gules.edusure.site Open in urlscan Pro
2606:4700:3031::6815:40a8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gules.edusure.site/
Submission: On December 24 via api (December 24th 2024, 11:48:19 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3031::6815:40a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is gules.edusure.site.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.

This is the only time gules.edusure.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3031::6815:40a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8001::154	54113 (FASTLY) (FASTLY)
2	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4 17	88.85.69.211 88.85.69.211	35415 (WEBZILLA ...) (WEBZILLA Webzilla B.V.)
2	88.85.68.219 88.85.68.219	35415 (WEBZILLA ...) (WEBZILLA Webzilla B.V.)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	142.251.168.154 142.251.168.154	15169 (GOOGLE) (GOOGLE)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
10	45.133.44.1 45.133.44.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
4	45.133.44.2 45.133.44.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	2a00:1178:1:4... 2a00:1178:1:4b::19	35415 (WEBZILLA ...) (WEBZILLA Webzilla B.V.)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
77	17

27 2606:4700:3031::6815:40a8 (United States)

ASN13335 (CLOUDFLARENET, US)

gules.edusure.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 88.85.69.211 (Netherlands) 4 redirects

ASN35415 (WEBZILLA Webzilla B.V., NL)

glum-mortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.85.68.219 (Netherlands)

ASN35415 (WEBZILLA Webzilla B.V., NL)

handmadetip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.168.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.133.44.1 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

www.negative-speed.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.2 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

www.spicy-development.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::19 (Netherlands)

ASN35415 (WEBZILLA Webzilla B.V., NL)

glum-mortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	edusure.site gules.edusure.site	609 KB
19	glum-mortgage.com 4 redirects glum-mortgage.com — Cisco Umbrella Rank: 212569	236 KB
10	negative-speed.pro www.negative-speed.pro	30 KB
4	spicy-development.pro www.spicy-development.pro	264 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	88 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108
2	gstatic.com fonts.gstatic.com	37 KB
2	handmadetip.com handmadetip.com — Cisco Umbrella Rank: 241231	14 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	556 B
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4827	119 KB
0	Failed function sub() { [native code] }. Failed
77	15

	Domain	Requested by
27	gules.edusure.site	gules.edusure.site static.cloudflareinsights.com
19	glum-mortgage.com	4 redirects gules.edusure.site glum-mortgage.com
10	www.negative-speed.pro	handmadetip.com glum-mortgage.com
4	www.spicy-development.pro	gules.edusure.site
4	cdnjs.cloudflare.com	gules.edusure.site cdnjs.cloudflare.com
3	region1.analytics.google.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	handmadetip.com	gules.edusure.site handmadetip.com
2	fonts.googleapis.com	gules.edusure.site
2	static.cloudflareinsights.com	gules.edusure.site
2	www.googletagmanager.com	gules.edusure.site
1	www.google.de	gules.edusure.site
1	stats.g.doubleclick.net	www.googletagmanager.com
1	raw.githubusercontent.com	gules.edusure.site
0	search Failed	gules.edusure.site
77	15

This site contains no links.

Subject Issuer	Validity	Valid
edusure.site WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
glum-mortgage.com E6	`2024-11-17` - `2025-02-15`	3 months	crt.sh
handmadetip.com E5	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
www.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
www.negative-speed.pro R10	`2024-12-20` - `2025-03-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://gules.edusure.site/
Frame ID: 646DCD0184BC336721813A77A09FB131
Requests: 35 HTTP requests in this frame

Frame: eq://search
Frame ID: 98148377EADC69D022374E7DED3F43C0
Requests: 40 HTTP requests in this frame

Frame: https://glum-mortgage.com/anW-ZpyqP.2rQs9_MuTvcwzxN-TzAA0BMCD_gE5FNGTHY-xJMKDLIMy_MOjPgQ1RN-CTZUpVcW2_1Y1ZbaHbR-pddeGfFgn_PiTjEk5lZ-jnEo1pZqW_JsktMu2vQ-5xYy2zFAm_NC2DIE1FM-DHhIjJNKW_VMmNZOTPI-5RYSTTgU0_MWTXgY1ZJ-mb1c1dbeH_RgphdiGjF-nlYmmnFou_bqmrVsytP-XvRwyxdyW_UAmBcCnDJ-pFZGDH0Ix_OKWLYMxNN-WPVQiRZSD_NUkVOWWXN-hZZajbdci_NeTfAg4hY-zjVkllZmm_UoypOqWrE-4tNuDvEw4_NySzZA6Bb-2D5ElFaGW_QI9JNKTLM-3NNOjPQQ3_NSAT?iframeId=ussscy
Frame ID: 2E83CFCA51CC5607E97DD5CDD7BE356E
Requests: 1 HTTP requests in this frame

Frame: https://glum-mortgage.com/anW-ZpyqP.2rQs9_MuTvcwzxN-TzAA0BMCD_gE5FNGTHY-xJMKDLIMy_MOjPgQ1RN-CTZUpVcW2_1Y1ZbaHbR-pddeGfFgn_PiTjEk5lZ-jnEo1pZqW_JsktMu2vQ-5xYy2zFAm_NC2DIE1FM-DHhIjJNKW_VMmNZOTPI-5RYSTTgU0_MWTXgY1ZJ-mb1c1dbeH_RgphdiGjF-nlYmmnFou_bqmrVsytP-XvRwyxdyW_UAmBcCnDJ-pFZGDH0Ix_OKWLYMxNN-WPVQiRZSD_NUkVOWWXN-hZZajbdci_NeTfAg4hY-zjVkllZmm_UoypOqWrE-4tNuDvEw4_NySzZA6Bb-2D5ElFaGW_QI9JNKTLM-3NNOjPQQ3_NSAT?iframeId=ktmpxg
Frame ID: 3787D139E74B83BF0932AD1D91E09F9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

77
Requests

94 %
HTTPS

44 %
IPv6

15
Domains

15
Subdomains

17
IPs

4
Countries

1514 kB
Transfer

6926 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://glum-mortgage.com/c.H_VuzvawGxl-tzZAzB9Ch_ZEEFlGkHP-TJUKzLNMj_EOxPOQSRZ-mTcUHVYW9_MYCZZambc-ndYe9fMgC_ZipjbkWlc-9naoHpRq0_csHtMulvM-0xEylzMAk_YClDMEkFZ-3HdI3JcKu_cM3NBOpPY-3RkStTZUG_VW2XZYWZx-vbccGd1el_bgnhQiujc-HlJmvnJoT_JqGrNsztE-5vNwDxAyl_MAkBYCyDO-DFQGyHOIT_cKlLMMkNY-1PMQzRUS5_NUjVVWfXM-jZMa1bOcG_UeufcgGh5-njJknlBmh_eoTp0qwrJ-ntBuhvewW_9y1zdAFBB-lDcEkFNGs_aIWJNKrLP-TNAOmPcQm_VS2TPUTVA-mXcY2Zlak_Mczd0emfc-3hMi9jMky_ZmzndoDp0-xrJsntpuv_bwmxVyJzZ-DB0C1DMEz_QG1HNIjJE-3L HTTP 302
https://www.spicy-development.pro/71940/284297/535965_2358e.png

Request Chain 31

https://glum-mortgage.com/cAHBV.zCa_GElFtGZHz-9JhKZLEMl_kOPPTQURz-NTjUEVyWM_CYZZmacbH-Yd9eMfCgZ_micjnkYl9-MnCoZppqb_Wsct9uavH-Rx0yczHAM_lCMD0EEFl-MHkIYJlKM_kMZN3OdP3-cRuScT3UB_pWYX3YkZt-ZbGcVd2eZ_WgxhvicjG-1llmbnnoQ_uqcrHsJtv-JvTwJxGyN_zAEB5CNDD-AFlGMHkIY_yKOLDMQNy-OPTQcRlSM_kUYV1WMXz-UZ5aNbjcZ_feNfGgUhy-MjzkMlumc_Go5pnqJrn-BthuevTw0_wyJznABBh-eDWE9F1Gd_FIBJlKcLk-NNsOaPWQN_rSPTTUAVm-cXmYVZ2aP_TcAdmecf2-lhkiMjzk0_mmcn3oMp9-MrysZtzud_Dw0xxyJzn-pBvCbDmEV_JGZHDI0J1-MLzMQN1ON_jQER3S HTTP 302
https://www.spicy-development.pro/71940/284297/535966_4e233.png

Request Chain 56

https://glum-mortgage.com/cUHVV.zWa_GYlZtaZbz-9dheZfEgl_kiPjTkUlz-NnjoEpxqO_CsZtmucvH-Yx9yMzCAZ_mCcDnEYF9-MHCIZJpKb_WMcN9OaPH-RR0ScTHUM_lWMX0YEZl-MbkcYdleM_kgZh3idj3-clumcn3oB_pqYr3sktt-ZvGwVx2yZ_WAxBvCcDG-1FlGbHnIQ_uKcLHMJNv-JPTQJRGSN_zUEV5WNXD-AZlaMbkcY_yeOfDgQhy-OjTkcllmM_koYp1qMrz-Ut5uNvjwR_fyMzGAIBw-ZDTEgFuGc_GI5JnKJLn-BNhOePTQ0_wSJTnUBVh-eXWY9Z1ad_FcBdlecfk-NhsiajWkN_rmPnToApm-crmsVt2uP_TwAxmycz2-lBkCMDzE0_mGcH3IMJ9-MLyMZNzOd_DQ0RxSJTn-pVvWbXmYV_JaZbDc0d1-MfzgQh1iN_jkEl3m HTTP 302
https://www.spicy-development.pro/71940/284297/535964_0b0e8.png

Request Chain 75

https://glum-mortgage.com/cbH-Vdzea.Gflgt_Zizj9khlZ-EnlokpPqT_UsztNujvE-yxMyCzZAm_cCHDYE9FM-CHZImJcKn_YM9NMOCPZ-pRbSWTcU9_aWHXRY0Zc-HbMcldMe0_EglhMikjY-llMmknZo3_dq3rcsutc-3vBwpxYy3_kAtBZCGDV-2FZGWHxIv_cKGL1MlNb-nPQQuRcSH_JUvVJWTXJ-GZNazbEc5_NeDfAglhM-kjYkylOmD_QoypOqTrc-ltMukvYw1_MyzzUA5BN-jDZEfFNGG_UIyJMKzLM-uNcOGP5Qn_JSnTBUhVe-TX0YwZJan_BchdeeWf9-1hdiFjBkl_cmknNospa-WrNsrtPuT_AwmxcymzV-2BPCTDAEm_cG2HlIkJM-zL0MmNcO3_MQ9RMSyTZ-zVdWDX0Yx_Janbpcvdb-mfVgJhZiD_0k1lMmznQ-1pNqjrEs3_ HTTP 302
https://www.spicy-development.pro/71940/284297/535966_4e233.png

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gules.edusure.site/ 7 KB
3 KB 313ms
276ms Document
text/html 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a06f13297b444bd45fa42cc0e3c5d3b80170ab46b663cb27d30729327cfa6712

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f705c581ebadc68-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 24 Dec 2024 11:48:09 GMT
last-modified: Mon, 09 Dec 2024 02:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hD1k7nrC%2B4r1aR4JyoI%2Bop2PKopd2bgsdtDRAJEJBvErdErv%2BSf0%2BrWimvkqMbD4z0Rf8JDSM4l7X%2BG2FlNsiP%2BGQnQxcCVrcBZsBRoRzPOWvlwIwN6NtQHjCZ%2BlmOfsyY3eOPv%2BNGsaxEDaH5rIYR8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=5971&min_rtt=5886&rtt_var=1034&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2386&delivery_rate=647804&cwnd=253&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=281&x=0"
vary: accept-encoding
x-powered-by: Express

GET
H2 200 base.css
gules.edusure.site/assets/css/ 5 KB
2 KB 288ms
286ms Stylesheet
text/css 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/css/base.css
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d73ed8fd245c50bc3dd6b1c76d21cb382dcaf0ecff296b0b7893477219468f18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"15f3-1915d1c3db7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpfsyXExkfSe%2FHclU6zg2dh7OrTyGGJGLSpSbsCqazBJ%2BGpEBKFGAbjv%2FyNDTqw%2FDjABvegfxGVHqK9TWYtBApkvcOS0VyQ7ONPnnjT5ixAN7pWhSlHfW%2FlIzHdGvDbx92YEPF12gvEjp0nFnKVC6Kw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9cfdc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7971&min_rtt=5880&rtt_var=3544&sent=29&recv=22&lost=0&retrans=0&sent_bytes=10736&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=574&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H2 404 home.css
gules.edusure.site/assets/css/ 0
0 263ms
261ms Stylesheet
text/html 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/css/home.css
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmErU9r9%2BNXxNgGGBltpPRQ3rCBAOGpCcGsyT7P1q%2Fc5wMVLZVHPSlyzfzeD4JiekmMEyH4oba6tPHbtGa78nXxZWoYuyUwX%2BPMgLJGzAIkDH2Q5urTxNI2S35v13gUm11YEnH2QFnobpN%2FQUX4%2F0Jo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d1dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6977&min_rtt=5880&rtt_var=2221&sent=24&recv=20&lost=0&retrans=0&sent_bytes=8717&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=550&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 03:54:47 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 31ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "613fa20b-28de"
age: 403758
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUUu6TtQsUfoA1Q96Y4UkbYHPFq5UmAbYE%2FlOu6uK%2BqsnF1nJD1tuktAizbo518HbVzhwc0LInPAuF5%2FnaIkDnK8JPrdsfCMOTHH5vUE9aTqfEKkg%2BBg%2FR3laOaKTydDpuhot0DeolXVBgTXmwu2WniS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 11:48:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 11:48:09 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f705c59fda0927d-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10462
server: cloudflare

GET
H2 200 uv.bundle.js Show response
gules.edusure.site/uv/ 2 MB
307 KB 469ms
468ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/uv/uv.bundle.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f697c73eccc7451d5300f7acdd491a2c27f05710714b05a5c9fb1fc4295af556

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"1b9b23-1915d1c3dd3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YL5PToD5UQkF0bt7XbI74zvwKs3EQ1AFyxfpf8hLPBvqssO8QV2ggMdlf0MOh7FbF9VN8xEUgOSMPlyc3f%2BUmBB27NG3d99q8ZHKbUMgGnYiO%2FnvyQNR%2Fub32yq51OUyA0BPecXEcLbv72jvHgmuO%2Fc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d2dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7318&min_rtt=5880&rtt_var=2471&sent=36&recv=25&lost=0&retrans=0&sent_bytes=13432&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=757&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H2 200 uv.config.js Show response
gules.edusure.site/uv/ 287 B
618 B 289ms
287ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/uv/uv.config.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75ac53f861e8878576e6f06f8c2f88d8975bd1d5ab1dfd76f9ca9a5291f02795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"11f-1915d1c3dd3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F18T85ML2x1C5Eb5EVFArOguZfU3b8ZO8727EOESb%2Fsi%2BGWnicX4IsbLUO%2BQJW2hAqsoGfylazSyZyD7kumL7uiPT0lkpHjXCrm0nmoFBK9d23JTK4J7sCK3%2BiOX9%2B7avjoXVDDkC0joQ8bLxYQLYOM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d5dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7971&min_rtt=5880&rtt_var=3544&sent=33&recv=22&lost=0&retrans=0&sent_bytes=12748&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=576&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H3 200 index.js Show response
gules.edusure.site/assets/js/ 4 KB
2 KB 249ms
249ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/js/index.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9c80a391c82c1ccefc40b2c2a3f1c39cc43aa59aa34351e1f571229d690e3caf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"110f-1915d1c3dc7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgeHqe8eisQplWMZkVjfN2PAAtIINPwxSy%2FRnvpmHzKNNOqjaVHdOZSUZ6I8UifQ56HJ3Z4OQbEj59jmFepHBrG%2B%2FfGRMy%2FDW%2Fwt4rZvXnWWQEzTR0vrsbVfCY6wMd4NZOtm3ZxVc2edoJZxXxgdxIk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6489&min_rtt=6293&rtt_var=1080&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4249&recv_bytes=4315&delivery_rate=888&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=616&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=3,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c5c3f509f31-FRA
x-powered-by: Express
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 327 KB
108 KB 50ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PC9KFJ31NH

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6902cb8fb8731fe07af2d94d0c640b4b07281634a62f57353f11b2620d1104d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 11:48:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110276
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 qr.png
raw.githubusercontent.com/wrndxyz/cdn/refs/heads/main/ 118 KB
119 KB 170ms
149ms Image
image/png 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/wrndxyz/cdn/refs/heads/main/qr.png

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7de7225eef2d2228f0e328e5195686134a330668675dfcd71c7d575d18df5cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

x-fastly-request-id: 07e8d05e8fe63ff0df459f55da5d99d3526a1170
etag: W/"e1092407320cd2f5efbbd80c62216200579d4a3b3a95f014bd039161be9a8c28"
x-content-type-options: nosniff
x-github-request-id: 1DF3:1CEA15:31099C0:332F8AB:676A9E44
expires: Tue, 24 Dec 2024 11:53:10 GMT
x-cache: HIT
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230152-FRA
x-cache-hits: 0
source-age: 0
x-frame-options: deny
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control: max-age=300
x-timer: S1735040890.923313,VS0,VE135
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 121003
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
gules.edusure.site/assets/js/ 895 B
1 KB 252ms
251ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/js/main.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8a656b91a928f5d9a453ac79c4454378617f5e6836f68d9fc522c4f5cc354bf9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"37f-1915d1c3dc7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2B9%2BNCLR7dU4kyhnNaZncOU1ZKwzUqGB8nPQDbdqiWzGiNi%2F%2BB5GQG4ZrYROb730W0sg3ASGVRne%2BqGdTkPwuv8lyj%2BLEewPurXTqWWAzZmGoroVRmAazS%2FHqzlb1jcUyJNIIdX2sAixW12rUvwlN7o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d6dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7129&min_rtt=5886&rtt_var=2554&sent=21&recv=19&lost=0&retrans=0&sent_bytes=7625&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=539&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H3 200 proxy.js Show response
gules.edusure.site/assets/js/ 2 KB
1 KB 249ms
249ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/js/proxy.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b27d20520d9ac6ee1dd190b57e45b482c0fb363750d3c97065ad920ee6aafdf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"675-1915d1c3dc7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MU7IVQz88FOOE%2BBVtrLA%2BIp5fkibUH1lM8DNVt8t8KybIIK4%2FHFRWAte6ljEmUkkYGq086opN1Ue5WHUAb0TE5%2F7umf2jKvnYDmokkvCwnkYNTsCI8xqC9mFs2hvxEvxHkFYLyCtTMlXVqTsOEL0MKA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6487&min_rtt=6293&rtt_var=659&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6524&recv_bytes=4674&delivery_rate=9114&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=940&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=3,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c5e39a79f31-FRA
x-powered-by: Express
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 336ms
19ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gules.edusure.site
Referer: https://gules.edusure.site/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8f705c61ca581e6a-FRA
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 83ms
62ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800&display=swap

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

679a5d988021e044b66b26fd8d49a425c4195887e005553961908eefb7418f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 11:48:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 24 Dec 2024 11:23:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 search.html Show response
gules.edusure.site/ Frame 9814 8 KB
3 KB 4528ms
4528ms Document
text/html 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/search.html
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fc473c8d5d10d66e0aca42b454382a63f675c909dd47514a4b7cce02d16b4073

Request headers

Referer: https://gules.edusure.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f705c7ae9589f31-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 24 Dec 2024 11:48:15 GMT
last-modified: Fri, 20 Dec 2024 03:20:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SPKd%2Fw0zOLqpgu%2Bn4gXrgohqiXb53k2mCATMu8PY%2FL6CEYpzJ1aeCoeYZXWrMbx0J2Yye2%2B26apMOdr85%2BizV%2B2PAdjOPdh7qVSKoL7NTRr4kcfK%2F1cTrLTQ%2FxD3S2NhUv%2B7N6FaBWsJC96X%2FBeERs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=6460&min_rtt=6271&rtt_var=548&sent=33&recv=16&lost=0&retrans=13&sent_bytes=17820&recv_bytes=6079&delivery_rate=2452&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5521&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding
x-powered-by: Express

GET
H2 200 jhEi4D Show response
glum-mortgage.com/aPWk5.whY/WndzlKQj2E9KkTZ/TT9T6cbN2Y5ElOSTW/Q_9aN-TiMn0jNwTSYkxeNfyT0h1IMxzdQo1iN/ 139 KB
47 KB 405ms
69ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/aPWk5.whY/WndzlKQj2E9KkTZ/TT9T6cbN2Y5ElOSTW/Q_9aN-TiMn0jNwTSYkxeNfyT0h1IMxzdQo1iN/jhEi4D

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

34da34d742c4b358efa08768519069414670b37b17baeb4e767a863e6cb0267b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 jaIrww Show response
handmadetip.com/c/D_9.6QbY2/5EllSFWxQ/9/N/TaMF0KNNTUYCxpO/SB0h1rM-z/Qm1/N/ 41 KB
14 KB 414ms
78ms Script
application/javascript 88.85.68.219
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://handmadetip.com/c/D_9.6QbY2/5EllSFWxQ/9/N/TaMF0KNNTUYCxpO/SB0h1rM-z/Qm1/N/jaIrww

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.68.219 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

533146937aaf5242a1549a91f1c89aa38d21d3e43b2fdbc3a00e3a77d762e417

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Tue, 24 Dec 2024 11:48:11 GMT
access-control-allow-headers: Content-Type

GET
H2 200 jrQv4zNsQo Show response
glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/ 179 KB
59 KB 432ms
97ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

bcd89366c219867ede663c26dce4d1e17338eceac63a773b99cb08b1971a45ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: nginx
last-modified: Tue, 24 Dec 2024 11:48:11 GMT
access-control-allow-headers: Content-Type

GET
H3 404 bg.svg
gules.edusure.site/assets/css/assets/img/bg/ 4 KB
4 KB 4536ms
4536ms Image
text/html 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/css/assets/img/bg/bg.svg
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dcd7b435281545f586f76ba591b5a0da3ee90296256843b80c8c18cefaf9fca8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/assets/css/base.css

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJK5zW4ZV0Bm4RUtvUDEi7GpYL9PlnN7cv6wng5jo8GGtf013W531cRLTjANgQczDdJYEku%2B0Xc4zinzIxmbbfn70XZCPn5PIC17LScqkFRzZYhX%2FWXjfQ5erhkKytB6i9ydx%2FpI6NtoK9NVXNifn8E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c7ae9659f31-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6460&min_rtt=6271&rtt_var=548&sent=40&recv=16&lost=0&retrans=13&sent_bytes=22246&recv_bytes=6079&delivery_rate=2452&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5527&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 03:54:47 GMT
priority: u=3,i

GET
H3 200 eq-main.jpg
gules.edusure.site/assets/img/ 127 KB
128 KB 4762ms
4761ms Image
image/jpeg 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/eq-main.jpg
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f9c4892db88acf16c97ee044e3f6b137574b5f928e695946a9056af23cd9ee5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cf-cache-status: MISS
etag: W/"1fd42-1915d1c3dbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjA%2FqVvnlaEECMSClh3DPZ42PJzrrNeEEJS7YX5s4LRyX5Rp5NdfzZK0m7pL%2BW9ZoASTmxwSToBq5oIBwlC3tAg78s%2B7xXtzAfFaF1K5b8URSJrWdntgTMAVzRHg3Y1Usl%2FI2aYDJoxfbtOxAwjT6Q8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6957&min_rtt=6271&rtt_var=676&sent=50&recv=31&lost=0&retrans=13&sent_bytes=26919&recv_bytes=10105&delivery_rate=99856&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5754&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7ae9669f31-FRA
accept-ranges: bytes
content-length: 130370
x-powered-by: Express
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 4025ms
16ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gules.edusure.site
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "613fa20b-131bc"
age: 23765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnD2NXIlWEC2HuHFfeZf78GvpiW9kFUja5ko95NFhdxChMtq6%2FF9LvWvDnahjSK16%2BBqRNAPnnY5qRiiFRu%2BXQqT7%2FPSwfUku7Z8HNjj%2Bp72oKKBiydIKluMAogD3IqwDEy2ZmVdfA%2B64TusnvAnBcB0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 11:48:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 11:48:14 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f705c793f75995a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78268
server: cloudflare

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 630ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gules.edusure.site
Referer: https://fonts.googleapis.com/

Response headers

age: 594398
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 337ms
15ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PC9KFJ31NH&gtm=45je4cc1v9177418240za200&_p=1735040890894&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&cid=24624917.1735040891&ecid=1887205201&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1735040890&sct=1&seg=0&dl=https%3A%2F%2Fgules.edusure.site%2F&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1346
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC9KFJ31NH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 353ms
16ms Ping
text/plain 142.251.168.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC9KFJ31NH&cid=24624917.1735040891&gtm=45je4cc1v9177418240za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC9KFJ31NH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.168.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wh-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 652ms
31ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PC9KFJ31NH&cid=24624917.1735040891&gtm=45je4cc1v9177418240za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&z=1897500928

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Dec 2024 11:48:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ 68 KB
30 KB 334ms
12ms XHR
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: handmadetip.com
URL: https://handmadetip.com/c/D_9.6QbY2/5EllSFWxQ/9/N/TaMF0KNNTUYCxpO/SB0h1rM-z/Qm1/N/jaIrww
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ 68 KB
0 334ms
334ms Script
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: handmadetip.com
URL: https://handmadetip.com/c/D_9.6QbY2/5EllSFWxQ/9/N/TaMF0KNNTUYCxpO/SB0h1rM-z/Qm1/N/jaIrww
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

POST
H2 200 Ys2.xtpuZvW-5x0yZzGAF_0CYDTE9Fy-cHmIlJkKP_TMEN5ONP2-NRjSNTDUQ_wWZXDYlZj-ZbjcIdyeY_jgJhiiNjz-El0mMnGoZ_mqNrTsZtk-YvzwQx2yO_GAIBwC
handmadetip.com/ 0
322 B 19ms
17ms Ping
text/plain 88.85.68.219
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://handmadetip.com/Ys2.xtpuZvW-5x0yZzGAF_0CYDTE9Fy-cHmIlJkKP_TMEN5ONP2-NRjSNTDUQ_wWZXDYlZj-ZbjcIdyeY_jgJhiiNjz-El0mMnGoZ_mqNrTsZtk-YvzwQx2yO_GAIBwC

Requested by

Host: handmadetip.com
URL: https://handmadetip.com/c/D_9.6QbY2/5EllSFWxQ/9/N/TaMF0KNNTUYCxpO/SB0h1rM-z/Qm1/N/jaIrww

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.68.219 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:11 GMT
server: nginx

POST
H2 200 Yc2dx-p.ZfWg5h0iZ_GkFl0mYnT-9pyqcrmsl_kuPvTwAx1-MzDAZBiCY_TEUF0GNHW-IJwKYL2MM_5ONP2QUR5-OTDUcVxWN_jYcZ0aYbm-ZdjeNfzgQ_2iNjDkhlk-
glum-mortgage.com/ 0
322 B 17ms
15ms Ping
text/plain 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/Yc2dx-p.ZfWg5h0iZ_GkFl0mYnT-9pyqcrmsl_kuPvTwAx1-MzDAZBiCY_TEUF0GNHW-IJwKYL2MM_5ONP2QUR5-OTDUcVxWN_jYcZ0aYbm-ZdjeNfzgQ_2iNjDkhlk-

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/aPWk5.whY/WndzlKQj2E9KkTZ/TT9T6cbN2Y5ElOSTW/Q_9aN-TiMn0jNwTSYkxeNfyT0h1IMxzdQo1iN/jhEi4D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:11 GMT
server: nginx

GET
H2

200

535965_2358e.png
www.spicy-development.pro/71940/284297/
Redirect Chain

https://glum-mortgage.com/c.H_VuzvawGxl-tzZAzB9Ch_ZEEFlGkHP-TJUKzLNMj_EOxPOQSRZ-mTcUHVYW9_MYCZZambc-ndYe9fMgC_ZipjbkWlc-9naoHpRq0_csHtMulvM-0xEylzMAk_YClDMEkFZ-3HdI3JcKu_cM3NBOpPY-3RkStTZUG_VW2XZYW...
https://www.spicy-development.pro/71940/284297/535965_2358e.png

90 KB
90 KB

334ms
13ms

Image
image/png

45.133.44.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.spicy-development.pro/71940/284297/535965_2358e.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Server: 45.133.44.2 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 3727480122bae88f4ed339234e27f886c68f6e056b14cb102a9f468c79ea42e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
etag: "0f33f5ff557b2a1d464111e515217bd0"
x-timestamp: 1696335342.02666
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
x-trans-id: tx0f37b1f492a8418aa2650-006683df50
content-length: 92049
date: Tue, 24 Dec 2024 11:48:11 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 03 Oct 2023 12:15:43 GMT
server: nginx
x-cdn-host-id: ah0543
x-openstack-request-id: tx0f37b1f492a8418aa2650-006683df50

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://www.spicy-development.pro/71940/284297/535965_2358e.png
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:11 GMT
server: nginx

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ 68 KB
0 318ms
318ms XHR
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ 68 KB
0 320ms
320ms Script
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

POST
H2 200 Y.2_xkplZmWn5-0pZqGrFs0_YuTv9wyxc-mzlAkBPCT_kEzFMGWHI-xJZKWLQM3_NOmPYQ4RY-jTYUzVOWW_UY4ZYaWbY-1dMeTfVgk_NiGjNkllN-jnNojpMqj_Ms1t
glum-mortgage.com/ 0
322 B 17ms
16ms Ping
text/plain 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/Y.2_xkplZmWn5-0pZqGrFs0_YuTv9wyxc-mzlAkBPCT_kEzFMGWHI-xJZKWLQM3_NOmPYQ4RY-jTYUzVOWW_UY4ZYaWbY-1dMeTfVgk_NiGjNkllN-jnNojpMqj_Ms1t

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:11 GMT
server: nginx

GET
H2

200

535966_4e233.png
www.spicy-development.pro/71940/284297/
Redirect Chain

https://glum-mortgage.com/cAHBV.zCa_GElFtGZHz-9JhKZLEMl_kOPPTQURz-NTjUEVyWM_CYZZmacbH-Yd9eMfCgZ_micjnkYl9-MnCoZppqb_Wsct9uavH-Rx0yczHAM_lCMD0EEFl-MHkIYJlKM_kMZN3OdP3-cRuScT3UB_pWYX3YkZt-ZbGcVd2eZ_W...
https://www.spicy-development.pro/71940/284297/535966_4e233.png

86 KB
87 KB

7ms
6ms

Image
image/png

45.133.44.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.spicy-development.pro/71940/284297/535966_4e233.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/
Protocol: H2
Server: 45.133.44.2 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 33667b0c8dde1f5b32c54f9d8b0b70ad8cbdc01ee881fd06ca3f0d5e9da2155a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
etag: "b6f8c3fb70e85d237b66b3e480c3ab26"
x-timestamp: 1696335342.22819
expires: Thu, 26 Dec 2024 11:48:14 GMT
x-proxy-cache: HIT
x-trans-id: txa700d87a0b20404995563-006683dfdc
content-length: 88519
date: Tue, 24 Dec 2024 11:48:14 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 03 Oct 2023 12:15:43 GMT
server: nginx
x-cdn-host-id: ah0543
x-openstack-request-id: txa700d87a0b20404995563-006683dfdc

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://www.spicy-development.pro/71940/284297/535966_4e233.png
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:14 GMT
server: nginx

GET
H2 200 base.css
gules.edusure.site/assets/css/ Frame 9814 5 KB
0 2ms
2ms Stylesheet
text/css 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/css/base.css
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d73ed8fd245c50bc3dd6b1c76d21cb382dcaf0ecff296b0b7893477219468f18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"15f3-1915d1c3db7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpfsyXExkfSe%2FHclU6zg2dh7OrTyGGJGLSpSbsCqazBJ%2BGpEBKFGAbjv%2FyNDTqw%2FDjABvegfxGVHqK9TWYtBApkvcOS0VyQ7ONPnnjT5ixAN7pWhSlHfW%2FlIzHdGvDbx92YEPF12gvEjp0nFnKVC6Kw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9cfdc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7971&min_rtt=5880&rtt_var=3544&sent=29&recv=22&lost=0&retrans=0&sent_bytes=10736&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=574&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H3 200 search.css
gules.edusure.site/assets/css/ Frame 9814 2 KB
2 KB 138ms
136ms Stylesheet
text/css 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/css/search.css
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ce313d49280ddea6a4b252f69754fc33f7decd13f5b671ade96956e2b2110f57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"8ac-193e2156a3e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TfehsWGwHtNbSG7eEKBW23tqjU19ZsvzDVtEXOEKF%2BeK%2B1i%2Bk6g6Ibe%2ByRxAD%2FbjjOdo1kYQKyKsXu4WKEu86bUsx%2FL1lByfUdycfEAw2nDHtvLumsvDPQDZCF3SNIs9aYHocQpufrRAryyXy5cPzA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6987&min_rtt=6271&rtt_var=844&sent=45&recv=25&lost=0&retrans=13&sent_bytes=24549&recv_bytes=7977&delivery_rate=28004&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5667&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 03:21:14 GMT
priority: u=0,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7c7acc9f31-FRA
x-powered-by: Express
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ Frame 9814 58 KB
0 3ms
3ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/search.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "613fa20b-28de"
age: 403758
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUUu6TtQsUfoA1Q96Y4UkbYHPFq5UmAbYE%2FlOu6uK%2BqsnF1nJD1tuktAizbo518HbVzhwc0LInPAuF5%2FnaIkDnK8JPrdsfCMOTHH5vUE9aTqfEKkg%2BBg%2FR3laOaKTydDpuhot0DeolXVBgTXmwu2WniS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 11:48:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 11:48:09 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f705c59fda0927d-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10462
server: cloudflare

GET
H2 200 uv.bundle.js Show response
gules.edusure.site/uv/ Frame 9814 2 MB
0 4ms
4ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/uv/uv.bundle.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f697c73eccc7451d5300f7acdd491a2c27f05710714b05a5c9fb1fc4295af556

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"1b9b23-1915d1c3dd3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YL5PToD5UQkF0bt7XbI74zvwKs3EQ1AFyxfpf8hLPBvqssO8QV2ggMdlf0MOh7FbF9VN8xEUgOSMPlyc3f%2BUmBB27NG3d99q8ZHKbUMgGnYiO%2FnvyQNR%2Fub32yq51OUyA0BPecXEcLbv72jvHgmuO%2Fc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d2dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7318&min_rtt=5880&rtt_var=2471&sent=36&recv=25&lost=0&retrans=0&sent_bytes=13432&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=757&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H2 200 uv.config.js Show response
gules.edusure.site/uv/ Frame 9814 287 B
0 5ms
5ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/uv/uv.config.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75ac53f861e8878576e6f06f8c2f88d8975bd1d5ab1dfd76f9ca9a5291f02795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"11f-1915d1c3dd3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F18T85ML2x1C5Eb5EVFArOguZfU3b8ZO8727EOESb%2Fsi%2BGWnicX4IsbLUO%2BQJW2hAqsoGfylazSyZyD7kumL7uiPT0lkpHjXCrm0nmoFBK9d23JTK4J7sCK3%2BiOX9%2B7avjoXVDDkC0joQ8bLxYQLYOM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d5dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7971&min_rtt=5880&rtt_var=3544&sent=33&recv=22&lost=0&retrans=0&sent_bytes=12748&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=576&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9814 327 KB
0 2ms
2ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PC9KFJ31NH

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/search.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6902cb8fb8731fe07af2d94d0c640b4b07281634a62f57353f11b2620d1104d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 11:48:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110276
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 eqlogo.png
gules.edusure.site/assets/img/ Frame 9814 36 KB
37 KB 366ms
364ms Image
image/png 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/eqlogo.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 35735aaa6b46061d677a4f943d51a324502521156a051cbbf1fe7fce764dd008

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cf-cache-status: MISS
etag: W/"914b-1915d1c3dbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yv6t4U6opS01SFEexc8DlCw7OYlhc1M%2Fc1w5%2FO13eL%2BcvNPKLR8PB%2Be5ggVewoe564m3blnSp%2BgWj5bKP1Rwwy1o3py1ltQKrMVAdhJBhHvUi70SB4PUyXiFVokaf1whKWfMMuPTxRA2WyNutZiUm%2Fk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6958&min_rtt=6135&rtt_var=449&sent=165&recv=67&lost=0&retrans=13&sent_bytes=161718&recv_bytes=12021&delivery_rate=4271507&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5896&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7c7ace9f31-FRA
accept-ranges: bytes
content-length: 37195
x-powered-by: Express
server: cloudflare

GET
H3 200 wrnd-ico.png
gules.edusure.site/assets/img/ Frame 9814 52 KB
53 KB 480ms
479ms Image
image/png 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/wrnd-ico.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5654b21d2c0f7151615c715288ac3749ab5060f5a144522865e0c6d13e54e6fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cf-cache-status: MISS
etag: W/"d078-1915d1c3dc3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wa7NVgsZPTGWR5HUD6%2F1IRrrksZ9TskmqozypyBXcy2U9M0qvqXIyPtWwmYgX5SsPH3QsnD7a671PUW5pJfOTPtSj5qJydYMGVGiKR9ezT5STtGg4rhVCIJjWuVJD3Zh3cuNx4K9suqz2uWDgD2o8gI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6774&min_rtt=6135&rtt_var=449&sent=220&recv=74&lost=0&retrans=13&sent_bytes=225506&recv_bytes=12336&delivery_rate=1590427&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=6011&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7c7ad09f31-FRA
accept-ranges: bytes
content-length: 53368
x-powered-by: Express
server: cloudflare

GET
H3 200 pearhack-ico.png
gules.edusure.site/assets/img/ Frame 9814 11 KB
11 KB 262ms
262ms Image
image/png 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/pearhack-ico.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7472ae40745adf66d99a32ee7602c7d5e75230465f3d87bdf6eb57edea0799e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cf-cache-status: MISS
etag: W/"2a5e-193e2021a08"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Wpl5AFj1arfL8xN4%2F%2BnRRNPg%2FlYEL5G%2Bbp5h5MjY18YWd6BqzF18tLgkU60KQ6lUoe9gP5UPoPpEplwB6gGDugrMCWsDeTFEXa6XzfdnZOToBf%2B1j211AnJSCAjSTUmBK%2F2V11%2Fyfrtjasq7SDBvZ0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6891&min_rtt=6135&rtt_var=435&sent=210&recv=72&lost=0&retrans=13&sent_bytes=213701&recv_bytes=12245&delivery_rate=1804180&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5937&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 03:00:08 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7d6ba09f31-FRA
accept-ranges: bytes
content-length: 10846
x-powered-by: Express
server: cloudflare

GET
H3 200 netflix-ico.png
gules.edusure.site/assets/img/ Frame 9814 20 KB
21 KB 372ms
371ms Image
image/png 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/netflix-ico.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a8681ab82fb64d47e5b69b57fd57ddc277b2e7f926dccee567593c5f27fee510

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cf-cache-status: MISS
etag: W/"509b-1915d1c3dc3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26m69LAnS0PgtBK5pq3LLdPrzdpmVWmIfjAGEirgEowzoJ0Y0t8E%2F%2F0QtElvwJSMPFKiXaAmFda7UZfPh%2FMh3Tb4%2BhYcbOzl%2BHdQ6LZZgdwTf9FcCGbxQj%2B32AWE0MoNUzK4%2FAXwOwm03Ph6ptj%2B5xg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6984&min_rtt=6135&rtt_var=502&sent=267&recv=79&lost=0&retrans=13&sent_bytes=280789&recv_bytes=12562&delivery_rate=8741962&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=6047&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7d6ba19f31-FRA
accept-ranges: bytes
content-length: 20635
x-powered-by: Express
server: cloudflare

GET
H3 200 twitch-ico.png
gules.edusure.site/assets/img/ Frame 9814 11 KB
11 KB 247ms
246ms Image
image/png 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/twitch-ico.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d7cd552fa47a6056c6e21dd7458e242ca6f273179e7f578ac33fc1a33e349cea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cf-cache-status: MISS
etag: W/"2a2f-1915d1c3dc3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FAE858hlRm4IG5Eqt93uCAG1FRuiwvRMRpH4tYeiwNWrIRIEyDqWJMevovbFIsZJUVn%2F%2Bmf1gcEhvGlVkzSxoXwmhjjZ3%2FPDb6T3jKA6hoF77sklugEPfvK8TV6aoVkYeo0pkZTdPnPl3SO5ilE608%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6945&min_rtt=6135&rtt_var=437&sent=198&recv=71&lost=0&retrans=13&sent_bytes=200467&recv_bytes=12200&delivery_rate=5851334&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5922&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=2,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7d6ba29f31-FRA
accept-ranges: bytes
content-length: 10799
x-powered-by: Express
server: cloudflare

GET
H2 200 main.js Show response
gules.edusure.site/assets/js/ Frame 9814 895 B
0 1ms
1ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/js/main.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8a656b91a928f5d9a453ac79c4454378617f5e6836f68d9fc522c4f5cc354bf9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"37f-1915d1c3dc7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2B9%2BNCLR7dU4kyhnNaZncOU1ZKwzUqGB8nPQDbdqiWzGiNi%2F%2BB5GQG4ZrYROb730W0sg3ASGVRne%2BqGdTkPwuv8lyj%2BLEewPurXTqWWAzZmGoroVRmAazS%2FHqzlb1jcUyJNIIdX2sAixW12rUvwlN7o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c59e9d6dc68-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7129&min_rtt=5886&rtt_var=2554&sent=21&recv=19&lost=0&retrans=0&sent_bytes=7625&recv_bytes=2784&delivery_rate=1471351&cwnd=257&unsent_bytes=0&cid=0dc2fa13f2dc0147&ts=539&x=0"
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT

GET
H3 200 search.js Show response
gules.edusure.site/assets/js/ Frame 9814 2 KB
1 KB 255ms
254ms Script
application/javascript 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/js/search.js
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 883d0500adf9d2eb2b4be79de271cc819de08875b57e219e7ca435a1c2f2f53c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"65d-1915d1c3dc7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMc9skQvawVrY%2Fy8aPSTxCBFMDaZEc%2F0Gwb9Y95b5jtCSwUZuHP28AJOfQxL8TC8aHDP%2Bz1d4XdZmO1zWKPaOLeDKl6sJXSQLN25RpF7g7XwEekjtHlmvOWnxLMmaLDlaa9274DTRmhxrfHvZmToJZ0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6891&min_rtt=6135&rtt_var=435&sent=208&recv=72&lost=0&retrans=13&sent_bytes=212221&recv_bytes=12245&delivery_rate=1804180&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5931&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=3,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7d6ba39f31-FRA
x-powered-by: Express
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 9814 19 KB
0 3ms
3ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gules.edusure.site
Referer: https://gules.edusure.site/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8f705c61ca581e6a-FRA
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ Frame 9814 15 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800&display=swap

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

679a5d988021e044b66b26fd8d49a425c4195887e005553961908eefb7418f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 11:48:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 24 Dec 2024 11:23:15 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 NLwL Show response
glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/ Frame 9814 55 KB
18 KB 99ms
92ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/search.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

39b65436dc6904bb1f57cd87cc52af70ced5e8422d2d7d849db76483d6a8e989

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: nginx
last-modified: Tue, 24 Dec 2024 11:48:15 GMT
access-control-allow-headers: Content-Type

GET
H3 404 bg.svg
gules.edusure.site/assets/css/assets/img/bg/ Frame 9814 4 KB
4 KB 5ms
5ms Image
text/html 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/css/assets/img/bg/bg.svg
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dcd7b435281545f586f76ba591b5a0da3ee90296256843b80c8c18cefaf9fca8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/assets/css/base.css

Response headers

server: cloudflare
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJK5zW4ZV0Bm4RUtvUDEi7GpYL9PlnN7cv6wng5jo8GGtf013W531cRLTjANgQczDdJYEku%2B0Xc4zinzIxmbbfn70XZCPn5PIC17LScqkFRzZYhX%2FWXjfQ5erhkKytB6i9ydx%2FpI6NtoK9NVXNifn8E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f705c7ae9659f31-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6460&min_rtt=6271&rtt_var=548&sent=40&recv=16&lost=0&retrans=13&sent_bytes=22246&recv_bytes=6079&delivery_rate=2452&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5527&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 03:54:47 GMT
priority: u=3,i

GET
H3 200 eq-main.jpg
gules.edusure.site/assets/img/ Frame 9814 127 KB
0 78ms
78ms Image
image/jpeg 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gules.edusure.site/assets/img/eq-main.jpg
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f9c4892db88acf16c97ee044e3f6b137574b5f928e695946a9056af23cd9ee5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cf-cache-status: MISS
etag: W/"1fd42-1915d1c3dbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjA%2FqVvnlaEECMSClh3DPZ42PJzrrNeEEJS7YX5s4LRyX5Rp5NdfzZK0m7pL%2BW9ZoASTmxwSToBq5oIBwlC3tAg78s%2B7xXtzAfFaF1K5b8URSJrWdntgTMAVzRHg3Y1Usl%2FI2aYDJoxfbtOxAwjT6Q8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6957&min_rtt=6271&rtt_var=676&sent=50&recv=31&lost=0&retrans=13&sent_bytes=26919&recv_bytes=10105&delivery_rate=99856&cwnd=12000&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=5754&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=3,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c7ae9669f31-FRA
accept-ranges: bytes
content-length: 130370
x-powered-by: Express
server: cloudflare

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ Frame 9814 37 KB
0 6ms
6ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gules.edusure.site
Referer: https://fonts.googleapis.com/

Response headers

age: 594398
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ Frame 9814 76 KB
0 8ms
8ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gules.edusure.site
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "613fa20b-131bc"
age: 23765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnD2NXIlWEC2HuHFfeZf78GvpiW9kFUja5ko95NFhdxChMtq6%2FF9LvWvDnahjSK16%2BBqRNAPnnY5qRiiFRu%2BXQqT7%2FPSwfUku7Z8HNjj%2Bp72oKKBiydIKluMAogD3IqwDEy2ZmVdfA%2B64TusnvAnBcB0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 11:48:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 11:48:14 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f705c793f75995a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78268
server: cloudflare

GET
H2 200 jhEi4D Show response
glum-mortgage.com/aPWk5.whY/WndzlKQj2E9KkTZ/TT9T6cbN2Y5ElOSTW/Q_9aN-TiMn0jNwTSYkxeNfyT0h1IMxzdQo1iN/ Frame 9814 139 KB
47 KB 71ms
68ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/aPWk5.whY/WndzlKQj2E9KkTZ/TT9T6cbN2Y5ElOSTW/Q_9aN-TiMn0jNwTSYkxeNfyT0h1IMxzdQo1iN/jhEi4D

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/search.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

1c29af15b1ecf2a14fcf5c8933ccb5e235d9f12def98a13fe31cbe53282cb9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 jrQv4zNsQo Show response
glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/ Frame 9814 179 KB
59 KB 105ms
103ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo

Requested by

Host: gules.edusure.site
URL: https://gules.edusure.site/search.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

84ca29b272ddef78a61904d8e1fba3a349fff835d0624787db9e705c06f6606b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/search.html

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: nginx
last-modified: Tue, 24 Dec 2024 11:48:15 GMT
access-control-allow-headers: Content-Type

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 9814 0
0 15ms
15ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PC9KFJ31NH&gtm=45je4cc1v9177418240za200&_p=1735040895580&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&cid=24624917.1735040891&ecid=1887205201&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&ec_mode=a&_s=1&sid=1735040890&sct=1&seg=1&dl=https%3A%2F%2Fgules.edusure.site%2Fsearch.html&dr=https%3A%2F%2Fgules.edusure.site%2F&dt=New%20Tab&en=page_view&_ee=1&tfd=4719
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC9KFJ31NH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 Y.2_xGpHZIWJ5-0LZMGNFO0_YQTR9SyTc-mVlWkXPYT_dajbYcmdI-3fNgWhMix_ZkGlEm0nM-TpNqkrMs2_Mu5vYwjxZ-izZAmBRCk_YEWFQGxHO-TJNKjLZMT_gOxP
glum-mortgage.com/ Frame 9814 0
322 B 28ms
27ms Ping
text/plain 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/Y.2_xGpHZIWJ5-0LZMGNFO0_YQTR9SyTc-mVlWkXPYT_dajbYcmdI-3fNgWhMix_ZkGlEm0nM-TpNqkrMs2_Mu5vYwjxZ-izZAmBRCk_YEWFQGxHO-TJNKjLZMT_gOxP

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/aPWk5.whY/WndzlKQj2E9KkTZ/TT9T6cbN2Y5ElOSTW/Q_9aN-TiMn0jNwTSYkxeNfyT0h1IMxzdQo1iN/jhEi4D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
server: nginx

GET
H2

200

535964_0b0e8.png
www.spicy-development.pro/71940/284297/ Frame 9814
Redirect Chain

https://glum-mortgage.com/cUHVV.zWa_GYlZtaZbz-9dheZfEgl_kiPjTkUlz-NnjoEpxqO_CsZtmucvH-Yx9yMzCAZ_mCcDnEYF9-MHCIZJpKb_WMcN9OaPH-RR0ScTHUM_lWMX0YEZl-MbkcYdleM_kgZh3idj3-clumcn3oB_pqYr3sktt-ZvGwVx2yZ_W...
https://www.spicy-development.pro/71940/284297/535964_0b0e8.png

86 KB
87 KB

6ms
6ms

Image
image/png

45.133.44.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.spicy-development.pro/71940/284297/535964_0b0e8.png
Requested by: Host: gules.edusure.site
URL: https://gules.edusure.site/search.html
Protocol: H2
Server: 45.133.44.2 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 812f346ba204c09c2bcfc54774e6eabde275329b49238b59846e2516edc69e9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
etag: "64db2d0b95248182d902dc6473f5af61"
x-timestamp: 1696335341.86801
expires: Thu, 26 Dec 2024 11:48:15 GMT
x-proxy-cache: HIT
x-trans-id: tx69fe9d170e234e538d9c9-006683deee
content-length: 88493
date: Tue, 24 Dec 2024 11:48:15 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 03 Oct 2023 12:15:42 GMT
server: nginx
x-cdn-host-id: ah0543
x-openstack-request-id: tx69fe9d170e234e538d9c9-006683deee

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://www.spicy-development.pro/71940/284297/535964_0b0e8.png
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
server: nginx

GET
H2 200 anW-ZpyqP.2rQs9_MuTvcwzxN-TzAA0BMCD_gE5FNGTHY-xJMKDLIMy_MOjPgQ1RN-CTZUpVcW2_1Y1ZbaHbR-pddeGfFgn_PiTjEk5lZ-jnEo1pZqW_JsktMu2vQ-5xYy2zFAm_NC2DIE1FM-DHhIjJNKW_VMmNZOTPI-5RYSTTgU0_MWTXgY1ZJ-mb1c1dbeH_R...
glum-mortgage.com/ Frame 2E83 0
0 128ms
103ms Document
text/html 2a00:1178:1:4b::19
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/anW-ZpyqP.2rQs9_MuTvcwzxN-TzAA0BMCD_gE5FNGTHY-xJMKDLIMy_MOjPgQ1RN-CTZUpVcW2_1Y1ZbaHbR-pddeGfFgn_PiTjEk5lZ-jnEo1pZqW_JsktMu2vQ-5xYy2zFAm_NC2DIE1FM-DHhIjJNKW_VMmNZOTPI-5RYSTTgU0_MWTXgY1ZJ-mb1c1dbeH_RgphdiGjF-nlYmmnFou_bqmrVsytP-XvRwyxdyW_UAmBcCnDJ-pFZGDH0Ix_OKWLYMxNN-WPVQiRZSD_NUkVOWWXN-hZZajbdci_NeTfAg4hY-zjVkllZmm_UoypOqWrE-4tNuDvEw4_NySzZA6Bb-2D5ElFaGW_QI9JNKTLM-3NNOjPQQ3_NSAT?iframeId=ussscy

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gules.edusure.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 24 Dec 2024 11:48:15 GMT
expires: Mon, 26 Jul 2011 05:00:00 GMT
last-modified: Tue, 24 Dec 2024 11:48:15 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ Frame 9814 68 KB
0 0ms
0ms XHR
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ Frame 9814 68 KB
0 1ms
1ms Script
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

POST
H2 200 YG2.xHpIZJW-5L0MZNGOF_0QYRTS9Ty-cVmWlXkYP_TaEb5cZdj-Ef1gZhWiJ_kkMl2mQn5-Yp2qFrmsN_2uIv1wMxD-hzjANBWCV_mEZFTGIH5-YJTKgL0MM_TOgP1Q
glum-mortgage.com/ Frame 9814 0
322 B 22ms
15ms Ping
text/plain 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/YG2.xHpIZJW-5L0MZNGOF_0QYRTS9Ty-cVmWlXkYP_TaEb5cZdj-Ef1gZhWiJ_kkMl2mQn5-Yp2qFrmsN_2uIv1wMxD-hzjANBWCV_mEZFTGIH5-YJTKgL0MM_TOgP1Q

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
server: nginx

GET
H2 200 anW-ZpyqP.2rQs9_MuTvcwzxN-TzAA0BMCD_gE5FNGTHY-xJMKDLIMy_MOjPgQ1RN-CTZUpVcW2_1Y1ZbaHbR-pddeGfFgn_PiTjEk5lZ-jnEo1pZqW_JsktMu2vQ-5xYy2zFAm_NC2DIE1FM-DHhIjJNKW_VMmNZOTPI-5RYSTTgU0_MWTXgY1ZJ-mb1c1dbeH_R...
glum-mortgage.com/ Frame 3787 0
0 124ms
101ms Document
text/html 2a00:1178:1:4b::19
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gules.edusure.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 24 Dec 2024 11:48:15 GMT
expires: Mon, 26 Jul 2011 05:00:00 GMT
last-modified: Tue, 24 Dec 2024 11:48:15 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ Frame 9814 68 KB
0 2ms
2ms XHR
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ Frame 9814 68 KB
0 3ms
3ms Script
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

POST
H2 200 YG2.xHpIZJW-5L0MZNGOF_0QYRTS9Ty-cVmWlXkYP_TaEb5cZdj-Ef1gZhWiJ_kkMl2mQn5-Yp2qFrmsN_2uIv1wMxD-hzjANBWCV_mEZFTGIH5-YJTKgL0MM_TOgP1Q
glum-mortgage.com/ Frame 9814 0
322 B 20ms
15ms Ping
text/plain 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/YG2.xHpIZJW-5L0MZNGOF_0QYRTS9Ty-cVmWlXkYP_TaEb5cZdj-Ef1gZhWiJ_kkMl2mQn5-Yp2qFrmsN_2uIv1wMxD-hzjANBWCV_mEZFTGIH5-YJTKgL0MM_TOgP1Q

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
server: nginx

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ Frame 9814 68 KB
0 0ms
0ms XHR
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

GET
H2 200 8c1b7c8b81a7.js Show response
www.negative-speed.pro/ecc874/ Frame 9814 68 KB
0 0ms
0ms Script
application/javascript 45.133.44.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negative-speed.pro/ecc874/8c1b7c8b81a7.js
Requested by: Host: glum-mortgage.com
URL: https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.1 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Thu, 26 Dec 2024 11:48:11 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 11:48:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx
x-cdn-host-id: ah0543
access-control-allow-headers: Content-Type

POST
H2 200 YG2Hx-p.ZJWK5L0MZ_GOFP0QYRT-9TyUcVmWl_kYPZWaYb4-ZdjeZfjgY_ziNjkkNlm-Un5oZpTqk_5sYtTuRvm-OxGyNzlAM_mCMDxEYFz-kH1IMJDKU_1MNNTOMPx-
glum-mortgage.com/ Frame 9814 0
322 B 17ms
16ms Ping
text/plain 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/YG2Hx-p.ZJWK5L0MZ_GOFP0QYRT-9TyUcVmWl_kYPZWaYb4-ZdjeZfjgY_ziNjkkNlm-Un5oZpTqk_5sYtTuRvm-OxGyNzlAM_mCMDxEYFz-kH1IMJDKU_1MNNTOMPx-

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bEXEVTs.dUGDl/0lYxW/cK/sesmm9wukZ/U/lEkHPPTZUrz-NizrYi0gOhDjQStzNuT-M/3WN/jrQv4zNsQo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
server: nginx

GET
H2 200 aSWT1-w.cVmWVXzYc_2albvcbdj-9fhgZhGil_kkPlTmUnz-NpTqcr0sM_iuZviwdxG-4z9AQB2Cd_KERFVGJHS-SJUKpLZMb_kOpP2QWRV-dTSUaVVWl_XYNZWatbN-UdCe4fugc_XiJjzkRl0-9nJoQp1q9_CsVtWudvI-JxmyQz9AM_TCcDzENFT-AH0IMJDKg... Show response
glum-mortgage.com/ Frame 9814 0
340 B 81ms
81ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/aSWT1-w.cVmWVXzYc_2albvcbdj-9fhgZhGil_kkPlTmUnz-NpTqcr0sM_iuZviwdxG-4z9AQB2Cd_KERFVGJHS-SJUKpLZMb_kOpP2QWRV-dTSUaVVWl_XYNZWatbN-UdCe4fugc_XiJjzkRl0-9nJoQp1q9_CsVtWudvI-JxmyQz9AM_TCcDzENFT-AH0IMJDKg_5MNNTOYPx-MRDSITyUM_jWgX1YNZC-ZbpcZdneJ_hgbhWiVjp-ZlDm1n1oc_3qNrzsYt3-kvmwaxXyN_tAdBWCxD0-aFXGRHhIZ_zK0LxMONW-YPxQNRWSV_iUZVDWNXk-OZWaNbhcZ_jedfigNhT-Aj4kYlzmV_loZpmqUry-OtWuEv4wN_DyEz4ANBS-ZDtEdFWGx_0IaJXKRLh-ZN2OJPhQb_mS5TlUcVj-1X0YcZnaV_lcJdneJfy-ahWiQj9kM_TmlnmoMpT-VrlsYtmuQ_zwZxDylzj-YBWCYD3EY_jGUHwIOJG-ML1MZNWOZ_lQMRjSlTh-OVDWQXxYO_DaUbmcedm-9fugZhWil_kkPlTmUnz-NpzqYr0sN_zuQv

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: application/javascript
server: nginx

GET
H2 200 aiW.1jwkclm-Vnzocp2ql_vsbtju9vh-ZxGylzkAP_TCUDzENFT-cH0IMJCKZ_iMdNGO4P9-QR2SdTKUR_VWJXSYSZU-pbZcbdkep_2gWhVidjS-alVmlnXoN_WqtrNsUtC-4vuwcxXyJ_zARB0C9DJ-OFFGBHTIQ_WKMLtMJNm-QP9QMRTSc_zUNVTWAX0-MZDag... Show response
glum-mortgage.com/ Frame 9814 0
340 B 82ms
82ms Script
application/javascript 88.85.69.211
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL

https://glum-mortgage.com/aiW.1jwkclm-Vnzocp2ql_vsbtju9vh-ZxGylzkAP_TCUDzENFT-cH0IMJCKZ_iMdNGO4P9-QR2SdTKUR_VWJXSYSZU-pbZcbdkep_2gWhVidjS-alVmlnXoN_WqtrNsUtC-4vuwcxXyJ_zARB0C9DJ-OFFGBHTIQ_WKMLtMJNm-QP9QMRTSc_zUNVTWAX0-MZDagb5cN_TeYfxgMhD-IjykMljmg_1oNpCqZrp-ZtnuJvhwb_WyVzpAZBD-1DrEdFGG1_wIeJGKcLm-aNXONPtQd_WSxT0UaVX-RXhYZZza0_xcOdWeYfx-NhWiVjikZ_DmNnkoOpW-NrhsZtjud_iwNxTyAz4-YBzCVDlEZ_mGUHyIOJW-EL4MNNDOE_4QNRSSZTt-dVWWxX0Ya_XaRbhcZd2-Jfhgbhmi5_lkcljm1n0-cpnqVrlsJ_nuJvywaxW-Qz9AMBTCl_mEMFTGVHl-YJmKQLzMZ_DOlPjQYRW-YT3UYVjWU_wYOZGaMb1-ZdWeZflgM_jiljhkOlD-QnxoOpDqU_msetmu9vu-ZxWylzkAP_TCUDzENFz-YH0INJzKQ_

Requested by

Host: glum-mortgage.com
URL: https://glum-mortgage.com/bUXzVDs.dpG/lO0vYCW_dvilY/W/5EuaZGXhIl/deNmo9nu/ZoUDlnkGPsTOUAzaNlzLYG0bNojlYptnNaTBMS3TNWjkQM2/NLwL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

88.85.69.211 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: application/javascript
server: nginx

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 14ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PC9KFJ31NH&gtm=45je4cc1v9177418240za200&_p=1735040890894&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&cid=24624917.1735040891&ecid=1887205201&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735040890&sct=1&seg=0&dl=https%3A%2F%2Fgules.edusure.site%2F&dt=Home&en=scroll&epn.percent_scrolled=90&_et=2&tfd=6355
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC9KFJ31NH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gules.edusure.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:48:15 GMT
content-type: text/plain
server: Golfe2

GET eq://search
eq://search Frame 9814 0
0

POST
H3 204 rum Show response
gules.edusure.site/cdn-cgi/ Frame 9814 0
143 B 13ms
13ms XHR
text/plain 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gules.edusure.site/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://gules.edusure.site/search.html

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f705c801e269f31-FRA
access-control-allow-origin: https://gules.edusure.site
date: Tue, 24 Dec 2024 11:48:16 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H3 204 rum Show response
gules.edusure.site/cdn-cgi/ 0
143 B 14ms
13ms XHR
text/plain 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gules.edusure.site/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://gules.edusure.site/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f705c801e299f31-FRA
access-control-allow-origin: https://gules.edusure.site
date: Tue, 24 Dec 2024 11:48:16 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 google-drive.png
gules.edusure.site/assets/img/cloak/ 16 KB
17 KB 361ms
360ms Other
image/png 2606:4700:3031::6815:40a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gules.edusure.site/assets/img/cloak/google-drive.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f427edc51db35111db4755bd46b69d001df1561ed5fe1e86189503acba2e80fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cf-cache-status: MISS
etag: W/"3f7e-1915d1c3dbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljWGha%2FdcdIwmrSctU6yOShPGzqQUTypNpi%2BBUvJFCiupXyo%2BmY9ZPxYUkPXzNIdS7j1RbHXI%2BYWAG1XMu8KZn7m2i4IkQ0qmTtnoD7POojwTxuPC1hE%2B3hcKqe%2FtygUMV%2FLvKovaEirm67vduTmXeU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6822&min_rtt=6135&rtt_var=358&sent=297&recv=90&lost=0&retrans=13&sent_bytes=310851&recv_bytes=17795&delivery_rate=886116&cwnd=68400&unsent_bytes=0&cid=c7ad1de3efdc8070&ts=6470&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:48:16 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 21:33:37 GMT
priority: u=1,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f705c801e2b9f31-FRA
accept-ranges: bytes
content-length: 16254
x-powered-by: Express
server: cloudflare

GET
H2

200

535966_4e233.png
www.spicy-development.pro/71940/284297/ Frame 9814
Redirect Chain

https://glum-mortgage.com/cbH-Vdzea.Gflgt_Zizj9khlZ-EnlokpPqT_UsztNujvE-yxMyCzZAm_cCHDYE9FM-CHZImJcKn_YM9NMOCPZ-pRbSWTcU9_aWHXRY0Zc-HbMcldMe0_EglhMikjY-llMmknZo3_dq3rcsutc-3vBwpxYy3_kAtBZCGDV-2FZGW...
https://www.spicy-development.pro/71940/284297/535966_4e233.png

86 KB
0

0ms
0ms

Image
image/png

45.133.44.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.spicy-development.pro/71940/284297/535966_4e233.png
Protocol: H2
Server: 45.133.44.2 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 33667b0c8dde1f5b32c54f9d8b0b70ad8cbdc01ee881fd06ca3f0d5e9da2155a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gules.edusure.site/

Response headers

cache-control: max-age=172800
etag: "b6f8c3fb70e85d237b66b3e480c3ab26"
x-timestamp: 1696335342.22819
expires: Thu, 26 Dec 2024 11:48:14 GMT
x-proxy-cache: HIT
x-trans-id: txa700d87a0b20404995563-006683dfdc
content-length: 88519
date: Tue, 24 Dec 2024 11:48:14 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 03 Oct 2023 12:15:43 GMT
server: nginx
x-cdn-host-id: ah0543
x-openstack-request-id: txa700d87a0b20404995563-006683dfdc

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://www.spicy-development.pro/71940/284297/535966_4e233.png
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
expires: Mon, 26 Jul 2011 05:00:00 GMT
content-length: 0
date: Tue, 24 Dec 2024 11:48:18 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: search
URL: eq://search

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.edusure.site/	1970-01-21 11:33:20	Name: _ga Value: GA1.1.24624917.1735040891
			.edusure.site/	1970-01-21 11:33:20	Name: _ga_PC9KFJ31NH Value: GS1.1.1735040890.1.1.1735040895.55.0.1887205201

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gules.edusure.site/assets/css/home.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gules.edusure.site/assets/css/assets/img/bg/bg.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gules.edusure.site/assets/css/assets/img/bg/bg.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://gules.edusure.site/ Message: Not allowed to launch 'eq://search' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
glum-mortgage.com
gules.edusure.site
handmadetip.com
raw.githubusercontent.com
region1.analytics.google.com
search
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.negative-speed.pro
www.spicy-development.pro
search
104.16.80.73
142.250.186.35
142.251.168.154
172.217.18.99
2001:4860:4802:32::36
216.239.32.36
2606:4700:3031::6815:40a8
2606:4700::6811:190e
2606:50c0:8001::154
2a00:1178:1:4b::19
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2008
45.133.44.1
45.133.44.2
88.85.68.219
88.85.69.211
0fe9fef84f5f2ae984093be8616da0cca626e262218842aad3deb39e3863ba3c
1c29af15b1ecf2a14fcf5c8933ccb5e235d9f12def98a13fe31cbe53282cb9ec
33667b0c8dde1f5b32c54f9d8b0b70ad8cbdc01ee881fd06ca3f0d5e9da2155a
34da34d742c4b358efa08768519069414670b37b17baeb4e767a863e6cb0267b
35735aaa6b46061d677a4f943d51a324502521156a051cbbf1fe7fce764dd008
3727480122bae88f4ed339234e27f886c68f6e056b14cb102a9f468c79ea42e9
39b65436dc6904bb1f57cd87cc52af70ced5e8422d2d7d849db76483d6a8e989
533146937aaf5242a1549a91f1c89aa38d21d3e43b2fdbc3a00e3a77d762e417
5654b21d2c0f7151615c715288ac3749ab5060f5a144522865e0c6d13e54e6fb
679a5d988021e044b66b26fd8d49a425c4195887e005553961908eefb7418f8e
6902cb8fb8731fe07af2d94d0c640b4b07281634a62f57353f11b2620d1104d6
6f9c4892db88acf16c97ee044e3f6b137574b5f928e695946a9056af23cd9ee5
7472ae40745adf66d99a32ee7602c7d5e75230465f3d87bdf6eb57edea0799e0
75ac53f861e8878576e6f06f8c2f88d8975bd1d5ab1dfd76f9ca9a5291f02795
812f346ba204c09c2bcfc54774e6eabde275329b49238b59846e2516edc69e9a
84ca29b272ddef78a61904d8e1fba3a349fff835d0624787db9e705c06f6606b
883d0500adf9d2eb2b4be79de271cc819de08875b57e219e7ca435a1c2f2f53c
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a656b91a928f5d9a453ac79c4454378617f5e6836f68d9fc522c4f5cc354bf9
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9c80a391c82c1ccefc40b2c2a3f1c39cc43aa59aa34351e1f571229d690e3caf
a06f13297b444bd45fa42cc0e3c5d3b80170ab46b663cb27d30729327cfa6712
a8681ab82fb64d47e5b69b57fd57ddc277b2e7f926dccee567593c5f27fee510
b27d20520d9ac6ee1dd190b57e45b482c0fb363750d3c97065ad920ee6aafdf3
bcd89366c219867ede663c26dce4d1e17338eceac63a773b99cb08b1971a45ad
ce313d49280ddea6a4b252f69754fc33f7decd13f5b671ade96956e2b2110f57
d73ed8fd245c50bc3dd6b1c76d21cb382dcaf0ecff296b0b7893477219468f18
d7cd552fa47a6056c6e21dd7458e242ca6f273179e7f578ac33fc1a33e349cea
dcd7b435281545f586f76ba591b5a0da3ee90296256843b80c8c18cefaf9fca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7de7225eef2d2228f0e328e5195686134a330668675dfcd71c7d575d18df5cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f427edc51db35111db4755bd46b69d001df1561ed5fe1e86189503acba2e80fe
f697c73eccc7451d5300f7acdd491a2c27f05710714b05a5c9fb1fc4295af556
fc473c8d5d10d66e0aca42b454382a63f675c909dd47514a4b7cce02d16b4073
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

gules.edusure.site Open in urlscan Pro 2606:4700:3031::6815:40a8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

94 %HTTPS

44 %IPv6

15 Domains

15 Subdomains

17 IPs

4 Countries

1514 kBTransfer

6926 kBSize

2 Cookies

0 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

gules.edusure.site Open in urlscan Pro
2606:4700:3031::6815:40a8 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

94 %
HTTPS

44 %
IPv6

15
Domains

15
Subdomains

17
IPs

4
Countries

1514 kB
Transfer

6926 kB
Size

2
Cookies

77 HTTP transactions
0 data transactions