GET
H2

200

tailwind.min.css
unpkg.com/tailwindcss@1.9.6/dist/
Redirect Chain

https://unpkg.com/tailwindcss@%5E1.0/dist/tailwind.min.css
https://unpkg.com/tailwindcss@1.9.6/dist/tailwind.min.css

2 MB
162 KB

34ms
34ms

Stylesheet
text/css

104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tailwindcss@1.9.6/dist/tailwind.min.css

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.124.175 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16037501
fly-request-id: 01F3YKH47EHTJ6ZT5AZYFC1DCW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1e0602-+7g5GxBqQ0BFI5Mmd9f2Ke69Z3U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a3e2d3a5f842788-PRG

Redirect headers

date: Mon, 25 Oct 2021 20:25:52 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FJWHNZ2ZRT1P3FZW2G3HQ4K4
server: cloudflare
age: 426
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /tailwindcss@1.9.6/dist/tailwind.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a3e2d3a2ef32788-PRG
access-control-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
756 B 39ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 18:51:31 GMT
server: ESF
date: Mon, 25 Oct 2021 20:25:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 20:25:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 39ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

c9bcb14eb9a8f58d76f9ce83393c299c1e3a06169e6990b9c8cd4e0ef70e53aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 20:13:33 GMT
server: ESF
date: Mon, 25 Oct 2021 20:25:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 20:25:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
700 B 40ms
17ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700&display=swap

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

beb3786141808cd77d5b8c076a6ec78804558a92452d087a2f084ef69e5e4453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 19:56:26 GMT
server: ESF
date: Mon, 25 Oct 2021 20:25:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 20:25:52 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 58ms
29ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2863060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5LHAYHA0D2YldJA9ZT7zV4bCdASA%2FghfAg9ueGFTU7nIt1brZKeEtBaZDLGHHGK6i25Ok0cfPdnQhbehQyql%2FgYzfyhXYxCsrtiowI1gwBqhRsw5VUI9YylPF9YjCy0FCXbWIOz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a3e2d3a1f752794-PRG
expires: Sat, 15 Oct 2022 20:25:52 GMT

GET
H2

200

/ Show response
2bpr.xyz/async/
Redirect Chain

https://2bpr.xyz/async?&user=Wason07&html=mobile
https://2bpr.xyz/async/?&user=Wason07&html=mobile

43 KB
9 KB

572ms
571ms

Script
text/html

104.21.94.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2bpr.xyz/async/?&user=Wason07&html=mobile
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.94.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: baeba35deb1cfa6af0b200fe84ad34483c4af76b73b7523d66ddc52a0f16058e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRT2BhEnjZHQ7%2FRidVa593sPZVGQSHDceSvwwwFaF20DEM0T3c88FOB4LWNgqkVi8%2FMJ4891rneCXfIYXwHTeZ%2BwzJrnH6rxuHWruSWpUhLQeLtiZNbViPnmzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 6a3e2d3c28664107-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 25 Oct 2021 20:25:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mn7pYoxB5Xr0HHGt97xyE7nCdNtGWnMmBdnL9WafmDlHnoJ6BrKYWuxlo8B6YyDNBROYpSXGQDbdOjVcb%2BZ%2FGP7ToDP27n%2B%2BMGNlYRD9rIIifdgC8cVn%2BNKW%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://2bpr.xyz/async/?&user=Wason07&html=mobile
x-turbo-charged-by: LiteSpeed
cf-ray: 6a3e2d3a9d524107-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 77ms
37ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc6YpwmO7AdbMmgu0UZsHUUhTyoLrcZGgorClavB3mao9rP85nwnJkRygtYbyin%2FA0SU0bALTSHJTKintuuMp3gTE8ckvGnbgtVWG4hho%2BBC2HnHe8hI1hyh7j%2FD7Bjssz9S%2Bw8lHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: PRG50-C1
cf-ray: 6a3e2d3a9ef9410e-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: j6LTcRegwXuah8xrBZ0_HTRNbMiVZIh_G8Y0w7tGNs3RjDxZB4t6Aw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 63ms
24ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q9gBX2qEFKF68v4hb1ozSHHcE1RyOmHXETstEWhDD8X4KDPki7E%2F8uRRWNJk0fTQGWDiIeoQ%2FlKms8cXNBp4CcvhEsoK9GrLRKuQn7I6nVz8NBg8Z6CQr1tW%2Blh%2FWa2kIx6VaINcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: PRG50-C1
cf-ray: 6a3e2d3a9efd410e-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 4-W4rZk_jxhjNPbtUFenndYKnwKG4Wo7DbCoPWcRVtT5SrSi4khsow==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 61ms
22ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
via: 1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxnyJpIaKnjYPA%2B2bX5tzM3aDCHtxSEGWeDfUPrqdrEkO8zy3Xbb2i5kCt0%2BZN5xzxhfLFe7tmuhWTl8RatpYO8LR1h3BFEhgygIZ1GGYlTezL5ZOYcWr58IFAaidSx9UlfCTT6xTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: PRG50-C1
cf-ray: 6a3e2d3a9efb410e-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -0FtPi_4DJW78Nyopisa_49Pe97yRkEIYuLo6X9NkUDvINBPUuEyXA==

GET
H2 200 version.js Show response
video4646.grooveblog.com/js/ 129 B
289 B 249ms
249ms Script
application/x-javascript 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/js/version.js?v=1635193553000
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64faecb3252d8ceb331f6942b83f288c37210f5350a3a7a3b52f6c16e8471cc6

Request headers

:path: /js/version.js?v=1635193553000
pragma: no-cache
origin: https://video4646.grooveblog.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://video4646.grooveblog.com/?v=4
Origin: https://video4646.grooveblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 22 Oct 2021 20:40:14 GMT
server: cloudflare
etag: W/"617321ae-81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6a3e2d3b38b9f9e6-PRG
expires: Tue, 26 Oct 2021 00:25:53 GMT

GET
H2 200 style.css
video4646.grooveblog.com/css/ 11 KB
3 KB 23ms
23ms Stylesheet
text/css 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/css/style.css?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f65445eada0a4eb45baa9aaa572982ce7c907dd098e866daf6cf3b301fcf44

Request headers

:path: /css/style.css?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
age: 2
etag: W/"617321ad-2ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 6a3e2d3ccbb7f9e6-PRG
expires: Tue, 26 Oct 2021 00:25:53 GMT

GET
H2 200 blogpostlist.json Show response
video4646.grooveblog.com/json/ 7 KB
1 KB 132ms
131ms Fetch
text/plain 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/json/blogpostlist.json?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306efb0564be62f0de242451cd895db5e5f802c8fd833df56d0886feb2b0eb6f

Request headers

:path: /json/blogpostlist.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:12 GMT
server: cloudflare
etag: W/"617321ac-1ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a3e2d3ccbbaf9e6-PRG
expires: Mon, 25 Oct 2021 21:25:53 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
515 B 31ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito&display=swap

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/css/style.css?v=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

2483fa39123610a3b3a0111663a4211fdf03d173d9f4c670ba40eb726314844f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 19:56:37 GMT
server: ESF
date: Mon, 25 Oct 2021 20:25:53 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 20:25:53 GMT

GET
H2 200 setting.json Show response
video4646.grooveblog.com/json/ 995 B
650 B 234ms
233ms Fetch
text/plain 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/json/setting.json?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14389d1724377e912896152b911f8f8b0d3f94551708ce4b0cf56493feab0458

Request headers

:path: /json/setting.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
etag: W/"617321ad-3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a3e2d3d9dccf9e6-PRG
expires: Mon, 25 Oct 2021 21:25:53 GMT

GET
H2 200 navigations.json Show response
video4646.grooveblog.com/json/ 1 KB
358 B 130ms
130ms Fetch
text/plain 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/json/navigations.json?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97508ec17243b8ebc56b5fdadb8e26d603e46cf13cafa4ffde62d8a41a404da3

Request headers

:path: /json/navigations.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
etag: W/"617321ad-4bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a3e2d3f1871f9e6-PRG
expires: Mon, 25 Oct 2021 21:25:53 GMT

GET
H2 200 wCOStwT.png
i.imgur.com/ 9 KB
9 KB 28ms
10ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/wCOStwT.png

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
x-content-type-options: nosniff
age: 3412901
x-cache: HIT, HIT
content-length: 9180
x-served-by: cache-bwi5178-BWI, cache-hhn4075-HHN
last-modified: Mon, 08 Mar 2021 04:50:40 GMT
server: cat factory 1.0
x-timer: S1635193554.893173,VS0,VE1
etag: "168c57cb0a4861565d8db5b896f40218"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 /
whos.amung.us/pingjs/ 31 B
31 B 341ms
118ms Image
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=knockouts02&t=%F0%9F%94%A5knockouts02%F0%9F%94%A5&x=chrome%3A%2F%2Fversion
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.214 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:54 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 5NR43BsYs8o.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 1 KB
1 KB 25ms
9ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5NR43BsYs8o.png

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: wnYf59tRvaa0d5ftP1XvQBYccpvgE05lhliXTMNftjXa+nrbNHVsLnmD0VTAeoJLFkgna0GTB8AqC5jxfPp5LQ==
x-fb-trip-id: 917726464
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: zS7nNbuF+qoavNDFbgWDdA==
date: Mon, 25 Oct 2021 20:25:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1307
x-fb-rlafr: 0
expires: Wed, 12 Oct 2022 05:25:46 GMT

GET
H2 200 lqbz1hqlAFx.png
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ 1 KB
2 KB 22ms
6ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lqbz1hqlAFx.png

Requested by

Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

0fd58536eb089f2060e86f14e60ef83f68169fbe34d95f8cdc2ad60abe4bb8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:53 GMT
x-content-type-options: nosniff
content-md5: 8kNJ+LeRDyhmr8oF+ZZjoQ==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1364
x-fb-rlafr: 0
x-fb-debug: FEG6oJrObukPvHMTTUC1C9LpRUS/yzNN28u76s6hn0wTOyAUAfNENDp3S87mCh/KZANQUkCuPBVVsV2cZUV96Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 15 Oct 2022 11:49:02 GMT

GET
H2 200 categories.json Show response
video4646.grooveblog.com/json/ 1 KB
415 B 242ms
241ms Fetch
text/plain 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/json/categories.json?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8cc57b6b87f018d8dc81877a66151ff1f540300ed589a976fb095c6399e7bec

Request headers

:path: /json/categories.json?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
etag: W/"617321ad-415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cache-control: max-age=3600
cf-ray: 6a3e2d3ff9f4f9e6-PRG
expires: Mon, 25 Oct 2021 21:25:54 GMT

GET
H2 200 header.html Show response
video4646.grooveblog.com/templates/ 2 KB
793 B 235ms
234ms Fetch
text/html 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/templates/header.html?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f47045dc97d9cff6626bc48248cdb9a778351a7c69d709dcf1004fbbd68b8e4f

Request headers

:path: /templates/header.html?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
cache-control: max-age=3600
cf-ray: 6a3e2d418c97f9e6-PRG
expires: Mon, 25 Oct 2021 21:25:54 GMT

GET
H2 200 footer.html Show response
video4646.grooveblog.com/templates/ 1 KB
576 B 140ms
140ms Fetch
text/html 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/templates/footer.html?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ad62307622987a14baad415c0ad1177a249376da5c1e3de69dbe35b6ddda3e

Request headers

:path: /templates/footer.html?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
cache-control: max-age=3600
cf-ray: 6a3e2d430f6cf9e6-PRG
expires: Mon, 25 Oct 2021 21:25:54 GMT

GET
H2 200 layout.html Show response
video4646.grooveblog.com/templates/ 187 B
212 B 285ms
285ms Fetch
text/html 104.18.14.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video4646.grooveblog.com/templates/layout.html?v=4
Requested by: Host: video4646.grooveblog.com
URL: https://video4646.grooveblog.com/?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9658b60811d5756d78f29b953dff0616d10276ad5d5d176e6f701e036c265d3e

Request headers

:path: /templates/layout.html?v=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: video4646.grooveblog.com
referer: https://video4646.grooveblog.com/?v=4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://video4646.grooveblog.com/?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 20:25:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Oct 2021 20:40:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
cache-control: max-age=3600
cf-ray: 6a3e2d43e8b1f9e6-PRG
expires: Mon, 25 Oct 2021 21:25:54 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bpr.xyz
cdnjs.cloudflare.com
cqo.be
fonts.googleapis.com
i.imgur.com
ka-f.fontawesome.com
kit.fontawesome.com
static.xx.fbcdn.net
unpkg.com
video4646.grooveblog.com
whos.amung.us
104.16.124.175
104.16.19.94
104.18.14.3
104.18.22.52
104.21.81.131
104.21.94.32
142.250.184.234
151.101.112.193
172.67.202.14
185.60.216.19
67.202.114.214
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784
0fd58536eb089f2060e86f14e60ef83f68169fbe34d95f8cdc2ad60abe4bb8c9
10f65445eada0a4eb45baa9aaa572982ce7c907dd098e866daf6cf3b301fcf44
14389d1724377e912896152b911f8f8b0d3f94551708ce4b0cf56493feab0458
2483fa39123610a3b3a0111663a4211fdf03d173d9f4c670ba40eb726314844f
25ad62307622987a14baad415c0ad1177a249376da5c1e3de69dbe35b6ddda3e
306efb0564be62f0de242451cd895db5e5f802c8fd833df56d0886feb2b0eb6f
452b32f99948d551d5c7b6c6a5e4ddb8935e6413d2755c4e2cfe09aba75ff68d
64faecb3252d8ceb331f6942b83f288c37210f5350a3a7a3b52f6c16e8471cc6
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404
9658b60811d5756d78f29b953dff0616d10276ad5d5d176e6f701e036c265d3e
97508ec17243b8ebc56b5fdadb8e26d603e46cf13cafa4ffde62d8a41a404da3
a8cc57b6b87f018d8dc81877a66151ff1f540300ed589a976fb095c6399e7bec
b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69
baeba35deb1cfa6af0b200fe84ad34483c4af76b73b7523d66ddc52a0f16058e
bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061
beb3786141808cd77d5b8c076a6ec78804558a92452d087a2f084ef69e5e4453
bef561f912604eb47ec5a3697da4c7f2811f58a7dd485742c56fa800e5a02406
c9bcb14eb9a8f58d76f9ce83393c299c1e3a06169e6990b9c8cd4e0ef70e53aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f47045dc97d9cff6626bc48248cdb9a778351a7c69d709dcf1004fbbd68b8e4f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

video4646.grooveblog.com Open in urlscan Pro 104.18.14.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

10 Domains

11 Subdomains

10 IPs

3 Countries

233 kBTransfer

2209 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

video4646.grooveblog.com Open in urlscan Pro
104.18.14.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

233 kB
Transfer

2209 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!