safe.hemetusd.org Open in urlscan Pro
2a04:4e42:4f::80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safe.hemetusd.org/
Submission: On May 22 via automatic, source certstream-suspicious (May 22nd 2022, 7:22:50 am UTC) — Scanned from DE

Summary HTTP 71 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 71 HTTP transactions. The main IP is 2a04:4e42:4f::80, located in United States and belongs to FASTLY, US. The main domain is safe.hemetusd.org.
TLS certificate: Issued by R3 on April 5th 2022. Valid for: 3 months.

This is the only time safe.hemetusd.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a04:4e42:4f::80 2a04:4e42:4f::80	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bde9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	54.149.51.88 54.149.51.88	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:224... 2600:9000:224a:c200:15:9027:e080:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:20:... 2606:4700:20::681a:c57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
5	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
71	15

18 2a04:4e42:4f::80 (United States)

ASN54113 (FASTLY, US)

safe.hemetusd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bde9 (United States)

ASN13335 (CLOUDFLARENET, US)

hemetmaster.edlioschool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.51.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-51-88.us-west-2.compute.amazonaws.com

counter.edlio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:224a:c200:15:9027:e080:93a1 (United States)

ASN16509 (AMAZON-02, US)

3.files.edl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:c57 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	hemetusd.org safe.hemetusd.org	346 KB
17	edl.io 3.files.edl.io — Cisco Umbrella Rank: 23032	7 MB
9	juicer.io assets.juicer.io — Cisco Umbrella Rank: 12429 www.juicer.io — Cisco Umbrella Rank: 17879 static.juicer.io — Cisco Umbrella Rank: 25603	172 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 translate.googleapis.com — Cisco Umbrella Rank: 997 translate-pa.googleapis.com — Cisco Umbrella Rank: 1388	88 KB
5	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 702	623 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	60 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	109 KB
2	google.com translate.google.com — Cisco Umbrella Rank: 1238 www.google.com — Cisco Umbrella Rank: 7	27 KB
1	edlio.com counter.edlio.com — Cisco Umbrella Rank: 19085	247 B
1	edlioschool.com hemetmaster.edlioschool.com	9 KB
71	11

	Domain	Requested by
18	safe.hemetusd.org	safe.hemetusd.org
17	3.files.edl.io	safe.hemetusd.org
5	pbs.twimg.com	safe.hemetusd.org
5	assets.juicer.io	safe.hemetusd.org assets.juicer.io
4	translate.googleapis.com	translate.googleapis.com safe.hemetusd.org
3	www.juicer.io	assets.juicer.io
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.gstatic.com	translate.googleapis.com safe.hemetusd.org
2	fonts.googleapis.com	safe.hemetusd.org hemetmaster.edlioschool.com
2	www.googletagmanager.com	safe.hemetusd.org www.googletagmanager.com
1	static.juicer.io	assets.juicer.io
1	translate-pa.googleapis.com	srcdoc
1	www.google.com	safe.hemetusd.org
1	counter.edlio.com	safe.hemetusd.org
1	translate.google.com	safe.hemetusd.org
1	hemetmaster.edlioschool.com	safe.hemetusd.org
71	17

This site contains links to these domains. Also see Links.

Domain
www.hemetusd.org
www.facebook.com
twitter.com
app.healthofficeportal.com
app.sprigeo.com
4.files.edl.io
thinktogether.org
portals.hemetusd.org
www.lexiacore5.com
www.lexiapowerup.com
play.dreambox.com
www.twitter.com
t.co
hemeteducationfoundation.weebly.com
parentcenter.hemetusd.org
hemeteatfreshexpress.org
www.edlio.com

Subject Issuer	Validity	Valid
acacia.hemetusd.org R3	`2022-04-05` - `2022-07-04`	3 months	crt.sh
edlioschool.com Cloudflare Inc ECC CA-3	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.edlio.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.files.edl.io Amazon	`2021-08-06` - `2022-09-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://safe.hemetusd.org/
Frame ID: 439CA053F569B1665825B867BF291DD6
Requests: 67 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 77EB1184848B32822289B37BD0909D83
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
Frame ID: 3E3E8DDC20924AB0EA6175F92ABE8BA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hemet Unified Expanded Learning Opportunities ProgramAnonymously Report Bullyingrequesttrancript

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

99 %
HTTPS

93 %
IPv6

11
Domains

17
Subdomains

15
IPs

2
Countries

8855 kB
Transfer

10329 kB
Size

6
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: http://www.hemetusd.org/
Title: District Site

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hemetusd/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/SAFE_HUSD
Title: Twitter

Search URL Search Domain Scan URL

URL: https://app.healthofficeportal.com/SHM_Hemet_Unified_School_District/Portal/Login.aspx
Title: Portal

Search URL Search Domain Scan URL

URL: https://app.sprigeo.com/
Title: Anonymously Report Bullying .st0{fill:#FFFFFF;} Anonymously Report Bullying

Search URL Search Domain Scan URL

URL: https://4.files.edl.io/b9e3/08/12/21/035404-28753cab-5b22-48dd-a579-21458f0b02ca.pdf
Title: School Calendar

Search URL Search Domain Scan URL

URL: https://thinktogether.org/
Title: Think Together

Search URL Search Domain Scan URL

URL: https://portals.hemetusd.org/aeries.net/LoginParent.aspx?page=default.aspx
Title: Aeries Portal

Search URL Search Domain Scan URL

URL: https://4.files.edl.io/6d6e/06/14/21/180335-8e9fbd46-65ff-444e-9af8-4f7c97a2f9a4.pdf
Title: Program Policies 2021-2022

Search URL Search Domain Scan URL

URL: https://www.lexiacore5.com/register
Title: Lexia Core 5 Reading (TK-5)

Search URL Search Domain Scan URL

URL: https://www.lexiapowerup.com/
Title: Lexia Power-up Reading (6-8)

Search URL Search Domain Scan URL

URL: https://play.dreambox.com/
Title: Dreambox Math (TK-8)

Search URL Search Domain Scan URL

URL: https://4.files.edl.io/1c07/04/21/22/143226-40d740e9-63cd-412a-a28f-4f556b20e403.pdf
Title: Summer School and Enrichment

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=1456670&type=d&pREC_ID=1617869
Title: PRESS RELEASE: Member of Bona Fide Taxpayers' Organization and Parent/Guardian Needed for Measure X Citizens' Oversight Committee

Search URL Search Domain Scan URL

URL: http://www.twitter.com/HemetUnified
Title: Latest Posts

Search URL Search Domain Scan URL

URL: https://www.twitter.com/SAFE_HUSD
Title: SAFE Expanded Learning Program@SAFE_HUSD

Search URL Search Domain Scan URL

URL: https://twitter.com/SAFE_HUSD/status/1490843534966259712
Title: Twitter Logo

Search URL Search Domain Scan URL

URL: https://t.co/FIjPE1ca37
Title: safe.hemetusd.org

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1490843534966259712
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1490843534966259712
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/like?tweet_id=1490843534966259712
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/SAFE_HUSD/status/1455348945081622528
Title: Twitter Logo

Search URL Search Domain Scan URL

URL: https://t.co/T5IiI33kOk
Title: safe.hemetusd.org

Search URL Search Domain Scan URL

URL: https://t.co/j7PPQRW6iO
Title: forms.gle/ZMG2ZuhZJxJPrb…

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1455348945081622528
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1455348945081622528
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/like?tweet_id=1455348945081622528
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/SAFE_HUSD/status/1415408985394454529
Title: Twitter Logo

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1415408985394454529
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1415408985394454529
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/like?tweet_id=1415408985394454529
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/SAFE_HUSD/status/1402646487440363521
Title: Twitter Logo

Search URL Search Domain Scan URL

URL: https://t.co/RGC5zAqruZ
Title: safe.hemetusd.org/apps/pages/ind…

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1402646487440363521
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1402646487440363521
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/like?tweet_id=1402646487440363521
Title: Like

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=253706&type=d&pREC_ID=1321492
Title: Fast Facts

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254711&type=d&pREC_ID=595393
Title: Board Policies

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=253849&type=d&pREC_ID=2124867
Title: Board of Trustees

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/events/?id=1
Title: Board Meeting Calendar

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=255490&type=d&pREC_ID=589375
Title: Superintendents Message

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254941&type=d&pREC_ID=598259
Title: Schools

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=1205054&type=d&pREC_ID=1443636
Title: Departments

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=427971&type=d&pREC_ID=934381
Title: Hours of Operation

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254787&type=d&pREC_ID=1135567
Title: CA School Dashboard

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=260702&type=d&pREC_ID=1185697
Title: Non Discrimination

Search URL Search Domain Scan URL

URL: https://4.files.edl.io/35be/04/08/19/213958-31c34061-e4e3-448a-8ec4-13a877db9342.pdf
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254711&type=d&pREC_ID=582624
Title: Strategic Plan

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=253706&type=d&pREC_ID=1425278
Title: Facilities Survey

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254697&type=d&pREC_ID=590279
Title: Facilities Use

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=434716&type=d&pREC_ID=944801
Title: Flyer Distribution

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254697&type=d&pREC_ID=1715390
Title: HUSD Bonds

Search URL Search Domain Scan URL

URL: https://hemeteducationfoundation.weebly.com/
Title: Hemet Education Foundation

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254696&type=d&pREC_ID=581097https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254696&type=d&pREC_ID=581097
Title: Employment

Search URL Search Domain Scan URL

URL: https://parentcenter.hemetusd.org/
Title: Parent Center

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/currentyearcalendar/
Title: Current School Year Calendar

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254707&type=d&pREC_ID=601771
Title: School Boundaries

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=255491&type=d&pREC_ID=787734
Title: Bell Schedules

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/Enrollment
Title: Registration

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=255344&type=d&pREC_ID=1098901
Title: Transfer Requests

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=254961&type=d&pREC_ID=581953
Title: Academic Achievement

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=255350&type=d&pREC_ID=583108
Title: Parent Links

Search URL Search Domain Scan URL

URL: https://hemeteatfreshexpress.org/index.php?sid=0502080141390072
Title: Nutrition Services

Search URL Search Domain Scan URL

URL: https://portals.hemetusd.org/Aeries.net/LoginParent.aspx
Title: Aeries Portal

Search URL Search Domain Scan URL

URL: https://www.hemetusd.org/apps/pages/index.jsp?uREC_ID=255349&type=d&pREC_ID=598281
Title: Dress Code

Search URL Search Domain Scan URL

URL: http://www.edlio.com/
Title: Powered by Edlio

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
safe.hemetusd.org/ 58 KB
20 KB 802ms
631ms Document
text/html 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.hemetusd.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

15840689e5e137605f2256cee5239d7550ccbed2b2b7051e1ea0415c0ecf4142

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .edlioadmin.com .tahquitzhs.org .hemethigh.com .hemetadultschool.org .theacademyofinnovation.org .hamiltonbobcats.net .wvhsmustangs.net .hemetusd.org .alessandrohighschool.org .westerncenteracademy.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=5, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: gzip
content-length: 19490
content-security-policy: frame-ancestors 'self' *.edlioadmin.com *.tahquitzhs.org *.hemethigh.com *.hemetadultschool.org *.theacademyofinnovation.org *.hamiltonbobcats.net *.wvhsmustangs.net *.hemetusd.org *.alessandrohighschool.org *.westerncenteracademy.com
content-type: text/html;charset=utf-8
date: Sun, 22 May 2022 07:22:42 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: Apache-Coyote/1.1
strict-transport-security: max-age=31536000
vary: Accept-Encoding, X-Device
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-device: desktop
x-edlio-pci: enabled
x-frame-options: SAMEORIGIN
x-served-by: cache-hhn4040-HHN
x-timer: S1653204162.857835,VS0,VE619
x-xss-protection: 1; mode=block

GET
H2 200 main-pack-1653059364369.css
safe.hemetusd.org/apps/shared/ 6 KB
2 KB 371ms
370ms Stylesheet
text/css 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/shared/main-pack-1653059364369.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 934a564175bf54e3edb6244ab06ef5386b55381462ae0e58fe4a281c3c300427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 1986
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:21:25 GMT
server: Apache
x-timer: S1653204163.537606,VS0,VE363
etag: "191c-5df7234950340"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/css
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.css
safe.hemetusd.org/shared/ 23 KB
3 KB 347ms
346ms Stylesheet
text/css 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/shared/main.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 83bf99817657aa945fd8f88eec0e7853fcd379971e7aea734100e3b02f78e50d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 3166
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Wed, 24 Nov 2021 18:43:52 GMT
server: Apache
x-timer: S1653204163.537885,VS0,VE340
etag: "5a78-5d18d3d514c6e"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/css
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 site-pack-1653059364369.css
safe.hemetusd.org/apps/webapps/global/public/css/ 2 KB
664 B 346ms
344ms Stylesheet
text/css 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/webapps/global/public/css/site-pack-1653059364369.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 2d4e35163a9ef1fa6be8f6c17ba39ac212250bad4f4fdf1e32186d60ef57773c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 516
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:23:22 GMT
server: Apache
x-timer: S1653204163.538127,VS0,VE338
etag: "736-5df723b8e4a80"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/css
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 temp-pack-1653059364369.css
safe.hemetusd.org/apps/webapps/global/public/css/ 874 B
481 B 357ms
356ms Stylesheet
text/css 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/webapps/global/public/css/temp-pack-1653059364369.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: accfcbc5c28aea5f181b72bff387a2991eea63b80db2aa4d32e9d212751c983f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 370
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:23:56 GMT
server: Apache
x-timer: S1653204163.539030,VS0,VE349
etag: "36a-5df723d951700"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/css
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 web_apps-pack-1653059364369.css
safe.hemetusd.org/apps/shared/ 25 KB
6 KB 355ms
354ms Stylesheet
text/css 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/shared/web_apps-pack-1653059364369.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 2906ba2ea1104b07813ccd3ed748f276bf58f186340eb9a947b0e095910677ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 5576
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:21:25 GMT
server: Apache
x-timer: S1653204163.538978,VS0,VE347
etag: "62a4-5df7234950340"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/css
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main-pack-1653059364369.css
safe.hemetusd.org/apps/webapps/features/stickybins/css/public/ 10 KB
2 KB 361ms
360ms Stylesheet
text/css 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/webapps/features/stickybins/css/public/main-pack-1653059364369.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: c0e3012ed3e9a034aeb560480f3ee388ff81c1640bf2666d6fbda02547267a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 1998
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:43:24 GMT
server: Apache
x-timer: S1653204163.539635,VS0,VE353
etag: "29be-5df7283335b00"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/css
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 common-pack-1653059364369.js Show response
safe.hemetusd.org/apps/js/common/ 7 KB
3 KB 352ms
351ms Script
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/js/common/common-pack-1653059364369.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: dca7e0f52eaae398943d70fe6a58e0651c58db7dee51aa054f1ee0e4ea757298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 2729
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:20:58 GMT
server: Apache
x-timer: S1653204163.539607,VS0,VE343
etag: "1bb3-5df7232f90680"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.css
hemetmaster.edlioschool.com/common_files/ 58 KB
9 KB 641ms
369ms Stylesheet
text/css 2606:4700::6812:bde9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hemetmaster.edlioschool.com/common_files/main.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:bde9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b04ddbfb5bc31f682a59d106caf364d833b9fd84e8ceebfa1dcabe9292b8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Aug 2021 22:38:27 GMT
server: cloudflare
etag: W/"e615-5c9b4dc147e19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
cf-ray: 70f3cd619840900d-FRA

GET
H2 200 list-pack.js Show response
safe.hemetusd.org/apps/js/common/ 16 KB
6 KB 9ms
8ms Script
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/js/common/list-pack.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 427e6c02fda890c6dc2fd2a84b544494b5e7a21973b08764976658dc43979849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
age: 13419
x-cache: HIT
x-device: desktop
content-length: 5595
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:20:57 GMT
server: Apache
x-timer: S1653204163.539587,VS0,VE1
etag: "417a-5df7232e9c440"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bc7eecfc1e6298506fcee6f79d20feaaac547a4be91916cc6548d96ec5801c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK count.jsp
counter.edlio.com/ 2 B
247 B 758ms
203ms Image
image/gif 54.149.51.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.edlio.com/count.jsp?rn=5379&i=SAFAZASELP&s=/index.jsp
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.51.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-51-88.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 07:22:43 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 2
Content-Type: image/gif;charset=ISO-8859-1

GET
H2 200 205053-060683ca-d18e-49d3-ab93-4f21f8d18dac.png
3.files.edl.io/ad4a/20/10/05/ 1 MB
1 MB 722ms
656ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/ad4a/20/10/05/205053-060683ca-d18e-49d3-ab93-4f21f8d18dac.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6d6eca253ec70cae0b9fb8cab725f33fb2c9bc1ae789fad4d7dfeadb7276c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Mon, 05 Oct 2020 20:50:55 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "85fb70e18e7b279ef70c0d3e45af51a0"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''mZ0OX4Ngfkk7bze8HhREJ0UUpPIbiho6OKC19flC4kt0N0rV7609197986523289248.png
accept-ranges: bytes
content-length: 1543875
x-amz-cf-id: ZDsH9dDSfHMjEd6ZrdAW79He-2ukwP_8Hrm7B-kaDPVsPEIwft4xDA==

GET
H2 200 162818-a6040b34-a4a8-4679-bcb8-cb2bcc3c7e6d.jpg
3.files.edl.io/6cc6/19/09/03/ 147 KB
148 KB 684ms
619ms Image
image/jpeg 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/6cc6/19/09/03/162818-a6040b34-a4a8-4679-bcb8-cb2bcc3c7e6d.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff6d57e83c1bc42549229787e2965a61df8bad9c63d16a79eed4bf96dda7b0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Tue, 03 Sep 2019 16:28:19 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "8cc29f6e192cdd2b9c3bbd12821ed022"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename*=UTF-8''4oYeVwZ3NzmQ8EuUjGd7boVCUhDxIu8KjU8v7K0tT6s5ZSJg649810964735063027.jpg
accept-ranges: bytes
content-length: 150463
x-amz-cf-id: QwV4uCJAyH6jd5Rq2yieC9Kbi8ICGoVctKQHkSjXgzB7OeTVmuZ4JA==

GET
H2 200 163338-94f09940-cd10-4387-b444-c71c7d9af41c.jpg
3.files.edl.io/23e7/19/09/03/ 142 KB
143 KB 663ms
597ms Image
image/jpeg 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/23e7/19/09/03/163338-94f09940-cd10-4387-b444-c71c7d9af41c.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37faebbb35945ffabb286f425a9cb0a0513600075fd123c89d96c1d5264bbb58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Tue, 03 Sep 2019 16:33:39 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "ad79b8f84954eef6c9f59e5ab437392d"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename*=UTF-8''2dznN7Ld7bgmr16CYZo3gBHlwAcQEBdOYCYq27G4BVB0LXEO6707371956968651846.jpg
accept-ranges: bytes
content-length: 145704
x-amz-cf-id: _mE-SBrHn7iM-5filf0vjyTn8OrMNIPxqSrQe2JGADPX9JkgxjKE4g==

GET
H2 200 embed.js Show response
assets.juicer.io/ 593 KB
133 KB 54ms
25ms Script
application/javascript 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2aeffb29fae07b734f35a5271020fad1560725e8695af7d79a5a100e36441d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 70f3cd627e868fef-FRA
date: Sun, 22 May 2022 07:22:42 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 23:45:51 GMT
server: cloudflare
age: 5121
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwpLjPZTlUjL990MDjQ7YjU7wUPBMBit5FrrPbZzc2h7sIzFG5%2B85hWg%2Fx56GBAo7xkp5kZqjQ6Wxmsw4429qCn8MixbeuZ1vih2w3hH90zSjxMgQJ%2B3Zm3GJcdnVUxHmMnpnuR4r3Ix5XhG34c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

GET
H2 200 embed.css
assets.juicer.io/ 88 KB
14 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.css
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2921e0f7e573d0215da556bddd12ea978960e95845487d16952cc52f1cc6683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 70f3cd62ef108fef-FRA
date: Sun, 22 May 2022 07:22:43 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 23:45:51 GMT
server: cloudflare
age: 5029
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s3nhhN6%2B2FJ8HsV3Hrt5oDFrSprUBcUcVKfNhdO0kFCf5pIDJ9DE7RwAUe5cP1vW%2FrSJ9J69BMzcDdUfsuJosIVFLDG46v%2FN7%2Bt%2FKkcypQnZG3LTfl6Kwge62vO6F6NyQNuiRW7ntfRvK3x0PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

GET
H2 200 222646-dbe3121d-47ab-49b2-9f89-8c44b7d3a923.jpg
3.files.edl.io/8c05/19/08/27/ 3 KB
3 KB 724ms
659ms Image
application/octet-stream 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/8c05/19/08/27/222646-dbe3121d-47ab-49b2-9f89-8c44b7d3a923.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9010222f4ed6f9e23f941d0b075ee1fb85c14d0ff91513590c061efe73643fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Tue, 27 Aug 2019 22:26:47 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "ea767026ba8c54e99cdde4c03118b08c"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
content-disposition: inline; filename*=UTF-8''about.jpg
accept-ranges: bytes
content-length: 3136
x-amz-cf-id: K4eJwp3ZDkD-Go6NOArrbc38YPAbE6RB-a4iTPAIkB2opsV-s6LoAA==

GET
H2 200 222747-76d0c84d-51c4-403f-9c79-943bebbb204a.jpg
3.files.edl.io/5984/19/08/27/ 6 KB
6 KB 694ms
630ms Image
application/octet-stream 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/5984/19/08/27/222747-76d0c84d-51c4-403f-9c79-943bebbb204a.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8990f19449356a3a26d868fec05aafb4ece03ce585013e5ba4c8c37ae3ea7913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Tue, 27 Aug 2019 22:27:48 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "6e1c1c79efdebef16ace6a7560d8edbc"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
content-disposition: inline; filename*=UTF-8''community.jpg
accept-ranges: bytes
content-length: 5877
x-amz-cf-id: Un1tuELRVwE4jpzpVS3dbRJt_-BZAlUbvuY7gy_jQHB-x1YCa2pKEA==

GET
H2 200 222835-6d428937-db6d-4d09-8cde-d8c87a71a340.jpg
3.files.edl.io/6b1a/19/08/27/ 5 KB
5 KB 667ms
603ms Image
application/octet-stream 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/6b1a/19/08/27/222835-6d428937-db6d-4d09-8cde-d8c87a71a340.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2aa3ca1f97d9c38c6e7c08080fb24123fb884115e4b3d5bd394c31a612b01345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Tue, 27 Aug 2019 22:28:37 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "574441599839ae919ae108234c18f761"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
content-disposition: inline; filename*=UTF-8''parents.jpg
accept-ranges: bytes
content-length: 4658
x-amz-cf-id: U5MLMk1c12smTHDsFNriQTq-uO0vSlUMZyocJl0uT-BFcZfjFpuUDA==

GET
H2 200 180513-dcdd6977-46e3-46ab-97b4-c2224213b0c3.jpg
3.files.edl.io/3aeb/20/09/11/ 6 KB
6 KB 658ms
658ms Image
image/jpeg 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/3aeb/20/09/11/180513-dcdd6977-46e3-46ab-97b4-c2224213b0c3.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7f8a7152926029871b42bb4381e8689e9800781c87dd788b7db1fa1728186c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Fri, 11 Sep 2020 18:05:14 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "553e6dcbdca8785f53fedf26ea74a225"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename*=UTF-8''z_bQAq5dQ8GI_KkUmaUlo5nu.jpg
accept-ranges: bytes
content-length: 6105
x-amz-cf-id: nr9HE6Q_b0hU55TzWiUfy-bOkOWRceXah-LElztnLjIMkppLdm1tQg==

GET
H2 200 bundle-pack-1653059364369.js Show response
safe.hemetusd.org/apps/webapps/features/stickybins/js/public/ 150 KB
48 KB 735ms
735ms Script
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/webapps/features/stickybins/js/public/bundle-pack-1653059364369.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 214f25653b216a8194130616394d48cc47fed9e36aca29ac1c3693b9c6f14be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 48726
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:29:21 GMT
server: Apache
x-timer: S1653204163.049020,VS0,VE728
etag: "257fc-5df7250f43240"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 jquery-pack-1653059364369.js Show response
safe.hemetusd.org/apps/js/jquery/1.11.0/ 106 KB
36 KB 518ms
517ms Script
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/js/jquery/1.11.0/jquery-pack-1653059364369.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 2331e65b6dcb28e00b2f084a217ce5d4eb75c2ce381bd175c42db9b53fc758a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-device: desktop
content-length: 37131
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:21:00 GMT
server: Apache
x-timer: S1653204163.184868,VS0,VE509
etag: "1a631-5df7233178b00"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: max-age=31536000, public, stale-if-error=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 jquery-accessibleMegaMenu.2.js Show response
safe.hemetusd.org/apps/js/common/ 51 KB
10 KB 13ms
7ms Script
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/js/common/jquery-accessibleMegaMenu.2.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71eae74e938f4c5eaf4d8a584932b5b5240d19c50b4e1cc40f74955f37c5c0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 13419
x-cache: HIT
x-device: desktop
content-length: 10200
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Wed, 28 Oct 2020 16:22:40 GMT
server: Apache
x-timer: S1653204163.216843,VS0,VE1
etag: "ccba-5b2bd92805400"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 slick-pack.js Show response
safe.hemetusd.org/apps/webapps/common/slick/1.8.0/ 42 KB
10 KB 15ms
9ms Script
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/webapps/common/slick/1.8.0/slick-pack.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 4cb65ea44523346c4406cc11964b6f82d01916647d5acdcfc223b5afe39ddbb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 13419
x-cache: HIT
x-device: desktop
content-length: 10488
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:43:22 GMT
server: Apache
x-timer: S1653204163.218266,VS0,VE1
etag: "a797-5df728314d680"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
41 KB 44ms
16ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFWJKNQ&l=edlioCorpDataLayer&gtm_auth=53ANkNZTATx5fKdCYoahug&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7afb513e42f2a40a2bb9a759c664c604bba91eb0e7b8109d49450c3d08c0ef4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41706
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Oswald|Permanent+Marker

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/shared/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e00effc2aa76186cba58a4034e492e1e8fa0b2c80bab93bec202b672cd5f4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/shared/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 07:22:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 07:22:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 07:22:42 GMT

GET
H2 200 list-pack.js
safe.hemetusd.org/apps/js/common/ 16 KB
6 KB 9ms
8ms Other
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/js/common/list-pack.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 427e6c02fda890c6dc2fd2a84b544494b5e7a21973b08764976658dc43979849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 13420
x-cache: HIT
x-device: desktop
content-length: 5595
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:20:57 GMT
server: Apache
x-timer: S1653204163.218858,VS0,VE0
etag: "417a-5df7232e9c440"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 css
fonts.googleapis.com/ 6 KB
872 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gentium+Basic:700|Lato:400,400i,700,700i,900|Oswald:700&display=swap

Requested by

Host: hemetmaster.edlioschool.com
URL: https://hemetmaster.edlioschool.com/common_files/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9eb7c8d76db6b3828d1845c2d48315367534721fb842c75068b1f21d5b2ad48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hemetmaster.edlioschool.com/common_files/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 07:22:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 07:22:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 07:22:43 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 46ms
8ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/d=1/rs=AN8SPfp98iDUi5XHvybbtEs4hoLD8Wbm3w/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 22 May 2022 08:09:31 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpbr_sLSShuvsg4OTqYEUSu3Sx3zg/ 224 KB
76 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpbr_sLSShuvsg4OTqYEUSu3Sx3zg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/d=1/rs=AN8SPfp98iDUi5XHvybbtEs4hoLD8Wbm3w/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0789605ae3291d3d3cabf6b28cb89cdc725b7ecc5d7f7324acea08cd3af58f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78062
x-xss-protection: 0
last-modified: Wed, 18 May 2022 21:12:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 May 2023 17:09:37 GMT

GET
H2 200 header_logo.png
safe.hemetusd.org/pics/ 172 KB
172 KB 1072ms
1071ms Image
image/png 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safe.hemetusd.org/pics/header_logo.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/shared/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 7a2b831106b536a97cd663f49e846714b4110d4ad431b9c5ba5d2d5481362b53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/shared/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 varnish
age: 1
x-cache: MISS
x-device: desktop
content-length: 175751
x-served-by: cache-hhn4040-HHN
last-modified: Wed, 07 Oct 2020 21:37:38 GMT
server: Apache
x-timer: S1653204163.234432,VS0,VE1064
etag: "2ae87-5b11b8649b0d3"
vary: X-Device
content-type: image/png
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gentium+Basic:700|Lato:400,400i,700,700i,900|Oswald:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safe.hemetusd.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 396929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:07:14 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 37ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gentium+Basic:700|Lato:400,400i,700,700i,900|Oswald:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safe.hemetusd.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 396929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:07:14 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v48/ 10 KB
10 KB 25ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gentium+Basic:700|Lato:400,400i,700,700i,900|Oswald:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safe.hemetusd.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:01:18 GMT
x-content-type-options: nosniff
age: 487285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:01:18 GMT

GET
H2 200 230855-ad55bba0-c67f-441e-b29f-475993ab1902.png
3.files.edl.io/03b6/22/03/31/ 733 KB
734 KB 32ms
31ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/03b6/22/03/31/230855-ad55bba0-c67f-441e-b29f-475993ab1902.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 040e5980e6e6cbf00d308a38df4c57806cfab6d116c1bbf86f3ed898be980985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:01:57 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 23:08:57 GMT
server: AmazonS3
age: 44447
etag: "08b6969f81b87431326e54ee48b4c05c"
x-cache: Hit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''HUSD-FF-RANCHO5.png
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 750257
x-amz-cf-id: M1YRuLzd-GPAtMeo3dybODpvzz7Icgdo9vR4zDmkeD3frf_Mfbpv5A==

GET
H2 200 192758-1880c07b-bfe0-418f-8292-485831d0e468.png
3.files.edl.io/5ed2/22/04/18/ 97 KB
97 KB 602ms
601ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/5ed2/22/04/18/192758-1880c07b-bfe0-418f-8292-485831d0e468.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdc0a6ba175ccb219d1239fc01a7c2c467b45e48bdc5172fd1c493953681104a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 19:27:59 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "3c687b829087babbf0183fecbf4cd398"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''HUSDNewsArticles11.png
accept-ranges: bytes
content-length: 99345
x-amz-cf-id: wXIfvC3y1yuOJ926kosoUUZFpDVVWdCdSpYTiglYIMJHw569XGz_xA==

GET
H2 200 233547-ba07ebbb-aa47-497d-805b-70bef555d98f.png
3.files.edl.io/bea5/22/04/15/ 744 KB
745 KB 595ms
595ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/bea5/22/04/15/233547-ba07ebbb-aa47-497d-805b-70bef555d98f.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef06cd86acf7370fe9ebd758a744b702188d316aa2b2d34af99bcf190d7dc8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Fri, 15 Apr 2022 23:35:48 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "2251a6f0642a8a87ede6c8f6ed829968"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''HUSD-FF-RANCHO6.png
accept-ranges: bytes
content-length: 761485
x-amz-cf-id: IHBANI8U_TyLZjkZyoMv5R76a_emC3Kz11D_EwDsaLpj2QSBlZyZuQ==

GET
H2 200 002301-e5d10346-278a-4170-aa74-f675252eef8c.png
3.files.edl.io/3560/22/03/19/ 1 MB
1 MB 666ms
665ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/3560/22/03/19/002301-e5d10346-278a-4170-aa74-f675252eef8c.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dff52af8c6f2fef36c82a77c9573522a2d7093f6b67a26d96dadd41cfda61791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Sat, 19 Mar 2022 00:23:04 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "832bf1e40fedbddcf2020edd878e5086"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''FF-Natasha.png
accept-ranges: bytes
content-length: 1102050
x-amz-cf-id: jCuY7zA61r3Fr8CiVfu8AIvKBCMFgvsSjBHMCWAlUISIUI1X9aktCg==

GET
H2 200 205302-2dcc75fa-e0ce-4a80-aba2-8b08681b9079.png
3.files.edl.io/98fe/22/02/16/ 97 KB
98 KB 661ms
660ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/98fe/22/02/16/205302-2dcc75fa-e0ce-4a80-aba2-8b08681b9079.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdc0a6ba175ccb219d1239fc01a7c2c467b45e48bdc5172fd1c493953681104a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 20:53:03 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "3c687b829087babbf0183fecbf4cd398"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''HUSDNewsArticles1.png
accept-ranges: bytes
content-length: 99345
x-amz-cf-id: FjkOD2KG0lNlAio9yRvLtdtHdFT_hdrmlzhwSE-ogGlaE0yawjQpJw==

GET
H2 200 171833-4a8adf69-39a8-47b3-859b-56d76bf99de2.png
3.files.edl.io/f61a/21/11/19/ 707 KB
708 KB 640ms
639ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/f61a/21/11/19/171833-4a8adf69-39a8-47b3-859b-56d76bf99de2.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34a780ee3f3845ca892677830f2006c0b51dc5a2628cc37b6cbdc8976818e2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 17:18:34 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "fa604c6c575fc8a79554fb62019c40eb"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''Ramonacopy.png
accept-ranges: bytes
content-length: 724025
x-amz-cf-id: Y-hodC7EE-89B8lszBDfUlYGTBGvLl-NYwGDwqpPRw2qQbUA431a7g==

GET
H2 200 193422-0d8cdc53-e7a0-47b4-97fe-eff619580636.png
3.files.edl.io/cc1e/21/11/16/ 784 KB
785 KB 730ms
729ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/cc1e/21/11/16/193422-0d8cdc53-e7a0-47b4-97fe-eff619580636.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e1cc5e7fc34f4e07716f815d760766175a5f784620436731de1f1dca9c4df48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 19:34:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "e413575ac92703f426522db5e61b96ad"
x-cache: Miss from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''scottpayneinfrontofHUSDlogo.png
accept-ranges: bytes
content-length: 802832
x-amz-cf-id: QDioD7ws9qKE7XjgEXBIW5qHzvk7_WERZ3aG23uQSXC0BNL5y5NVsQ==

GET
H2 200 003822-7fb817ad-eaa1-4f6e-9e22-42eac543940c.jpg
3.files.edl.io/c6b4/21/09/29/ 75 KB
76 KB 672ms
671ms Image
image/jpeg 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/c6b4/21/09/29/003822-7fb817ad-eaa1-4f6e-9e22-42eac543940c.jpg
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb26564dacad340da7554fb80cfcfcb7656aeb6a6942dbf8572f648462638fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 00:38:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "e759612f27eec5035b757c9e7904593e"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename*=UTF-8''SAFEOct22EnrichmentDay_Page_1.jpg
accept-ranges: bytes
content-length: 77256
x-amz-cf-id: d2nmqYPLpts3Br7PVh_4bQ4ObLcQM1RmfN6Az78grf63a9HiynHgww==

GET
H2 200 175844-8a37d14e-95af-4d68-b4b1-59e15e260b18.png
3.files.edl.io/18a2/21/09/27/ 701 KB
703 KB 605ms
605ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/18a2/21/09/27/175844-8a37d14e-95af-4d68-b4b1-59e15e260b18.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13623957d2d722ea75e4f934c05d1bc6e61c6f0335e23c96db57517aa431b0ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Mon, 27 Sep 2021 17:58:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "ca1c2bd449f3f78cf1c6a60d8a969af5"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''HUSDNewsArticles2.png
accept-ranges: bytes
content-length: 718220
x-amz-cf-id: KUrBMMVfUMOytkZLOy8UF9TkfWS5ZoUMWSWoH9x4MdbESgVnLuvQ-Q==

GET
H2 200 161021-445f7715-f562-4037-b008-1fa84b42f05a.png
3.files.edl.io/434f/21/09/10/ 554 KB
555 KB 661ms
661ms Image
image/png 2600:9000:224a:c200:15:9027:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.files.edl.io/434f/21/09/10/161021-445f7715-f562-4037-b008-1fa84b42f05a.png
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c200:15:9027:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae3ca739a54a482b924d51c15994d4d3dab8d7b97724cb4d1497addc070f1970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 16:10:22 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "e53c5d8d7c96dfcfaedcd6c17e149f1c"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-disposition: inline; filename*=UTF-8''Faculty5.png
accept-ranges: bytes
content-length: 566925
x-amz-cf-id: jRkA6jcmfj3z26gyKlzeshyqOsJ04Wza6IY75cv12kwSM3EaJmTyMw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 33ms
16ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SFNLCEMN54&l=edlioCorpDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJKNQ&l=edlioCorpDataLayer&gtm_auth=53ANkNZTATx5fKdCYoahug&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52fa2f74196c0f2a8d4ef144ebe2f038b5987ad6c99bde16cfd560a66d512d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69610
x-xss-protection: 0
expires: Sun, 22 May 2022 07:22:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJKNQ&l=edlioCorpDataLayer&gtm_auth=53ANkNZTATx5fKdCYoahug&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3815
date: Sun, 22 May 2022 06:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 08:19:08 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=377518118&t=pageview&_s=1&dl=https%3A%2F%2Fsafe.hemetusd.org%2F&ul=en-us&de=UTF-8&dt=Hemet%20Unified%20Expanded%20Learning%20Opportunities%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=433950091&gjid=927705200&cid=1103058797.1653204162&tid=UA-159957301-7&_gid=1144217156.1653204162&_r=1&gtm=2wg5b0KFWJKNQ&cd1=DWS%20Child&cd2=0010b00002PhOGuAAN&cd3=Expanded%20Learning%20Opportunities%20Program&cd4=SAFAZASELP&cd5=0010b00002HIiFcAAL&cd6=Hemet%20Unified%20School%20District&cd7=HEMET-D&z=465217376

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://safe.hemetusd.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:22:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://safe.hemetusd.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SFNLCEMN54&gtm=2oe5b0&_p=377518118&_z=ccd.tbB&cid=1103058797.1653204162&ul=en-us&sr=1600x1200&_s=1&sid=1653204162&sct=1&seg=0&dl=https%3A%2F%2Fsafe.hemetusd.org%2F&dt=Hemet%20Unified%20Expanded%20Learning%20Opportunities%20Program&en=page_view&_fv=1&_ss=1&ep.CustomerType=DWS%20Child&ep.AccountExternalId=0010b00002PhOGuAAN&ep.WebsiteName=Expanded%20Learning%20Opportunities%20Program&ep.WebsiteId=SAFAZASELP&ep.DistrictExternalId=0010b00002HIiFcAAL&ep.DistrictName=Hemet%20Unified%20School%20District&ep.DistrictWebsiteId=HEMET-D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SFNLCEMN54&l=edlioCorpDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:22:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://safe.hemetusd.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 template Show response
safe.hemetusd.org/apps/pagewidget/ 3 B
721 B 375ms
374ms XHR
text/plain 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.hemetusd.org/apps/pagewidget/template?1653204162782

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/apps/webapps/features/stickybins/js/public/bundle-pack-1653059364369.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .edlioadmin.com .tahquitzhs.org .hemethigh.com .hemetadultschool.org .theacademyofinnovation.org .hamiltonbobcats.net .wvhsmustangs.net .hemetusd.org .alessandrohighschool.org .westerncenteracademy.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://safe.hemetusd.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.edlioadmin.com *.tahquitzhs.org *.hemethigh.com *.hemetadultschool.org *.theacademyofinnovation.org *.hamiltonbobcats.net *.wvhsmustangs.net *.hemetusd.org *.alessandrohighschool.org *.westerncenteracademy.com
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
x-device: desktop
vary: X-Device
content-length: 3
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4040-HHN
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: Apache-Coyote/1.1
x-timer: S1653204164.825263,VS0,VE367
x-frame-options: SAMEORIGIN
date: Sun, 22 May 2022 07:22:44 GMT
strict-transport-security: max-age=31536000
content-type: text/plain;charset=UTF-8
x-edlio-pci: enabled
cache-control: public, max-age=5, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 jquery-accessibleMegaMenu.2.js
safe.hemetusd.org/apps/js/common/ 51 KB
10 KB 9ms
8ms Other
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/js/common/jquery-accessibleMegaMenu.2.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71eae74e938f4c5eaf4d8a584932b5b5240d19c50b4e1cc40f74955f37c5c0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 13420
x-cache: HIT
x-device: desktop
content-length: 10200
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Wed, 28 Oct 2020 16:22:40 GMT
server: Apache
x-timer: S1653204164.841063,VS0,VE0
etag: "ccba-5b2bd92805400"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 slick-pack.js
safe.hemetusd.org/apps/webapps/common/slick/1.8.0/ 42 KB
10 KB 9ms
9ms Other
text/javascript 2a04:4e42:4f::80
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.hemetusd.org/apps/webapps/common/slick/1.8.0/slick-pack.js
Requested by: Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4f::80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 4cb65ea44523346c4406cc11964b6f82d01916647d5acdcfc223b5afe39ddbb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:43 GMT
content-encoding: gzip
age: 13420
x-cache: HIT
x-device: desktop
content-length: 10488
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 20 May 2022 14:43:22 GMT
server: Apache
x-timer: S1653204164.841017,VS0,VE0
etag: "a797-5df728314d680"
vary: Accept-Encoding,User-Agent, X-Device
content-type: text/javascript
x-edlio-pci: enabled
cache-control: public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 safe-hemetusd-org Show response
www.juicer.io/api/feeds/ 10 KB
3 KB 678ms
423ms XHR
application/json 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.juicer.io/api/feeds/safe-hemetusd-org?per=4&page=1&truncate=500

Requested by

Host: assets.juicer.io
URL: https://assets.juicer.io/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e3940f6fef269d2a7c9fb87cbe37022ea4333801920d25ca4c841fd6f78bd75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://safe.hemetusd.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 70f3cd69e88b902a-FRA
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-encoding: br
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: a732436e-7b80-45a7-85e3-1cae526c66b1
x-runtime: 0.015676
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 16 May 2022 19:53:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1VQ49kf%2FXP%2FhLaTv8xo%2Fa1H7pNaPnS%2B8UEiO6OPoI3ZVWCSTZuWYBFvDHQRgXtT%2FSOZkQU%2Fg8slrBw7dDGUeKOMDV4%2FmnghAfqfQIHbT8rcDYVVLFDLh7rk8flWEvSULeTkboWcG1TXt%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=300, public, stale-while-revalidate=30, stale-if-error=86400
content-type: application/json; charset=utf-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 282ms
8ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:11:43 GMT
x-content-type-options: nosniff
age: 661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 May 2023 07:11:43 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 77EB 18 KB
3 KB 308ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpbr_sLSShuvsg4OTqYEUSu3Sx3zg/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 22 May 2022 08:09:31 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 279ms
8ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:20:05 GMT
x-content-type-options: nosniff
age: 159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 May 2023 07:20:05 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
598 B 289ms
16ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:22:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame 3E3E 14 KB
2 KB 251ms
244ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Sun, 22 May 2022 07:22:44 GMT

GET
H3 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 9ms
8ms Image
image/gif 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:21:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 331300
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 18 May 2023 11:21:04 GMT

OPTIONS
H2 200 page_views
www.juicer.io/api/ Frame 0
0 406ms
406ms Preflight 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.juicer.io/api/page_views
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://safe.hemetusd.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 70f3cd6cfdab902a-FRA
date: Sun, 22 May 2022 07:22:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWH3NVzmjm1lNSb36QC3agRz%2Bf32ivHaPvFmwUc8C7hIM7w68yrjEQRoh0ckNP8%2FCyA2iLgnJzL3dbvxMueI1uc6%2FK2V4RKLB62qZPyLivURO%2B37MM7edxft7nQ%2BIsHQsr9CwLQ4pMqA%2FFA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur

GET
H2 200 twitter-reply-gray.png
assets.juicer.io/standalone-sprites/ 4 KB
4 KB 15ms
14ms Image
image/png 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.juicer.io/standalone-sprites/twitter-reply-gray.png
Requested by: Host: assets.juicer.io
URL: https://assets.juicer.io/embed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13df2db25ab8006aeeff282466450bec322ff4e2dd864f3be67c5ffca84dcb16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.juicer.io/embed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 23:44:39 GMT
server: cloudflare
age: 2936
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTra7Qs9I%2Fw7Dqy20NQbb3wF0S6IzIvMrK8YMyOHx24jcMNCZCQYYaLBmKzktiUnRulCMbxsDb%2Bn%2B%2B9pIFEqvRD0WITxfXt4iWMRm%2B59OoE64E9UyQIz9NMh0rfFNqd%2Bd3%2B9EZSkqxYCcPvGn7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70f3cd6cbb788fef-FRA
content-length: 3983

GET
H2 200 twitter-retweet-gray.png
assets.juicer.io/standalone-sprites/ 4 KB
4 KB 17ms
16ms Image
image/png 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.juicer.io/standalone-sprites/twitter-retweet-gray.png
Requested by: Host: assets.juicer.io
URL: https://assets.juicer.io/embed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f64104d9bc81f872684a6f0ef2d537c0c751dd96d0b442d1a1cbd156e2f749d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.juicer.io/embed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 23:44:39 GMT
server: cloudflare
age: 3649
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6e4CbWcr0bga8pj9OYj8aNgPu5%2FLjRe9bKG39e8eF3TkhKd9K7ZaWoqTsaUqT8jwiYri0fYpyctnFVBmf9cAWJ29G2HTpazmwsB4ZzOAuLXCFwoLpG5vtFBLlurw4z9o05ay0DJ9gY%2BR3Jc79E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70f3cd6cbb7a8fef-FRA
content-length: 3890

GET
H2 200 twitter-like-gray.png
assets.juicer.io/standalone-sprites/ 4 KB
4 KB 16ms
15ms Image
image/png 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.juicer.io/standalone-sprites/twitter-like-gray.png
Requested by: Host: assets.juicer.io
URL: https://assets.juicer.io/embed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3611e46d1bb16424f0437004fa9be3c09b4feaf54b30ecde1aa25dbcef97ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.juicer.io/embed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 23:44:39 GMT
server: cloudflare
age: 2936
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgoR4a1%2BXXr7OJtjf9q0Yy2yp4qWJBSasXgLP%2FjoSN%2F5n%2BmJZ0ezVpFKdtJSNEN3H6G11I14cGVvVADod5F0N9f4zPB372aho404VGbj1MKdRUpt%2BDWaz6muQp47WQe0ymOe6sQXPeebxSMkTvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70f3cd6cbb7b8fef-FRA
content-length: 3794

GET
H2 200 fontawesome-5-juicer.woff2
static.juicer.io/fonts/ 9 KB
9 KB 123ms
112ms Font
application/font-woff2 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.juicer.io/fonts/fontawesome-5-juicer.woff2?80004225
Requested by: Host: assets.juicer.io
URL: https://assets.juicer.io/embed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b129ac4b4a639e3acb13e146ca1e5f7367b31c4c7f26c8dd499ade9864e12b10

Request headers

Referer: https://assets.juicer.io/
Origin: https://safe.hemetusd.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-length: 9116
last-modified: Thu, 19 May 2022 23:44:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAXTjdlrJu7Dnal7cnlpTD%2FqFngFH72CNuDAg3aKGelW3JkvQ1Y9CxCgUDQTNBN86Hyx2hnpz34gMiggOMcR%2FA2fdNbyS3A%2BQL1%2Flm1IkJFqBjs9008SCi9unyeEssqEUNoERgOM9VL9PtPKCbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 70f3cd6ccd51902a-FRA

POST
H2 200 page_views Show response
www.juicer.io/api/ 0
352 B 118ms
118ms XHR
application/json 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.juicer.io/api/page_views

Requested by

Host: assets.juicer.io
URL: https://assets.juicer.io/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://safe.hemetusd.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 May 2022 07:22:45 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 70f3cd6f89ad902a-FRA
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-encoding: br
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: c604566c-881b-4898-bb9d-b7f1720ae6a4
x-runtime: 0.005561
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOTR2DWxcAfeStCu4oNEQXk3DsCK3QVlQFHPOZ3s%2FEiEwpkgQtuTSDPSQzne9a63CB8UIafB0S7%2Bmzo8LUgGbLKn4%2BeZB%2FvUUeUDRzPczEqhr7u6d85ZVD%2F3kukPtQjfZaC923OnM8w9T%2B4%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-type: application/json

GET
H2 200 6TVhZPYH_normal.jpg
pbs.twimg.com/profile_images/1295777564980477952/ 2 KB
3 KB 54ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1295777564980477952/6TVhZPYH_normal.jpg

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

6d6fd9b4fc39b360fda0842631bbe22d573deab8df1dcdafd1abfb16b688231e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
x-content-type-options: nosniff
age: 98944
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2415
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/4 profile_images/1295777564980477952
last-modified: Tue, 18 Aug 2020 17:38:20 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8b73dc2525e9290ddfeac6d9bf71708dfe2719032b3462cde5b74a423fd33ca8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FLCJ_IJVQAEBtWR.jpg
pbs.twimg.com/media/ 149 KB
149 KB 55ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FLCJ_IJVQAEBtWR.jpg

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

fd1ff9e9766612e9447877f7d44f4e5b6361d0b9378f62526ef83702c9bfc66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
x-content-type-options: nosniff
age: 98944
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 152343
x-response-time: 342
surrogate-key: media media/bucket/2 media/1490843194271023105
last-modified: Tue, 08 Feb 2022 00:19:30 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3f5a658e67f773b7cee2be59cab913ad424ba89ebc0e7fea567bc2c04c321357
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FDJwIZ6VEAEq_-Y.jpg
pbs.twimg.com/media/ 215 KB
215 KB 69ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FDJwIZ6VEAEq_-Y.jpg

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

6676a0161f99274a5988b040fcfba6b77bbf0d1eca3023e9a515940d640d5453

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
x-content-type-options: nosniff
age: 98944
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 220347
x-response-time: 440
surrogate-key: media media/bucket/0 media/1455348919290892289
last-modified: Tue, 02 Nov 2021 01:37:56 GMT
server: ECS (frb/6713)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d2a8b2ea533889d24670a38f89e59e7310d00642e7d58c0708342c87d2ad505e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E6SKKeEVEAIu4O4.jpg
pbs.twimg.com/media/ 142 KB
142 KB 69ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E6SKKeEVEAIu4O4.jpg

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

a8ef6424d1d1b924af9a6119066ef57c5cb016d141024b7b2e0f07f9aebd3150

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
x-content-type-options: nosniff
age: 98944
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 145492
x-response-time: 444
surrogate-key: media media/bucket/6 media/1415408095375724546
last-modified: Wed, 14 Jul 2021 20:27:21 GMT
server: ECS (frb/668A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f0a773d9e8afd41ba397a48c63c9e2acb9dc3ad85d4ababf33c660b48b1e297e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E3czioIUUAM7ARO.jpg
pbs.twimg.com/media/ 113 KB
113 KB 69ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E3czioIUUAM7ARO.jpg

Requested by

Host: safe.hemetusd.org
URL: https://safe.hemetusd.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

3496ce0fb77da70ea7ab2b34f739cf55f9ceee65f94e07b2cc6387d14e387719

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safe.hemetusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:22:44 GMT
x-content-type-options: nosniff
age: 98944
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 115479
x-response-time: 391
surrogate-key: media media/bucket/5 media/1402646478930071555
last-modified: Wed, 09 Jun 2021 15:17:15 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 66bf5198a18f44bead2bc2ca14d4d77224a1c3e84ad9077767079e9407f184ed
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hemetusd.org/	1970-01-20 03:14:50	Name: _gid Value: GA1.2.1144217156.1653204162
.hemetusd.org/	1970-01-20 03:13:24	Name: _gat_UA-159957301-7 Value: 1
.hemetusd.org/	1970-01-20 20:44:36	Name: _ga_SFNLCEMN54 Value: GS1.1.1653204162.1.0.1653204162.0
.hemetusd.org/	1970-01-20 20:44:36	Name: _ga Value: GA1.1.1103058797.1653204162
safe.hemetusd.org/	1970-01-20 11:59:00	Name: ENUnique Value: 0.40797740839005014
safe.hemetusd.org/	1970-01-20 11:59:00	Name: CUID Value: c948b04270514f5a9de034eb135e63af

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .edlioadmin.com .tahquitzhs.org .hemethigh.com .hemetadultschool.org .theacademyofinnovation.org .hamiltonbobcats.net .wvhsmustangs.net .hemetusd.org .alessandrohighschool.org .westerncenteracademy.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.files.edl.io
assets.juicer.io
counter.edlio.com
fonts.googleapis.com
fonts.gstatic.com
hemetmaster.edlioschool.com
pbs.twimg.com
safe.hemetusd.org
static.juicer.io
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.juicer.io
2600:9000:224a:c200:15:9027:e080:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:20::681a:c57
2606:4700::6812:bde9
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a04:4e42:4f::80
54.149.51.88
040e5980e6e6cbf00d308a38df4c57806cfab6d116c1bbf86f3ed898be980985
0789605ae3291d3d3cabf6b28cb89cdc725b7ecc5d7f7324acea08cd3af58f9a
0e1cc5e7fc34f4e07716f815d760766175a5f784620436731de1f1dca9c4df48
0f64104d9bc81f872684a6f0ef2d537c0c751dd96d0b442d1a1cbd156e2f749d
13623957d2d722ea75e4f934c05d1bc6e61c6f0335e23c96db57517aa431b0ba
13df2db25ab8006aeeff282466450bec322ff4e2dd864f3be67c5ffca84dcb16
15840689e5e137605f2256cee5239d7550ccbed2b2b7051e1ea0415c0ecf4142
20b04ddbfb5bc31f682a59d106caf364d833b9fd84e8ceebfa1dcabe9292b8dc
214f25653b216a8194130616394d48cc47fed9e36aca29ac1c3693b9c6f14be1
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
2331e65b6dcb28e00b2f084a217ce5d4eb75c2ce381bd175c42db9b53fc758a3
2906ba2ea1104b07813ccd3ed748f276bf58f186340eb9a947b0e095910677ea
2aa3ca1f97d9c38c6e7c08080fb24123fb884115e4b3d5bd394c31a612b01345
2bc7eecfc1e6298506fcee6f79d20feaaac547a4be91916cc6548d96ec5801c4
2d4e35163a9ef1fa6be8f6c17ba39ac212250bad4f4fdf1e32186d60ef57773c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3940f6fef269d2a7c9fb87cbe37022ea4333801920d25ca4c841fd6f78bd75
3496ce0fb77da70ea7ab2b34f739cf55f9ceee65f94e07b2cc6387d14e387719
34a780ee3f3845ca892677830f2006c0b51dc5a2628cc37b6cbdc8976818e2ea
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37faebbb35945ffabb286f425a9cb0a0513600075fd123c89d96c1d5264bbb58
427e6c02fda890c6dc2fd2a84b544494b5e7a21973b08764976658dc43979849
4cb65ea44523346c4406cc11964b6f82d01916647d5acdcfc223b5afe39ddbb5
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
52fa2f74196c0f2a8d4ef144ebe2f038b5987ad6c99bde16cfd560a66d512d59
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
6676a0161f99274a5988b040fcfba6b77bbf0d1eca3023e9a515940d640d5453
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6fd9b4fc39b360fda0842631bbe22d573deab8df1dcdafd1abfb16b688231e
6e00effc2aa76186cba58a4034e492e1e8fa0b2c80bab93bec202b672cd5f4a5
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
71eae74e938f4c5eaf4d8a584932b5b5240d19c50b4e1cc40f74955f37c5c0e6
7a2b831106b536a97cd663f49e846714b4110d4ad431b9c5ba5d2d5481362b53
7afb513e42f2a40a2bb9a759c664c604bba91eb0e7b8109d49450c3d08c0ef4d
83bf99817657aa945fd8f88eec0e7853fcd379971e7aea734100e3b02f78e50d
8990f19449356a3a26d868fec05aafb4ece03ce585013e5ba4c8c37ae3ea7913
9010222f4ed6f9e23f941d0b075ee1fb85c14d0ff91513590c061efe73643fc7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
934a564175bf54e3edb6244ab06ef5386b55381462ae0e58fe4a281c3c300427
9eb7c8d76db6b3828d1845c2d48315367534721fb842c75068b1f21d5b2ad48a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7f8a7152926029871b42bb4381e8689e9800781c87dd788b7db1fa1728186c4
a8ef6424d1d1b924af9a6119066ef57c5cb016d141024b7b2e0f07f9aebd3150
accfcbc5c28aea5f181b72bff387a2991eea63b80db2aa4d32e9d212751c983f
ae3ca739a54a482b924d51c15994d4d3dab8d7b97724cb4d1497addc070f1970
b129ac4b4a639e3acb13e146ca1e5f7367b31c4c7f26c8dd499ade9864e12b10
b2921e0f7e573d0215da556bddd12ea978960e95845487d16952cc52f1cc6683
b6d6eca253ec70cae0b9fb8cab725f33fb2c9bc1ae789fad4d7dfeadb7276c6d
bdc0a6ba175ccb219d1239fc01a7c2c467b45e48bdc5172fd1c493953681104a
c0e3012ed3e9a034aeb560480f3ee388ff81c1640bf2666d6fbda02547267a0a
c2aeffb29fae07b734f35a5271020fad1560725e8695af7d79a5a100e36441d8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d4e2132966d8c8c3b62d0e3a63e28a22105e02e50ad2690f9f9252d2e20904a4
dca7e0f52eaae398943d70fe6a58e0651c58db7dee51aa054f1ee0e4ea757298
dff52af8c6f2fef36c82a77c9573522a2d7093f6b67a26d96dadd41cfda61791
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef06cd86acf7370fe9ebd758a744b702188d316aa2b2d34af99bcf190d7dc8e9
f3611e46d1bb16424f0437004fa9be3c09b4feaf54b30ecde1aa25dbcef97ffc
fb26564dacad340da7554fb80cfcfcb7656aeb6a6942dbf8572f648462638fe2
fd1ff9e9766612e9447877f7d44f4e5b6361d0b9378f62526ef83702c9bfc66a
ff6d57e83c1bc42549229787e2965a61df8bad9c63d16a79eed4bf96dda7b0ee

safe.hemetusd.org Open in urlscan Pro 2a04:4e42:4f::80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

99 %HTTPS

93 %IPv6

11 Domains

17 Subdomains

15 IPs

2 Countries

8855 kBTransfer

10329 kBSize

6 Cookies

66 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safe.hemetusd.org Open in urlscan Pro
2a04:4e42:4f::80 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

99 %
HTTPS

93 %
IPv6

11
Domains

17
Subdomains

15
IPs

2
Countries

8855 kB
Transfer

10329 kB
Size

6
Cookies

71 HTTP transactions
-1 data transactions