ep.gordonblue6burgundy.xyz Open in urlscan Pro
2606:4700:3037::ac43:8ef1  Public Scan

Submitted URL: https://lerinywi.page.link/5RBiZreErKPtNYvZA
Effective URL: https://ep.gordonblue6burgundy.xyz/
Submission: On July 20 via manual from AU — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:8ef1, located in United States and belongs to CLOUDFLARENET, US. The main domain is ep.gordonblue6burgundy.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2022. Valid for: a year.
This is the only time ep.gordonblue6burgundy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 91.247.36.188 59729 (ITL-BG)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 8
Apex Domain
Subdomains
Transfer
17 gordonblue6burgundy.xyz
ep.gordonblue6burgundy.xyz
534 KB
2 gstatic.com
fonts.gstatic.com
69 KB
2 propartnersgroup.top
propartnersgroup.top
5 KB
2 payold.xyz
payold.xyz
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 695
29 KB
1 infodomains.net
infodomains.net
789 B
1
function sub() { [native code] }.
811 B
1 page.link
lerinywi.page.link
1 KB
0 e-pays.org Failed
e-pays.org Failed
27 10
Domain Requested by
17 ep.gordonblue6burgundy.xyz propartnersgroup.top
ep.gordonblue6burgundy.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 propartnersgroup.top payold.xyz
propartnersgroup.top
2 payold.xyz payold.xyz
1 fonts.googleapis.com ep.gordonblue6burgundy.xyz
1 code.jquery.com propartnersgroup.top
1 infodomains.net payold.xyz
1 xn--b1aaibn3ajml.xn--p1ai 1 redirects
1 lerinywi.page.link 1 redirects
0 e-pays.org Failed propartnersgroup.top
27 10

This site contains no links.

Subject Issuer Validity Valid
*.infodomains.net
E1
2022-05-27 -
2022-08-25
3 months crt.sh
*.propartnersgroup.top
E1
2022-07-18 -
2022-10-16
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-10 -
2023-07-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ep.gordonblue6burgundy.xyz/
Frame ID: 36A6867DE61424DFA91D24EA4F0692AD
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Главная

Page URL History Show full URLs

  1. https://lerinywi.page.link/5RBiZreErKPtNYvZA HTTP 302
    https://xn--b1aaibn3ajml.xn--p1ai/NQZZd8P7 HTTP 302
    http://payold.xyz/index.html Page URL
  2. https://propartnersgroup.top//a9ze/fold/ Page URL
  3. https://ep.gordonblue6burgundy.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

89 %
HTTPS

89 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

641 kB
Transfer

1668 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lerinywi.page.link/5RBiZreErKPtNYvZA HTTP 302
    https://xn--b1aaibn3ajml.xn--p1ai/NQZZd8P7 HTTP 302
    http://payold.xyz/index.html Page URL
  2. https://propartnersgroup.top//a9ze/fold/ Page URL
  3. https://ep.gordonblue6burgundy.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://lerinywi.page.link/5RBiZreErKPtNYvZA HTTP 302
  • https://xn--b1aaibn3ajml.xn--p1ai/NQZZd8P7 HTTP 302
  • http://payold.xyz/index.html

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.html
payold.xyz/
Redirect Chain
  • https://lerinywi.page.link/5RBiZreErKPtNYvZA
  • https://xn--b1aaibn3ajml.xn--p1ai/NQZZd8P7
  • http://payold.xyz/index.html
345 B
960 B
Document
General
Full URL
http://payold.xyz/index.html
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e763b7d3e1f7bd51136ed3071cfce6d8ed247490410b908a7a64b95e8a7795

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
72d8e2a05bf0d608-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 20 Jul 2022 04:17:06 GMT
Last-Modified
Mon, 18 Jul 2022 09:11:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyKGzDuidIma3BkY175vlLKOivKYoBHN5fXpTVtmHGJLZQhbng0HE%2FfmhhsMRRki2JOCvb7u0KE7sPMqohXBGmvUXUi4J2WSKxxoteN6ddRS2r2%2F7yyFR%2FWxYKm0K3uLzLIfqE7ae6c%2F"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 04:17:06 GMT
Expires
0
Last-Modified
Wed, 20 Jul 2022 04:17:06 GMT
Location
http://payold.xyz/index.html
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
tds.js
payold.xyz/
2 KB
2 KB
Script
General
Full URL
http://payold.xyz/tds.js
Requested by
Host: payold.xyz
URL: http://payold.xyz/index.html
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f086a142246da6c9f47477b1c1e50a1fd5221a5f1dff35d083af5d0dcb17a0c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://payold.xyz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 04:17:06 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 29 Jan 2022 12:47:01 GMT
Server
cloudflare
ETag
W/"792-5d6b7f2a32ca9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTjBoQ8TbHKpz1i9eOoad2BsO1TvszGKMxGtkginY78E2LRfu98ZSXaWHK4nUJSFEReniAWD%2FWbhytR08g76iBk1lSeMsF0KYAH7PMVCAQrB%2BBQDozrwmBEDdj49ublVN8R481w8ocND"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
72d8e2a0dc0dd608-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
request_tds.php
infodomains.net/
49 B
789 B
XHR
General
Full URL
https://infodomains.net/request_tds.php
Requested by
Host: payold.xyz
URL: http://payold.xyz/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://payold.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMZUI7i4sD9qImZOM4Nc62p7OdqAmGTtfQkFVXwB1EzRMsjwXDS41JkD4BQZJ89aM8VqkoocUeAWl9REUwtkK0Xc1RJ6%2FaBhlbWJv%2B4ssleOMe3dy30XUu0j1t6v4Kg47bI6dmY9ZKxYPQv%2BNEA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=15768000; includeSubdomains; preload
cf-ray
72d8e2a1bbcb0f66-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
propartnersgroup.top//a9ze/fold/
2 KB
1 KB
Document
General
Full URL
https://propartnersgroup.top//a9ze/fold/
Requested by
Host: payold.xyz
URL: http://payold.xyz/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:84ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d7be1886f5551b1d19834222d86c83b92358863bf51c58102fc8d5a7410dd51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
http://payold.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72d8e2a34f30bac9-MXP
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 04:17:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0W9mGu46HuARTTW40O8EAF7aRc025XcOcG378pX67zw0vZ64UIErjT5lfegJsuF169tLJlT22aOSjgf4SVVaL%2BV1%2BV%2F%2BZPj360PRpsAcH3cauZlgrW7j4auC6U5ZunLiC%2BKS8mG5KOiF%2FCdHTI6rzsqWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
ALLOWALL
jquery-2.1.3.min.js
code.jquery.com/
82 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.1.3.min.js
Requested by
Host: propartnersgroup.top
URL: https://propartnersgroup.top//a9ze/fold/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://propartnersgroup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14960"
vary
Accept-Encoding
x-hw
1658290627.dop041.fr8.t,1658290627.cds275.fr8.hn,1658290627.cds210.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29507
jquery.syotimer.js
propartnersgroup.top/js/
10 KB
4 KB
Script
General
Full URL
https://propartnersgroup.top/js/jquery.syotimer.js
Requested by
Host: propartnersgroup.top
URL: https://propartnersgroup.top//a9ze/fold/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:84ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://propartnersgroup.top//a9ze/fold/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2621
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ddg-cache-status
MISS
last-modified
Tue, 25 Jun 2019 09:48:00 GMT
server
cloudflare
etag
W/"5d11edd0-286f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWhLJi1%2BnN9GO7SQOXYP2RbXTjdo5mh6QbhpwRxrm4n2RaeKQHZLcDlmOVz5hmJMO4NczQCfY0grBl4mp%2FoQcCBDxDjTAmsv02v%2FPmM8xF7NnfVQlT7BZgpXpibhl0YoNpOfavfMoXGzCGJgMqL5SO4xww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
content-security-policy
upgrade-insecure-requests;
cf-ray
72d8e2a46813bac9-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
8143.jpg
e-pays.org/i/product/814/
0
0

Primary Request /
ep.gordonblue6burgundy.xyz/
1 KB
1 KB
Document
General
Full URL
https://ep.gordonblue6burgundy.xyz/
Requested by
Host: propartnersgroup.top
URL: https://propartnersgroup.top//a9ze/fold/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ab5c8b43827e78655c61f4f06cde45fbd80a2200152ba1a7c9b27dadc224fa

Request headers

Referer
https://propartnersgroup.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72d8e2a509cebadf-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 04:17:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpyC9QKoOMwITtJRBsq3wx1nOd8wv0Zx5ke8JdJyX%2B0Nzek%2B7loEjxAqhWPdsIa5IFnKWhg%2BRwFNI1Ak8kg%2BSBdcwrU3RTtjtm%2FS7E3cO4KrX79HcOqAQFQdNtfaAwq2MiOB4QEGNQP%2BNI8AlIv01a5sY8EVtgFsOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.53117119e44f7af8cea70955a9d42e11.css
ep.gordonblue6burgundy.xyz/static/css/
154 KB
23 KB
Stylesheet
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/css/app.53117119e44f7af8cea70955a9d42e11.css
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b30a3478c30f09ba7e571a3ba527f3c9a95ddb21a87c013214e46cc7b43f7d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
W/"62caef8a-26644"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=391kq5Vl8VGKILjVFo26aYnOYfSDhEP%2FHDOLbp7V1lOBjedy3OJhwXmUWSuDiSYHkRC%2FvAqV5iJso%2FtFRPZL7nuSlMZrPpnimQKGQYFfy4RSONQm9dzmSFwyeYSdvefW8alQUUikJFSzfKezz%2FHLwAUg1jr3A%2F42DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72d8e2a62ac1ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loading_spinner2.gif
ep.gordonblue6burgundy.xyz/static/img/
16 KB
17 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/loading_spinner2.gif
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:07 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-3fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSIFBsbgRem4syqcK8ZzPJVrvH7qAq8XlTyjJ5kT2KCL%2BVxQ39aMqAtMHMZGulcE%2Bf%2BdQfpKQ4ckqXaymBxlWFm6YY2p8NRFXDG1gOHs3%2BXyFiWwTUsesfA0nvBydWKcOQsjKSUF9soxQxdCDfeqFT2ks8%2BHH2VrkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72d8e2a62ac2ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16338
manifest.2ae2e69a05c33dfc65f8.js
ep.gordonblue6burgundy.xyz/static/js/
799 B
1 KB
Script
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
W/"62caef8a-31f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvVGQnLPueKVVwDwbRP9K5E9ayqrMsEUJnTj6NIbSLkZ2oT2lhUg6w1fLc6q6s88LZ5qnqCMuMWfYcxFsD8ZYpXFJyI3f6HzhoJlS%2BTyfAoCJMd1sJWbOExOBJUIIzxwL5%2BvHffy%2FVYLoptWccytvD16vFsZSJFuBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72d8e2a62ac3ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.a64cea12b36e58fc944a.js
ep.gordonblue6burgundy.xyz/static/js/
535 KB
163 KB
Script
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14651c6e395990c9e3a434f628f1efd36acc6bf527f821c0822f7f4cdd1196c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
W/"62caef8a-85ac4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4yVz3olYV4PA3NO4ZXBvneG97t8hN1d%2BMQZ1tsxIBk2Q%2BlsRSil91NPoef14f8OKelbZVOgPYeEOBmEqdxpgf4EhXFP2PRyTydU1C1%2BxZ6g2hYsGVcrCVvdeqNVXOT7I1UyPul06wH48S2gDyTR1Zlgy0TGou%2FzQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72d8e2a62abeba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.336a4a3f9af0e9d844d4.js
ep.gordonblue6burgundy.xyz/static/js/
557 KB
98 KB
Script
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/js/app.336a4a3f9af0e9d844d4.js
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78995452a9ec4773b1827cb20dfc34fada7abb5d5a0da648c1dda943c0dc3f03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
W/"62caef8a-8b4d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLUBqpRZDU0PjVSmPt%2Bz6rut4tHPQQ2u1s7QtkZvzaYR5rUGDIKY5XHn1EXBiQQlGsPBR6P47GC8Lx7Pw13u1IHUHiobFt9fID6VlKyVVKjNN%2Bcx3ndYAaJ0HxSf%2BPVgujt28SvcliI4zgjuk7FGnWYXaXIJBIJJvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72d8e2a62abfba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/static/css/app.53117119e44f7af8cea70955a9d42e11.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac9d119176b20423813037296dadaedbfc00fa4efa47bf473c1ea112c22eabcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 03:50:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 04:17:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 04:17:08 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ep.gordonblue6burgundy.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 23:10:25 GMT
x-content-type-options
nosniff
age
104803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 23:10:25 GMT
managerMessages.json
ep.gordonblue6burgundy.xyz/static/api/
2 KB
1 KB
XHR
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/api/managerMessages.json
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7789f84816fd8fb6685a068be6ad9927709ddd62cd4ecc74e8843c214b147676

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.gordonblue6burgundy.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
W/"7cf-5e3750d9745d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3akQnZksqVFicI%2BF%2FycX%2B8QYTOTYRr5i7tzxEybclkdzT48zUIUF7m97z8EGf7hU2C11T5fFHtcwBmTM9fThH3hZJKAaKFCwhXo8kUMbPwLUrbbywUM3Ih7%2BaEE15hwzZNhggnlqV3bb8Gq%2Fd%2FiGIddE9Is%2B%2FaEyRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
72d8e2ae19b4ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getDomain.php
ep.gordonblue6burgundy.xyz/static/php/
71 B
583 B
XHR
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/php/getDomain.php
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
8760290169c00414dbd5cc19fd03281146c7612b224ba736ca88d68994e2647b

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.gordonblue6burgundy.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLVahA2nPYWLLbntXZmew9w0%2Bk8JefnTSG3p3TxJ2OpqS%2BzOwTMX2ZohaR%2BaibUByEhCppyB5UL8bGBlt3ibIiUbkxKhlUwiYUA1iQOEql9WjCoKzh7Yny3MQn46HxdsheVLbguAG%2BvjjjE8EBPIninPdqoE9BD9JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
72d8e2ae19b5ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
geo.php
ep.gordonblue6burgundy.xyz/static/php/
2 KB
1 KB
XHR
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/php/geo.php
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
4a45a90cbfd0bfd628f575aa0aab6bc7b5bba4eb654241dd9c11a9410d3ba855

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.gordonblue6burgundy.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHSWkIz3MPvUyAjAAktRfQIL2Y2iGCanVEcoBZ%2FlXPBDVT4uof85kQ%2FNuiSZ5rA1MnMZdsMSQxcqdv39hKpK7d4gz6Zx5qJaV3zIiR97rhc1zKVFghVP2ie8TQ03j%2B8vYx8nWHdKx%2BEaJxvl3lhsRcJmILqLqNxErA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
72d8e2ae19b6ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getRate.php
ep.gordonblue6burgundy.xyz/static/php/
6 B
525 B
XHR
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/php/getRate.php
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
4278be30e79631bd20a3568a7778a0d2d5b9a078ca8880b02d45119cf72c3e86

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.gordonblue6burgundy.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc0%2B1VgrXaihsbliBnme%2F9QV4PoRn74PMeO%2FFNyeo3ppakWzMX1pdeiHooyr8TscyD1Sse%2F18Ybaav3yWuS2ACFRVYLQHXHrBXNYPl9Ag9jLl9YCrlKObOxtRCdwTB%2FwCu9PGrymVOwqWdVOfxlzDTkHkitEzKzWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
72d8e2b1ece6ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loading_spinner2.gif
ep.gordonblue6burgundy.xyz/static/img/
16 KB
17 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/loading_spinner2.gif
Requested by
Host: ep.gordonblue6burgundy.xyz
URL: https://ep.gordonblue6burgundy.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16338
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-3fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxzEldfypqIwuO2Sg7i0flPfEw%2BrjGJbPRh5hxl1NifdV1DujYfeWDIciVVfL%2B8s6mbcUOjTxFhSUYZYwgHRxMB1kM0Waf%2BGQDOfHqelCYieplgd0U5CYCZhO%2BeQMlZrZzuMA8BXxJGLPEmLxgfcStGmaCZGa%2FAwBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
72d8e2b1fcf7ba8b-MXP
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ep.gordonblue6burgundy.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 17:48:55 GMT
x-content-type-options
nosniff
age
124094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:48:55 GMT
1-checksmall.jpg
ep.gordonblue6burgundy.xyz/static/img/
17 KB
18 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/1-checksmall.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9216c81149df71901ee0c0fea4e6c059d595efeb6bd4b85ea913c62b2ac845c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-4435"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDO%2BlQilP4MBca3cLT3jBTDJ9huCdB%2BJQpn8cyLWQZA6j83hS2D4TOVgldMzcal0OHh9Gks%2BDqYeDJ662M7%2FQArOE86taQs1sbJtaRiZJ8yOlIuTyNuu%2B3D1r9D%2FMz7n2Cgqes1iI419t%2BfywW%2BYtqfpOWtre2BDHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72d8e2b23d25ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17461
visatrio.png
ep.gordonblue6burgundy.xyz/static/img/
4 KB
5 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/visatrio.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be0c6e47f9314156e902d8a2c39c5c770c867309cf5097f81665f8adc356e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-102f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVf5hh7RWyAuqjckRKJ1dlYwKHEYcFJaUJKQ4r2JarhkIc9YguzkHTl9PqNOwZ7dHRLmgKX1HM3GCVFKVawnkORDmp6jCySU1A%2BkuaybH%2FzAcM8UMBHjw6Py1nFS%2BJrQecPDbeMpD6vqR0ju3Ek88UallPaUIE3ZLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72d8e2b23d26ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4143
manager.png
ep.gordonblue6burgundy.xyz/static/img/
11 KB
12 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/manager.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05844bb050d4b435e2c3cce402649d18f1746d37928e9d49316fa64951cca988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-2c4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUOgR%2BVsE%2FtDZgGYxNn8AWvCL6bV5idN1wLd%2Bb3ZC3HauFtLMsREO3GgRKIygzU9aqLAv3fdWgzfmabz4Z6ebWWM6krdG0i9InSpgZB1VsWDuJRcbb%2BsRg0yDPNQ8W6gbG6BaKh4Ri1wRyzcZoQGdga4L0f9zuedFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72d8e2b23d27ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11342
chat.gif
ep.gordonblue6burgundy.xyz/static/img/
3 KB
3 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/chat.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985b513615c9ca45b6a11beedf94ab5ec9a590375d2840161cfa5671fe4de0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-a72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZzDZOghCRPLDuTOr0hl7g3lMtn9duch2FtbGNFjmelyJ%2BD7EgKUR7vbp6UtOj0SihnU%2F5969ui5ZhyEcSPlg3mQD%2BUE%2BZEb42CSeAAUOJT8%2B6ff7%2BKA4AmIKeTBif%2BwflWnKdNq1PtLsqnss7w1gFJPBVXeD7DLMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72d8e2b23d28ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2674
waiting.gif
ep.gordonblue6burgundy.xyz/static/img/
78 KB
79 KB
Image
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/img/waiting.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40dafa98be0318bc1a87d359e27915755a6fafdd925b90ee6ea4981e4f89099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.gordonblue6burgundy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-1386d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jl9jCKBIFgIhC27juwiXbgwpkDaC5i0XI0IL0LI%2B08ZaL2MVhxjMMSkSO%2Frgbhk%2BmnuTekF5EpBRgGQ5uJwhN8nEkig0ywZe7UGlW7Z%2BK7d1N0YRh0TYrOeHv4DcJ3k9hozZxafmu8GGFZUA0KgrzbPmWV5GjAaNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72d8e2b23d29ba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79981
blim.0a4a5ef.mp3
ep.gordonblue6burgundy.xyz/static/media/
94 KB
95 KB
Media
General
Full URL
https://ep.gordonblue6burgundy.xyz/static/media/blim.0a4a5ef.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85f193f95e312ce87ea00b0a3553edddbe403273c9fda54d2f4e101714a9b15

Request headers

Referer
https://ep.gordonblue6burgundy.xyz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 20 Jul 2022 04:17:09 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jul 2022 15:26:02 GMT
server
cloudflare
etag
"62caef8a-17828"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77JJi2XxEfAmVAJ1G4Ow1Ar0lgdAvEJ9HyZq1h%2FMYL3JVlNdsAjGmJ1c%2FsOF9qUOmiBE61zqOv2uoKj9jNJ59uql3SgqQ1cBWlIpVPOCIsJaFfrvHL4Ab%2Fa9NGBNmDfuTwLad8twFr%2BkYW%2F4qxf0LBOUAenK37k8Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-96295/96296
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72d8e2b23d2dba8b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
96296

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
e-pays.org
URL
https://e-pays.org/i/product/814/8143.jpg

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| webpackJsonp object| _0x5569 function| _0x5a6428 function| _0x174369 function| _0x22ff object| __core-js_shared__

4 Cookies

Domain/Path Name / Value
xn--b1aaibn3ajml.xn--p1ai/ Name: _subid
Value: 3fgb71g2icfv
xn--b1aaibn3ajml.xn--p1ai/ Name: e35a3
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM1NjRcIjoxNjU4MjkwNjI2fSxcImNhbXBhaWduc1wiOntcIjEwODRcIjoxNjU4MjkwNjI2fSxcInRpbWVcIjoxNjU4MjkwNjI2fSJ9.ADvGBU9ROic2EUbM8MhgUhnLu26LnYjjSag2O_aSePs
.propartnersgroup.top/ Name: __ddg1_
Value: ZzoIaFgSdtEkj0CEQA0r
.propartnersgroup.top/ Name: cookieID
Value: 104525

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
e-pays.org
ep.gordonblue6burgundy.xyz
fonts.googleapis.com
fonts.gstatic.com
infodomains.net
lerinywi.page.link
payold.xyz
propartnersgroup.top
xn--b1aaibn3ajml.xn--p1ai
e-pays.org
2001:4de0:ac18::1:a:1a
2606:4700:3033::ac43:84ee
2606:4700:3035::ac43:8360
2606:4700:3037::ac43:8ef1
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a06:98c1:3120::3
91.247.36.188
05844bb050d4b435e2c3cce402649d18f1746d37928e9d49316fa64951cca988
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327
1b30a3478c30f09ba7e571a3ba527f3c9a95ddb21a87c013214e46cc7b43f7d6
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
4278be30e79631bd20a3568a7778a0d2d5b9a078ca8880b02d45119cf72c3e86
45ab5c8b43827e78655c61f4f06cde45fbd80a2200152ba1a7c9b27dadc224fa
4a45a90cbfd0bfd628f575aa0aab6bc7b5bba4eb654241dd9c11a9410d3ba855
4d7be1886f5551b1d19834222d86c83b92358863bf51c58102fc8d5a7410dd51
5be0c6e47f9314156e902d8a2c39c5c770c867309cf5097f81665f8adc356e73
7789f84816fd8fb6685a068be6ad9927709ddd62cd4ecc74e8843c214b147676
78995452a9ec4773b1827cb20dfc34fada7abb5d5a0da648c1dda943c0dc3f03
8760290169c00414dbd5cc19fd03281146c7612b224ba736ca88d68994e2647b
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
9216c81149df71901ee0c0fea4e6c059d595efeb6bd4b85ea913c62b2ac845c4
985b513615c9ca45b6a11beedf94ab5ec9a590375d2840161cfa5671fe4de0e4
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ac9d119176b20423813037296dadaedbfc00fa4efa47bf473c1ea112c22eabcb
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
c40dafa98be0318bc1a87d359e27915755a6fafdd925b90ee6ea4981e4f89099
c85f193f95e312ce87ea00b0a3553edddbe403273c9fda54d2f4e101714a9b15
d14651c6e395990c9e3a434f628f1efd36acc6bf527f821c0822f7f4cdd1196c
e4e763b7d3e1f7bd51136ed3071cfce6d8ed247490410b908a7a64b95e8a7795
f086a142246da6c9f47477b1c1e50a1fd5221a5f1dff35d083af5d0dcb17a0c1