Report - icsv.miningwithprinciples.com/

Report Overview

Submitted URL
icsv.miningwithprinciples.com/
IP
217.70.186.113
ASN
#29169 GANDI SAS
Submitted
2022-11-22 15:24:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	624 B	143.204.55.84
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	819 B	8.7 kB	151.101.85.229
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	21 kB	142.250.74.174
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	69 kB	143.204.55.68
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.165
ws38.hotjar.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	574 B	250 B	108.128.36.21
in.hotjar.com	1746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	512 B	287 B	54.78.147.197
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	31 kB	142.250.74.170
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	1.7 kB	143.204.55.101
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	44 kB	142.250.74.168
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	948 B	30 kB	104.18.10.207
vc.hotjar.io	2334	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	368 B	54.230.111.91
icsv.miningwithprinciples.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	5.4 MB	217.70.186.113
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-22	medium	icsv.miningwithprinciples.com/	Phishing
2022-11-22	medium	icsv.miningwithprinciples.com/	Phishing
2022-11-22	medium	icsv.miningwithprinciples.com/wp-content/themes/custom/images/ICMM_VL_C_RGB.svg	Phishing
2022-11-22	medium	icsv.miningwithprinciples.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5	Phishing
2022-11-22	medium	icsv.miningwithprinciples.com/wp-content/themes/custom/fonts/311AF8_3_0.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	icsv.miningwithprinciples.com/	390 B	2023-03-11	2023-03-11
Pretty URL icsv.miningwithprinciples.com/ IP 217.70.186.113 ASN #29169 GANDI SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash 54b8964f9bcd650c975020c4f742b306 ab91eda88ffba2c98e95d75f120062b2520ea49d 4d2da4f2081981d45de5e0d081093b265e8b4aa2d1a97d4f5ea6dfca9c9c132e Loading...

	icsv.miningwithprinciples.com/	162 B	2023-03-11	2023-03-11
Pretty URL icsv.miningwithprinciples.com/ IP 217.70.186.113 ASN #29169 GANDI SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash 25f28426f29901af7ce3380e91e0ddfb 9303e502933c8cef22a7e9c60ec6718abaad226e 2c656720ef4db95fba12500ff11011466bb71e3857d2e9aa55b63b433cece430 Loading...

	www.googletagmanager.com/gtag/js?id=UA-155229377-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-155229377-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash 6c457c033c69f179239220d793978620 0bddd72065e524f867621e2272409d44f465e825 3bcdd7390e33f13998c3cfd68b3994f7b17d693a2c89b256d3ec69cbacc13ac3 Loading...

	icsv.miningwithprinciples.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5	18 kB	2023-03-07	2024-04-19
Pretty URL icsv.miningwithprinciples.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 IP 217.70.186.113 ASN #29169 GANDI SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:25 Times Seen12561 Hash 116c86c56f8db0bb63f15ceda50fdc98 75e308982ecf7cd43644b8b426e6aa1a0b0fbe26 def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Loading...

	static.hotjar.com/c/hotjar-1831193.js?sv=6	4.5 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-1831193.js?sv=6 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash 53c538ad151857f17288cc0e2853b2da 3ec2c7b7b6438923eeb5ff760bb7e5567626cbde 482fd47012ea9c916542dbbd5a3189a01e79c98633c33186fb94759f73492d56 Loading...

	cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js	24 kB	2023-03-07	2024-04-20
Pretty URL cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:28 Last Seen2024-04-20 00:16:23 Times Seen1020 Hash f130375f5935e8f531768329cd08b017 cfaa31dc173d29c6f4950778ccc5cb3b1a913396 7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 23:22:10 Times Seen263026 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	icsv.miningwithprinciples.com/	2.2 kB	2023-03-11	2023-03-11
Pretty URL icsv.miningwithprinciples.com/ IP 217.70.186.113 ASN #29169 GANDI SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash 092ba30f3cb9f2e812f2f048f93278f2 b50978611e1093b730118e2289dceeb8cdc89c73 aa04e7d1452bbba7fcc0ad58e707938babbc2756c61d6edfa1696c3cb562de59 Loading...

	icsv.miningwithprinciples.com/	148 B	2023-03-11	2023-03-11
Pretty URL icsv.miningwithprinciples.com/ IP 217.70.186.113 ASN #29169 GANDI SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash 5f1f9e7ec2f2d44fc6e4cd7274140bfc 05e5ae003ae62e77011943beaccd9237b1fa4702 1df762df48b0d5fa960aad793139d70c4dfb08933ea1eaad878da35c0704bc56 Loading...

	icsv.miningwithprinciples.com/	314 B	2023-03-11	2023-03-11
Pretty URL icsv.miningwithprinciples.com/ IP 217.70.186.113 ASN #29169 GANDI SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:45:02 Last Seen2023-03-11 15:45:02 Times Seen1 Hash def93dcf7f3ea5de92690aa4947fbb5e 8a71084d4d87bf1204c2ecd00dab9efa392343a1 dcf5b334aa5dbb59024e03cf0e3f972a4f3d8c144c1468c2ecd29b26e1b5ba75 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html	2.3 kB	2023-03-10	2023-03-17
Pretty URL vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html IP 143.204.55.101 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:23:49 Last Seen2023-03-17 21:22:49 Times Seen1 Hash 34086a2f3d61b9a459a6141d1343ece0 ae09be0d58acca43ea80769df13cbbfea21a9ccb f639e1347dd440a977783f03b6524b2deda7b39daa1060b3519c64c337c6ae55 Loading...

HTTP Transactions (52)

URL IP Response Size

icsv.miningwithprinciples.com/

217.70.186.113

301 Moved Permanently

0 B

URL HTTP/1.1
icsv.miningwithprinciples.com/
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 22 Nov 2022 15:23:55 GMT
Server: Varnish
Location: https://icsv.miningwithprinciples.com/
Content-Length: 0
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7254
Expires: Tue, 22 Nov 2022 17:24:49 GMT
Date: Tue, 22 Nov 2022 15:23:55 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 989
Cache-Control: max-age=156229
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:55 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 10:47:44 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 15:09:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 872
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4392
Expires: Tue, 22 Nov 2022 16:37:07 GMT
Date: Tue, 22 Nov 2022 15:23:55 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: KLE+fwcVFL98TkfMGn6ZtRzuMcBWdcwwQFZvbSrHE4/C4NQ/f2WASdYl2WmeN55oNGUfxnDVk40=
x-amz-request-id: 97Z643DZTGXAK8Z5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 14:39:35 GMT
age: 2660
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 15:23:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/

217.70.186.113

200 OK

5.2 kB

URL HTTP/2
icsv.miningwithprinciples.com/
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (8047)
Size
5.2 kB (5155 bytes)
Hash
f1588b55015e57cd340fefa03d838544
888944ea1cb9401408a429a791db352d5f60b5ed
c99e95a7f0cf23ead66b9820eb344309840e087c63e4eeb9cd16bca33fa3feaf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:51 GMT
server: Apache
x-powered-by: PHP/7.4.25
link: <https://icsv.miningwithprinciples.com/wp-json/>; rel="https://api.w.org/", <https://icsv.miningwithprinciples.com/wp-json/wp/v2/pages/14912>; rel="alternate"; type="application/json", <https://icsv.miningwithprinciples.com/>; rel=shortlink
content-encoding: gzip
content-length: 5155
content-type: text/html; charset=UTF-8
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
vary: Accept-Encoding
x-cache-hits: 3
x-cache: HIT
accept-ranges: bytes
age: 4
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-content/themes/custom/style.css

217.70.186.113

200 OK

4.3 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-content/themes/custom/style.css
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
ASCII text
Size
4.3 kB (4326 bytes)
Hash
0f9c9900535789823c8e7c7d69f1646f
76adaa75b467557b41c3f3720dba566e31692cf0
ac29c9ca177544c0cdefef0c692e34ed2aa772418932d482f8baf5f1b9bc58dc

HTTP Headers

GET /wp-content/themes/custom/style.css HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Tue, 02 Jun 2020 01:13:35 GMT
etag: "535c-5a70f9edc6862-gzip"
content-encoding: gzip
content-length: 4326
content-type: text/css
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
vary: Accept-Encoding
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-content/themes/custom/images/ICMM_VL_C_RGB.svg

217.70.186.113

200 OK

3.0 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-content/themes/custom/images/ICMM_VL_C_RGB.svg
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.0 kB (2983 bytes)
Hash
5f11021997202cb833188b2e3c6c4e64
4e5706d7b08804ba5631cb97fd02aa72c994f2a7
8f0867267ec8bd30339c2934c26c20d0c7f10a80e895b8e0e797b7bd3d493ea1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/custom/images/ICMM_VL_C_RGB.svg HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Sat, 26 Oct 2019 22:09:36 GMT
etag: "298c-595d785a1623a-gzip"
content-encoding: gzip
content-length: 2983
content-type: image/svg+xml
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
vary: Accept-Encoding
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
42fedb1a86b94c6b3b99fa650fd664e4
d1b2afb56e53a525a0eaeb99aea6338df256db49
1b5d3eb1928da6304b8a8ee0084390c521ad5c35521054c3961dbe316b914aa1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:56 GMT
Last-Modified: Tue, 22 Nov 2022 14:15:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css

151.101.85.229

200 OK

1.1 kB

URL HTTP/2
cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
1.1 kB (1120 bytes)
Hash
68760c9babfe3ad5f6f4b3507194a236
f5308cff25f8bc5e02203de789f79724afe431ab
98b308dad1eb2fc50e7d452f451822f275b47ec8655c3c5b05cd8e32930fca52

HTTP Headers

GET /bxslider/4.2.12/jquery.bxslider.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"f5e-9CY+ZfG2D1tXr+G8dDrQnwbBEmY"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 15:23:56 GMT
age: 17996888
x-served-by: cache-fra19137-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1120
X-Firefox-Spdy: h2

cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js

151.101.85.229

200 OK

6.1 kB

URL HTTP/2
cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (23355)
Size
6.1 kB (6087 bytes)
Hash
ea49215a394c5aa64726c7127cfaa134
964ecff00146356766b1dc9f13daf36197a93a42
2fbea21c694de25a01d2a0151629a67ab5d04af5e9e9af12f3482d672629695f

HTTP Headers

GET /bxslider/4.2.12/jquery.bxslider.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5bf7-z6ox3Bc9Kcb0lQd4zMXLOxqRM5Y"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 15:23:56 GMT
age: 7505086
x-served-by: cache-fra19144-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6087
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
42fedb1a86b94c6b3b99fa650fd664e4
d1b2afb56e53a525a0eaeb99aea6338df256db49
1b5d3eb1928da6304b8a8ee0084390c521ad5c35521054c3961dbe316b914aa1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:56 GMT
Last-Modified: Tue, 22 Nov 2022 14:15:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

icsv.miningwithprinciples.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5

217.70.186.113

200 OK

11 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
ASCII text, with very long lines (39791)
Size
11 kB (11206 bytes)
Hash
68c55e0e26ede0ee6d29668c5e7ff18a
ea17cd26ac9dd53fdfb6b227d5737bc2714c4db5
ad7d949e15ee2ea92473b1fcdfa56cc6239de0aeceed78065aa3a060523c0e00

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.5 HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Tue, 17 May 2022 12:24:52 GMT
etag: "145db-5df343a40cc0e-gzip"
content-encoding: gzip
content-length: 11206
content-type: text/css
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
vary: Accept-Encoding
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
a1b8e286c4d61404ebce5801eb91a50d
c0fffe08168b93d55cbf39badec7eb019c351363
e665130a2a63cdf4faa689b652991327ae85a4e78009c026837980e5dbb82973

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 15:23:56 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EF72AFB6DDB5012FA43AB007F599A2C2B4F16072"
Expires: Wed, 23 Nov 2022 02:00:00 GMT
Last-Modified: Tue, 22 Nov 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2562
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e2ab4ccf7db4f7-OSL

ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32030)
Size
30 kB (30244 bytes)
Hash
04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2

HTTP Headers

GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 09:07:49 GMT
expires: Thu, 16 Nov 2023 09:07:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 540967
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-155229377-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-155229377-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43614 bytes)
Hash
9c027511e1a16c9cc7613861f3ebf4e4
027028cd781a7224ce1d57c4d4824ae4bc28ea36
b8806a3ce21f82465f53b6f8b6d1722a319ed0451dc4cce81085019566688e72

HTTP Headers

GET /gtag/js?id=UA-155229377-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 15:23:56 GMT
expires: Tue, 22 Nov 2022 15:23:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

7.3 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
7.3 kB (7255 bytes)
Hash
168971c455f6b60d83b32f20a02a29fe
a4224e5e2ccf3b3717b87ef9e37d7b6cd3c67f7a
7a188e82d712adf05a1e63ed6aea4fa865061e588227e6433f05894b831717af

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://icsv.miningwithprinciples.com
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 91bbf4bdc11fc7f5db148baf370fabcd
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e2ab4c9a720b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

21 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65369)
Size
21 kB (20807 bytes)
Hash
52c3057b864efd9b66e6fd5899cd2887
3d9f51db326d638792a94d7a71817f059f2e0b5d
5349cb7071268e52baf6d7261f1c8962c330f74fee8bf1dafb2b5a4f0e822887

HTTP Headers

GET /bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://icsv.miningwithprinciples.com
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 11/11/2022 02:15:05
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7b3cf337daf182bc9c368b3ce6d83e39
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e2ab4c9a6d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5

217.70.186.113

200 OK

4.9 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
ASCII text, with very long lines (15224)
Size
4.9 kB (4930 bytes)
Hash
3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Tue, 17 May 2022 12:24:49 GMT
etag: "4705-5df343a1e25eb-gzip"
content-encoding: gzip
content-length: 4930
content-type: application/javascript
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
vary: Accept-Encoding
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 15:11:10 GMT
cache-control: public,max-age=3600
age: 766
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-content/themes/custom/fonts/311AF8_3_0.woff2

217.70.186.113

200 OK

32 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-content/themes/custom/fonts/311AF8_3_0.woff2
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
Web Open Font Format (Version 2), TrueType, length 31592, version 7.-32506\012- data
Size
32 kB (31592 bytes)
Hash
e1abb07f2a2a8f875a6c07cc4762e097
35fbd1ff3ae51d3c844def4f093336d4dac1df32
f60f6b632dbb90b244cf2f0b2bcf78094c39e4cf43d029227a2671d83371fd22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/custom/fonts/311AF8_3_0.woff2 HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/wp-content/themes/custom/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Sat, 26 Oct 2019 22:09:35 GMT
etag: "7b68-595d7859e5ac8"
content-length: 31592
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-content/uploads/2019/11/bulldozer-clear-sky-construction-533224.jpg

217.70.186.113

200 OK

1.3 MB

URL HTTP/2
icsv.miningwithprinciples.com/wp-content/uploads/2019/11/bulldozer-clear-sky-construction-533224.jpg
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3888x2592, components 3\012- data
Size
1.3 MB (1267709 bytes)
Hash
7f33c433cdfc96d4e94f11be1e2c2bf5
e79fd6e67e17cd6e287931f00c3ba5fcc82f8221
41ced714d683a155fb3ee41a92a1a28c830bf681a26cb55317585f9cfeea1969

HTTP Headers

GET /wp-content/uploads/2019/11/bulldozer-clear-sky-construction-533224.jpg HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Thu, 21 Nov 2019 11:58:34 GMT
etag: "1357fd-597da044bd9e0"
content-length: 1267709
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-content/uploads/2019/11/water_RT_id1973_640x416.jpg

217.70.186.113

200 OK

286 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-content/uploads/2019/11/water_RT_id1973_640x416.jpg
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x416, components 3\012- data
Size
286 kB (285556 bytes)
Hash
85064842e5141b9565f9278684d9d7de
c4ee986e8ce9c98c5735b7c37b84aab41b2d90af
296fa098cd7239ce82f8e81832e1f902728fb71900a741533c811a7a1d020035

HTTP Headers

GET /wp-content/uploads/2019/11/water_RT_id1973_640x416.jpg HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Wed, 20 Nov 2019 23:55:01 GMT
etag: "45b74-597cfe8b021bc"
content-length: 285556
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6508
Cache-Control: max-age=156687
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 15:23:56 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:55:23 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 22 Nov 2022 14:41:08 GMT
expires: Tue, 22 Nov 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 2569
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-content/uploads/2019/11/24026332720_bf2ea2a46d_o.jpg

217.70.186.113

200 OK

3.7 MB

URL HTTP/2
icsv.miningwithprinciples.com/wp-content/uploads/2019/11/24026332720_bf2ea2a46d_o.jpg
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, manufacturer=Canon, model=Canon EOS 7D, xresolution=130, yresolution=138, resolutionunit=2, software=Adobe Photoshop Camera Raw 7.0 (Macintosh), datetime=2015:09:14 16:42:44], baseline, precision 8, 5184x3456, components 3\012- data
Size
3.7 MB (3740911 bytes)
Hash
4aa0c54b682fda314286844cd7334e52
b65edf74ae70e900c2d60c2b27bbf67812150616
c5251170ceb33519000508fe08571f8df31d5fbdc1700f2edba338fd69dd8833

HTTP Headers

GET /wp-content/uploads/2019/11/24026332720_bf2ea2a46d_o.jpg HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
last-modified: Thu, 21 Nov 2019 11:50:22 GMT
etag: "3914ef-597d9e6f98ae4"
content-length: 3740911
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/favicon.ico

217.70.186.113

302 Found

0 B

URL HTTP/2
icsv.miningwithprinciples.com/favicon.ico
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Tue, 22 Nov 2022 15:23:56 GMT
server: Apache
x-powered-by: PHP/7.4.25
link: <https://icsv.miningwithprinciples.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://icsv.miningwithprinciples.com/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache-hits: 0
x-cache: MISS
age: 0
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qOzpwAgYarZ7rS5KXi7F/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5IVPSef1x3wbAHGywTywT3dZFGw=

vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

143.204.55.101

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP
143.204.55.101:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079

HTTP Headers

GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KMtRLBMRKQBHIknh86TGmSazFqVrrzzW0gaIzUsT3BGc6NRtmQH07w==
age: 1566111
X-Firefox-Spdy: h2

script.hotjar.com/modules.55241fd65a1af5a1837b.js

143.204.55.68

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.55241fd65a1af5a1837b.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
69 kB (68617 bytes)
Hash
5f82b1a8e62b6a241154cb066c4d1ad8
942982f722f180cb3eac787f0f5edb1f3927696a
36a9999c741ee16ea1337a713b13a62f7e368a437ebe9581c487d42b7c7fe50b

HTTP Headers

GET /modules.55241fd65a1af5a1837b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68617
date: Thu, 17 Nov 2022 11:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9gfMhULIU_ceC5WQerXtLK1rV7Tge5xsgfnPZkVOFUdW9aUKgVJyfw==
age: 447471
X-Firefox-Spdy: h2

icsv.miningwithprinciples.com/wp-includes/images/w-logo-blue-white-bg.png

217.70.186.113

200 OK

4.1 kB

URL HTTP/2
icsv.miningwithprinciples.com/wp-includes/images/w-logo-blue-white-bg.png
IP
217.70.186.113:0
ASN
#29169 GANDI SAS

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: icsv.miningwithprinciples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://icsv.miningwithprinciples.com/
Connection: keep-alive
Cookie: _ga=GA1.2.324661533.1669130637; _gid=GA1.2.269690737.1669130637; _gat_gtag_UA_155229377_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:57 GMT
server: Apache
last-modified: Tue, 17 May 2022 12:24:48 GMT
etag: "1017-5df343a0e31aa"
content-length: 4119
content-type: image/png
via: 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
x-cache-hits: 0
x-cache: MISS
accept-ranges: bytes
age: 0
X-Firefox-Spdy: h2

vc.hotjar.io/sessions/1831193?s=0.25&r=0.05627801969595225

54.230.111.91

204 No Content

0 B

URL HTTP/2
vc.hotjar.io/sessions/1831193?s=0.25&r=0.05627801969595225
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sessions/1831193?s=0.25&r=0.05627801969595225 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://icsv.miningwithprinciples.com
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 22 Nov 2022 15:23:57 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JORJDzWhoF1dotZuuCVq8ThLezYuki-YgXdS1qPPg3NZAoTvvQJSxA==
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8f8dec112501459d9c055745389b3e97
d02d3e7a0c6d48a463c9fe280eca1e4ec07b61de
eae703ac8ba04d7da656f5d1ec8ca0b1746e16510fb9323c887a920b753d4bdf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92066
Date: Tue, 22 Nov 2022 15:23:57 GMT
Etag: "637b9860-1d7"
Expires: Wed, 23 Nov 2022 16:58:23 GMT
Last-Modified: Mon, 21 Nov 2022 15:25:20 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J5BfFUtTNfs5FbORAxW3tpa2NbTaXtBnwVnoA-LbMjZGvCHFTK32_A==
Age: 5583

ws38.hotjar.com/api/v2/client/ws

108.128.36.21

101 Switching Protocols

0 B

URL HTTP/1.1
ws38.hotjar.com/api/v2/client/ws
IP
108.128.36.21:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v2/client/ws HTTP/1.1
Host: ws38.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://icsv.miningwithprinciples.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jtgNGXOP8gy+9a6Zoyw+vA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 22 Nov 2022 15:23:57 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WVu5hdGEvVI9DvFD4bT42BMIpxY=
Sec-WebSocket-Extensions: permessage-deflate

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:23:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:23:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:23:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:23:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 15:23:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7589 bytes)
Hash
06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 15:03:51 GMT
age: 1207
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4639 bytes)
Hash
dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmrDryUp_4bvIikGkppa36e9isEfvK0gjunV6xmU5ApJtxlLR_GYkA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:18 GMT
age: 62320
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7751 bytes)
Hash
472ceca597feefba355fbd65998977b7
f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a
e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QB2RJo7NR7FMDRC7fC9eLMW99KR7andopIeu4qi0yp_tihE0vtpkXw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 04:49:03 GMT
age: 38095
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6031 bytes)
Hash
4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VabInML1mfcQLIp29OWRNsixwfSWt0Wv9l7I-Ak7TdUHlNt2ZEVtPg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 15:21:36 GMT
age: 142
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10556 bytes)
Hash
0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sBNLrVAl4G6pJ-OBZ6aJZC64MrkkGQdsuZKITQwcqgYgP6-GJiblfA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:20 GMT
age: 62678
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8685 bytes)
Hash
2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:58:29 GMT
age: 62729
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1831193.js?sv=6

143.204.55.84

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1831193.js?sv=6
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1831193.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 15:23:57 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/53c538ad151857f17288cc0e2853b2da
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ayVTPirw7wkPy492PXaGI2GYxPyk1kIPWUxJ5ouHtATtH23IJjbqKg==
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/1831193/visit-data?sv=6

54.78.147.197

200 OK

0 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/1831193/visit-data?sv=6
IP
54.78.147.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/client/sites/1831193/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://icsv.miningwithprinciples.com
Connection: keep-alive
Referer: https://icsv.miningwithprinciples.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 22 Nov 2022 15:23:57 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations