iccuauth-pay.com/a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true
176.123.0.55301 Moved Permanently 285 B URL HTTP/1.1 iccuauth-pay.com/a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true
IP 176.123.0.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 921a206fdf2d601c51e4a17e3782f24b
6084d4584cb98a1a1164d9998d6eb60a73d21833
c9d2f9e5970dfe72d3fbf61924e692df5578c5525c4097269dc5131fbce56a62
Analyzer Verdict Alert quad9 Sinkholed
GET /a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true HTTP/1.1
Host: iccuauth-pay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 01:38:20 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 285
Connection: keep-alive
Location: https://iccuauth-pay.com/a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: BYPASS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12350
Expires: Fri, 02 Dec 2022 05:04:11 GMT
Date: Fri, 02 Dec 2022 01:38:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4571
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:21 GMT
Last-Modified: Fri, 02 Dec 2022 00:22:10 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10234
Expires: Fri, 02 Dec 2022 04:28:55 GMT
Date: Fri, 02 Dec 2022 01:38:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1111
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LHU10CsI3IXz5wD3uvZuxmjUFT2U4C3hOcISn1PkBAbyO74whSdZPPyi50BPILSTAcC6Kw3Bi68=
x-amz-request-id: KJPBNJFTN54KE2DP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 00:46:30 GMT
age: 3111
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:38:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f843568cca393be5526d44f95467c482
a725cccf7b4d9ad40d795da4a8b8dc77fb80f9d4
4e45d5182657bfc2669414b1fa116376f3feb9e5e6c2a7f04a455c82215aa5e2
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 01:38:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 01:35:43 GMT
Expires: Thu, 08 Dec 2022 01:35:42 GMT
Etag: "a725cccf7b4d9ad40d795da4a8b8dc77fb80f9d4"
Cache-Control: max-age=517639,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773057b7ac0ffab4-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 01:11:15 GMT
cache-control: public,max-age=3600
age: 1627
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab8df2c6b2eae7d4eb1015cbe70effac
84f9ab922f7ddcaba214a49d4b816f1177239e4a
5124d3c2a1ca1f2e631ddaab0a84b9e3cc4ddfafe13a62e664c01d988468f78b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5124D3C2A1CA1F2E631DDAAB0A84B9E3CC4DDFAFE13A62E664C01D988468F78B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3213
Expires: Fri, 02 Dec 2022 02:31:55 GMT
Date: Fri, 02 Dec 2022 01:38:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4578
Cache-Control: max-age=117885
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:22 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:23:07 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1rwvi1vJcje6k6fr6Wmraw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G/xcGVLITm2EVNpX1kaFhUIlyCk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f23611cef68fffefe2eaf43fa21d6e9
e68aedb6bed551b128f77b980e8109fc67bdce7a
7477182cea0f82792a62252219d86d7d072c609f924e99260a2a755f8a9281b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7477182CEA0F82792A62252219D86D7D072C609F924E99260A2A755F8A9281B2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Fri, 02 Dec 2022 07:37:40 GMT
Date: Fri, 02 Dec 2022 01:38:23 GMT
Connection: keep-alive
iccu.com/
52.88.3.188301 Moved Permanently 162 B IP 52.88.3.188:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 01:38:23 GMT
content-type: text/html
content-length: 162
location: https://www.iccu.com/
server: Pagely-ARES/1.10.15
x-gateway-request-id: c06d8cfd06c1a8fa2635b4c68d5e4836
strict-transport-security: max-age=31536000; includeSubDomains
x-gateway-cache-key: 1669835831.674|standard|https|iccu.com|||/
x-gateway-skip-cache: 1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ea87db59dce85a59e0cb6456fb593e7
d2d4307d2c444a2c14a280995b185f2d6d96539b
bea3c2ac6b37c6d3ebc7e5c4825d3f6c32dd4ef82c526ff6277cbcc4f8048f91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3952
Cache-Control: max-age=89216
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:23 GMT
Etag: "6388011f-1d7"
Expires: Sat, 03 Dec 2022 02:25:19 GMT
Last-Modified: Thu, 01 Dec 2022 01:19:27 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6211e664cd9d2f5059657e67736d166d
f52950a1ae994a97474fb1c180c35dbbf09fe065
55a7038ab6c8c2f54bfd4d4fc4c8ff6d40a9eb63a97618b129de0ff282679cf9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85962
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:23 GMT
Etag: "638803d9-1d7"
Expires: Sat, 03 Dec 2022 01:31:05 GMT
Last-Modified: Thu, 01 Dec 2022 01:31:05 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19286
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:38:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19286
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:38:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19286
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:38:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19286
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:38:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19286
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:38:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 13707
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 13610
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 65894
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 13772
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 13695
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 12525
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.iccu.com/
52.88.3.188200 OK 15 kB IP 52.88.3.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash e4f2b34b1c75c9b13e682d9086b8c5e2
60ef899e3d1a3fe8a1964aea5593de6a3bb4ab13
3b3473de0a96d56f9ac182d48ff2e32456c9e5ab14338b89123c1a209788caf6
GET / HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/html; charset=UTF-8
content-length: 15139
server: Pagely-ARES/1.10.15
x-gateway-request-id: 435a0ec80500499da05870b46c359647
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pingback: https://www.iccu.com/xmlrpc.php
permissions-policy: geolocation=(self "https://maps.google.com"), encrypted-media=(self "https://*.brightcove.com")
referrer-policy: no-referrer-when-downgrade
link: <https://www.iccu.com/wp-json/>; rel="https://api.w.org/", <https://www.iccu.com/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json", <https://www.iccu.com/>; rel=shortlink
set-cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; path=/
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669913902.242|standard|https|www.iccu.com|||/
x-gateway-cache-status: MISS
x-gateway-skip-cache: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M9ND4W
142.250.74.168200 OK 96 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M9ND4W
IP 142.250.74.168:0
File type ASCII text, with very long lines (43685)
Hash a7ce99d6eb01912131a42792151e7ed8
6b875509cac90e47127557d5da7db8a4a4b6cf95
4ac579006d18388da2c03a03110fdc2a87cbce278480111538d58221ea99189a
GET /gtm.js?id=GTM-M9ND4W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 01:38:25 GMT
expires: Fri, 02 Dec 2022 01:38:25 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.google.com/maps/api/js?key=AIzaSyABExOv-r9mP-Y-ARK9pWG4lpZahWKHc8M
142.250.74.46200 OK 54 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyABExOv-r9mP-Y-ARK9pWG4lpZahWKHc8M
IP 142.250.74.46:0
File type ASCII text, with very long lines (2381)
Hash c3c0991b8eeecd67b4cc79ca04ee60f8
c0f1a5d0170cea207240f6e852d9b8876aa78c9e
d9fb4c53661325b7c24abed12f0cca658073035ccb76ff6535eefbd61088f194
GET /maps/api/js?key=AIzaSyABExOv-r9mP-Y-ARK9pWG4lpZahWKHc8M HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 01:38:25 GMT
expires: Fri, 02 Dec 2022 02:08:25 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53533
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.iccu.com/lib/css/classic-themes.min.css
52.88.3.188200 OK 189 B URL HTTP/2 www.iccu.com/lib/css/classic-themes.min.css
IP 52.88.3.188:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /lib/css/classic-themes.min.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 189
server: Pagely-ARES/1.10.15
x-gateway-request-id: 7f8e8dd5718d9aff7b58a123aaa67836
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "d9-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/css/classic-themes.min.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/modules/column-shortcodes//assets/css/shortcodes.css
52.88.3.188301 Moved Permanently 162 B URL HTTP/2 www.iccu.com/modules/column-shortcodes//assets/css/shortcodes.css
IP 52.88.3.188:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /modules/column-shortcodes//assets/css/shortcodes.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/html
content-length: 162
server: Pagely-ARES/1.10.15
x-gateway-request-id: 0a615804d7bee06923ceca0230e49908
location: /modules/column-shortcodes/assets/css/shortcodes.css
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/modules/column-shortcodes//assets/css/shortcodes.css
x-gateway-skip-cache: 1
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/icomoon.css
52.88.3.188200 OK 747 B URL HTTP/2 www.iccu.com/template/library/css/icomoon.css
IP 52.88.3.188:0
File type ASCII text, with very long lines (2562), with no line terminators
Hash e3e7094ccb9c273019e356f69ac05f2e
5f9810f3ebbbf73ff5f67c40be4cbd0c38929e4f
24ec1ac810e095b842dee829e01374cfe455bee90adb3a280eb3e501448ce1d4
GET /template/library/css/icomoon.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 747
server: Pagely-ARES/1.10.15
x-gateway-request-id: f850738c7074eebcf95c493e3c1dd738
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "a02-5cd37a02a01a1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/icomoon.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/style.css?ver1_0_2
52.88.3.188200 OK 8.3 kB URL HTTP/2 www.iccu.com/template/library/css/style.css?ver1_0_2
IP 52.88.3.188:0
File type ASCII text, with very long lines (29760)
Hash cba77c25d3e8c23c776784534ef42bce
f3d18ecec2857a9fe63baa5c7be106f65684aac1
4117e1d60e29886aab490eb34021da11f6858aebf8291433dc689439f3199472
GET /template/library/css/style.css?ver1_0_2 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 8314
server: Pagely-ARES/1.10.15
x-gateway-request-id: 40f2786b260dccea3529d2600f4c5ac8
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "7474-5cd37a02a01a1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/style.css?ver1_0_2
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/jquery.bxslider.css
52.88.3.188200 OK 811 B URL HTTP/2 www.iccu.com/template/library/css/jquery.bxslider.css
IP 52.88.3.188:0
File type ASCII text, with very long lines (2879), with no line terminators
Hash ca16461f4888b08bf4da689ec7704bd8
e19ec1dcb695797fe8167ad5684ca6d3cd72bfcf
c15ca83818c346b148ac7afd1def026806de8746f0f2b40b0d193398241d2910
GET /template/library/css/jquery.bxslider.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 811
server: Pagely-ARES/1.10.15
x-gateway-request-id: c33cd4b9fc5a0f6310a7f672d47e514d
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "b3f-5cd37a02a01a1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/jquery.bxslider.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 11c8fd5d009735c13870defc5ac113d4
33b3acf11ebe2a775827dc7d455e6e8f537cfeeb
420021bc0a960ed0577edc901eec86596e3042c9c9d6b6295cc152ad971e7246
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103039
Date: Fri, 02 Dec 2022 01:38:25 GMT
Etag: "63882f7e-1d7"
Expires: Sat, 03 Dec 2022 06:15:44 GMT
Last-Modified: Thu, 01 Dec 2022 04:37:18 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mqy-iwXWWZXnDAy8gRWqWNkW-3CIpgfRKro6I4IMX_Mn5RVrP6MFRg==
Age: 5906
www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
52.88.3.188200 OK 10 kB URL HTTP/2 www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
IP 52.88.3.188:0
File type ASCII text, with very long lines (327)
Hash 94db68ae02c56675d470e23e480fe336
1c018bb2fd01c53679e594d4ecfbc186f346d5ef
6338d7a04cc6cd27e9b4110d86b0c2b6c7cfc070274dcad98efa307d84d22c60
GET /template/library/css/redolive.css?v=2022.4.12.1246 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 10107
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2ed4c2e3d98761e2c7588f5e4fd153a5
last-modified: Tue, 12 Apr 2022 20:50:57 GMT
etag: "c8e7-5dc7b37be5275-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/redolive.css?v=2022.4.12.1246
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.css
52.88.3.188200 OK 1.4 kB URL HTTP/2 www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.css
IP 52.88.3.188:0
Hash c95bca9e0590cf1c2c2c1a5fae0cab66
198825529be8572c83e06d190906ea4a0c0aac21
0fd756899c22f1cb3d83d32627c2b0bcf54212479d8c166a81881b6e39dec75d
GET /template/library/js/libs/fancybox/jquery.fancybox.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 1423
server: Pagely-ARES/1.10.15
x-gateway-request-id: 28ca9216edbc18ce5a25f044705dfe04
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "131f-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/fancybox/jquery.fancybox.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/lib/js/jquery/jquery-migrate.min.js
52.88.3.188200 OK 4.2 kB URL HTTP/2 www.iccu.com/lib/js/jquery/jquery-migrate.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /lib/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 4169
server: Pagely-ARES/1.10.15
x-gateway-request-id: a35bea85d0d3b1246d95b608dea12abe
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "2bd8-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/js/jquery/jquery-migrate.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/modernizr.custom.min.js
52.88.3.188200 OK 6.2 kB URL HTTP/2 www.iccu.com/template/library/js/libs/modernizr.custom.min.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (14558)
Hash 20f3300b8d897519834c9b3ab7eb3672
4f7f3f6fce25d7aceb1d59fedd4f8c34880dfeb5
fa6245f7c4bf9b54001e291567b9fdd7dc4e62e4e88acbfa5853b11289fa9f9d
GET /template/library/js/libs/modernizr.custom.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 6221
server: Pagely-ARES/1.10.15
x-gateway-request-id: 29bce6245122081f88e10267808e7606
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "3b16-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/modernizr.custom.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/jquery.fittext.js
52.88.3.188200 OK 1.2 kB URL HTTP/2 www.iccu.com/template/library/js/jquery.fittext.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (2196), with no line terminators
Hash 686f2646cb2125ded76f2ef7e2445605
84c646ed032b19b87e4a8bc90d6d35ab93c33409
b9ad8028b8f2b959114ba955daf0b10db1298f1452e8e38c8af7a0fdee6bce0c
GET /template/library/js/jquery.fittext.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 1160
server: Pagely-ARES/1.10.15
x-gateway-request-id: e81b9e60454359b36f375d46cb08d7bb
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "894-5cd37a02accc1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/jquery.fittext.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/scripts.js?v=2022.10.28.1614
52.88.3.188200 OK 4.0 kB URL HTTP/2 www.iccu.com/template/library/js/scripts.js?v=2022.10.28.1614
IP 52.88.3.188:0
File type ASCII text, with very long lines (380)
Hash 1c6cb1276182a249f513883c09acc1be
748b019c0f95cc3a0be49330a5b106df85b58e03
eae4d9afdd0e3e0b2b21d0fcb067578b5d269d0db64524becfed6fa1df659c38
GET /template/library/js/scripts.js?v=2022.10.28.1614 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 3965
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2d3fff9ca40fa4f25d6e9ea966dafda9
last-modified: Wed, 12 Oct 2022 17:41:07 GMT
etag: "3636-5ead9e5c19469-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/scripts.js?v=2022.10.28.1614
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iccu.com/inc/themes/ro-iccu/library/images/green-section-overlay.png
143.204.55.116200 OK 20 kB URL HTTP/2 cdn.iccu.com/inc/themes/ro-iccu/library/images/green-section-overlay.png
IP 143.204.55.116:0
File type PNG image data, 615 x 237, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d79826090d5d93e4f7c7491e1d707d3
4b474ad04bc09d2e126a2f1b28b540ec73c0aeeb
2baab3fdf9a17de4b9c624505d7afc44efc72db4c9ba881b8e1377a3a3ac6b19
GET /inc/themes/ro-iccu/library/images/green-section-overlay.png HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20155
date: Wed, 30 Nov 2022 19:19:37 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: b3f1304bc3623ae48d3ace987bb5136f
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "4ebb-5cd37a02a9de1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/themes/ro-iccu/library/images/green-section-overlay.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: idNGAUOh0rr-azHYCX2wo2ly96aJFbUAocZE3RsLSGgX18rot5Y8ug==
age: 109128
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/3gj_OJ2r91s
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/3gj_OJ2r91s
IP 142.250.74.131:0
Hash 224d98b12a0f9a8c8bf746b5ce3142ae
17893eb3b8a3a358f31a67186faea0a4d29e6dc7
8d1e640e99e3f90847534de55b34dc33231f9d03958071f2ef4df315c47fead8
POST /s/gts1d4/3gj_OJ2r91s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.iccu.com/template/library/js/jquery.bxslider.min.js
52.88.3.188200 OK 5.2 kB URL HTTP/2 www.iccu.com/template/library/js/jquery.bxslider.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (19040)
Hash f3bb76407c4ed0999771c696cee77648
c2bddad0ff58bbd5eb917a5fc828fd5b829444c0
d305f8cedacf0afc7c21b85b8c1d31060c9daa99997aef4bd05883f1230a17c0
GET /template/library/js/jquery.bxslider.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 5162
server: Pagely-ARES/1.10.15
x-gateway-request-id: b339d897990dd10dc04e82d12cbe71be
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "4b9f-5cd37a02accc1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/jquery.bxslider.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.js
52.88.3.188200 OK 14 kB URL HTTP/2 www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.js
IP 52.88.3.188:0
Hash 711e2ae0ba4411cc4bb74bd9b04807f0
b33f3c310875a4854605c4069742ef4da52e1251
9c8d84c1d9442efa552a20abc517f5b6b66ce92e7edcc66f93b3c8de0474bb31
GET /template/library/js/libs/fancybox/jquery.fancybox.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 13922
server: Pagely-ARES/1.10.15
x-gateway-request-id: aed1cc889bd0f262f0aa4d88adca03ea
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "be42-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/fancybox/jquery.fancybox.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/iccu-logo.png
52.88.3.188200 OK 7.8 kB URL HTTP/2 www.iccu.com/template/library/images/iccu-logo.png
IP 52.88.3.188:0
File type PNG image data, 190 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash be75cbac6644f4e1ef319a28b0f9f1d6
5ce2570715da934919333d4883e09c8037f6c418
277d5b050c33065d5a7cdb4d4198b57fdaa351eec68bb519db0d769296f79849
GET /template/library/images/iccu-logo.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: image/png
content-length: 7785
server: Pagely-ARES/1.10.15
x-gateway-request-id: f7c8bf64a121385dacee627d645f4a92
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "1e69-5cd37a02abd21"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/iccu-logo.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
52.88.3.188200 OK 541 B URL HTTP/2 www.iccu.com/modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (1021)
Hash 9ba2f383ea1a378a83af00a4337cbcc6
a10de9935b0ff0277d762bb8a0629fc828726bcd
f76bb0c386ae1d0ff3821e00787611655393c99631c66bc06d4d8d9405fd761f
GET /modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 541
server: Pagely-ARES/1.10.15
x-gateway-request-id: 3244083808c501c1db3de98d67a832a2
last-modified: Sat, 12 Mar 2022 23:17:49 GMT
etag: "636-5da0da7e7ee01-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/gmaps.min.js
52.88.3.188200 OK 8.9 kB URL HTTP/2 www.iccu.com/template/library/js/libs/gmaps.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (31160), with no line terminators
Hash a4c617df82eb36cc9efcb7dd9eace22a
1e9aa8fd7c63e37b4a558a4de3d8d378741eaac9
8308472eb0f1d53b41028b10ae34a2e466d287882020839f915e0798bc36520f
GET /template/library/js/libs/gmaps.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 8917
server: Pagely-ARES/1.10.15
x-gateway-request-id: 97d9be139870915f429dc0370499a64a
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "79b8-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/gmaps.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/branches.js
52.88.3.188200 OK 0 B URL HTTP/2 www.iccu.com/template/library/js/branches.js
IP 52.88.3.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/library/js/branches.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 0
server: Pagely-ARES/1.10.15
x-gateway-request-id: da8b9859b4cd69f3c05e2533e1d186dd
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "0-5cd37a02accc1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/branches.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/lib/js/jquery/jquery.form.min.js
52.88.3.188200 OK 6.0 kB URL HTTP/2 www.iccu.com/lib/js/jquery/jquery.form.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (15977), with no line terminators
Hash 7aeeb733430179288e8fc8c304eb76dd
4c5767819308499db85ab40d64c1f06dadd007a8
dd5150b0eb0b9d8f0969f3e47a4c17edcdd613862456c2b4575910e038ff22f5
GET /lib/js/jquery/jquery.form.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 5958
server: Pagely-ARES/1.10.15
x-gateway-request-id: 6400f23c460c20005ddbef3b22ff7f20
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "3e69-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/js/jquery/jquery.form.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 11c8fd5d009735c13870defc5ac113d4
33b3acf11ebe2a775827dc7d455e6e8f537cfeeb
420021bc0a960ed0577edc901eec86596e3042c9c9d6b6295cc152ad971e7246
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 01:38:25 GMT
Etag: "63882f7e-1d7"
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WfxhO5JYhUEd18XYHVGakd1PEDBiELINPh2rK7M86kveyhwnm8GN9A==
www.iccu.com/template/library/js/login.js
52.88.3.188200 OK 472 B URL HTTP/2 www.iccu.com/template/library/js/login.js
IP 52.88.3.188:0
Hash 9b8611198e96f5fe45ea4141cf74e4a6
abc8a4d37a109727fe6acafbe843fcd8ea358072
92d1723bab81567ae2b86a16ad9a8051577ecf7e1742401c8be69c873968e333
GET /template/library/js/login.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 472
server: Pagely-ARES/1.10.15
x-gateway-request-id: 9afa769f0b3ae25c30cadcd353632a8c
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "41e-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/login.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/html5shiv.js
52.88.3.188200 OK 1.2 kB URL HTTP/2 www.iccu.com/template/library/js/html5shiv.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (645)
Hash 028192673bfb699f9b0b9adf25f022b7
b8e3276bf7ad1649798595d22b47866259f2b8fe
97cdab837957cde45a7b1f2f30f6926350c2ba423cd35e1a1d20299a149d0f12
GET /template/library/js/html5shiv.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 1248
server: Pagely-ARES/1.10.15
x-gateway-request-id: 3b41393a511ffd4fe52e26048fd68767
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "97c-5cd37a02accc1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/html5shiv.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/respond.min.js
52.88.3.188200 OK 2.2 kB URL HTTP/2 www.iccu.com/template/library/js/respond.min.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (4204)
Hash eccf4ce2ff9ef9387cbd68c16098da2c
b1d0936582b0477ce15e3aa9d35b308d191cdf9d
32859d2277095945e7584fdbd93b94417675462a4259d2ab65ca36fcafbb99f2
GET /template/library/js/respond.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 2151
server: Pagely-ARES/1.10.15
x-gateway-request-id: 89b626105bebfcf2d1829d3f427165f4
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "1119-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/respond.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/modules/column-shortcodes/assets/css/shortcodes.css
52.88.3.188200 OK 694 B URL HTTP/2 www.iccu.com/modules/column-shortcodes/assets/css/shortcodes.css
IP 52.88.3.188:0
File type ASCII text, with CRLF line terminators
Hash 8bcd953dec4e1a00c06f422bf7c092e7
a3dae6ce7633a8144569a8aa6c98d77e9f404d44
c3b8402cec0d8e9306078e352e66e9ff7ea2e895d12f6cc9a8101ad2e4cd9769
GET /modules/column-shortcodes/assets/css/shortcodes.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: text/css
content-length: 694
server: Pagely-ARES/1.10.15
x-gateway-request-id: b0dd8299f1161ef387293c65708dbbc1
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "c71-5cd37a0252f3f-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/modules/column-shortcodes/assets/css/shortcodes.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iccu.com/inc/env.js?v=2022.10.28.1614
143.204.55.116200 OK 194 B URL HTTP/2 cdn.iccu.com/inc/env.js?v=2022.10.28.1614
IP 143.204.55.116:0
Hash 90ccacfe7eaa1fecd1109f4560a668ba
69952f529ba894ee425a5d03624f6a575965b1e9
559d16f1cf16a250cf0719e4ce987558313e316bbec5830cfdaac8e87f66978f
GET /inc/env.js?v=2022.10.28.1614 HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 194
date: Fri, 02 Dec 2022 01:38:26 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: 8fad514db001d97f4581b9eb27d02179
last-modified: Fri, 28 Oct 2022 21:54:40 GMT
etag: "131-5ec1f4dfdd898-gzip"
content-encoding: gzip
expires: Sat, 31 Dec 2022 10:40:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/env.js?v=2022.10.28.1614
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HAtOpZEb5j9SAIyzLsQqCWu9Mg2q1RlIfOyBdHrXxSimbQIONWebLA==
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-37JPF553KD>m=2oebu0&_p=1914017770&_gaz=1&cid=1949642682.1669945104&ul=en-us&sr=1280x1024&_s=1&sid=1669945104&sct=1&seg=0&dl=https%3A%2F%2Fwww.iccu.com%2F&dt=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-37JPF553KD>m=2oebu0&_p=1914017770&_gaz=1&cid=1949642682.1669945104&ul=en-us&sr=1280x1024&_s=1&sid=1669945104&sct=1&seg=0&dl=https%3A%2F%2Fwww.iccu.com%2F&dt=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37JPF553KD>m=2oebu0&_p=1914017770&_gaz=1&cid=1949642682.1669945104&ul=en-us&sr=1280x1024&_s=1&sid=1669945104&sct=1&seg=0&dl=https%3A%2F%2Fwww.iccu.com%2F&dt=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.iccu.com
date: Fri, 02 Dec 2022 01:38:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jelly.mdhv.io/v1/star.gif?pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&evt=hi>mcb=1877419018
216.239.34.21307 Temporary Redirect 194 B URL HTTP/2 jelly.mdhv.io/v1/star.gif?pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&evt=hi>mcb=1877419018
IP 216.239.34.21:0
File type HTML document, ASCII text
Hash d07b64d88e57c8d36e0383fcc94af40d
1475cf7ce9d1d6da433fb8a96e1f2a12482ec9f1
a693f0d5c758e0559a2ea788a9be922f29516d5b54214d2423f29f703641d67d
GET /v1/star.gif?pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&evt=hi>mcb=1877419018 HTTP/1.1
Host: jelly.mdhv.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=utf-8
location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi>mcb=1877419018&pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&tx=1ab70d02-c0e3-4ae7-8176-ceed6df2a0dd
x-cloud-trace-context: efd1845071d8b23ef18682e6fd4859b4
date: Fri, 02 Dec 2022 01:38:26 GMT
server: Google Frontend
content-length: 194
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.iccu.com/lib/js/jquery/jquery.min.js
52.88.3.188200 OK 0 B URL HTTP/2 www.iccu.com/lib/js/jquery/jquery.min.js
IP 52.88.3.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lib/js/jquery/jquery.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:25 GMT
content-type: application/javascript
content-length: 30995
server: Pagely-ARES/1.10.15
x-gateway-request-id: b833583e4ad7bf211be134cbb9343249
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "15e54-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/js/jquery/jquery.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.iccu.com/template/library/fonts/PN-Regular.woff
52.88.3.188200 OK 57 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Regular.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 57260, version 2.3\012- data
Hash 40a7c5c7e81cedde9cc68d5a26d72552
7d0468c2607f929e3edbcf5e77ed0400b8ca221e
1d54edce75dd642fa65d1d2abf50bdb753117da33b274bba116a626b5839d9c8
GET /template/library/fonts/PN-Regular.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: font/woff
content-length: 57260
server: Pagely-ARES/1.10.15
x-gateway-request-id: fe7651b72ea965b25bbf4d2aa171bb56
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "dfac-5cd37a02a4021"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Regular.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/smallGreenHump.png
52.88.3.188200 OK 693 B URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/smallGreenHump.png
IP 52.88.3.188:0
File type PNG image data, 123 x 26, 8-bit colormap, non-interlaced\012- data
Hash 0a16125594770ba6c98517e8c10cfaa2
fd6d49da706c4af6a0baf6a5c42bd3d5612632b5
9cad4e384c0705fee89906b6f469b12b8f3f8eee558eaf3a914be26556e8d975
GET /wp-content/uploads/2018/04/smallGreenHump.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: image/png
content-length: 693
server: Pagely-ARES/1.10.15
x-gateway-request-id: 5a0a2847514614e4b9a81615072313d0
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "2b5-5cd37a0412389"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/smallGreenHump.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/whiteHump.png
52.88.3.188200 OK 928 B URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/whiteHump.png
IP 52.88.3.188:0
File type PNG image data, 198 x 47, 8-bit colormap, non-interlaced\012- data
Hash 1bb6d4e0f2b639acc42990b53936ef88
53a7c005a77a79e005d1d77d26f262810a6c8f01
963b3ce0f3b28e70452e781c268740099a3a5f1f15373bd44e2ea3b165bb25aa
GET /wp-content/uploads/2018/04/whiteHump.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: image/png
content-length: 928
server: Pagely-ARES/1.10.15
x-gateway-request-id: 5d04c25b87da8092874c09b0a473f625
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "3a0-5cd37a0412389"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/whiteHump.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/greenHump.png
52.88.3.188200 OK 875 B URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/greenHump.png
IP 52.88.3.188:0
File type PNG image data, 198 x 47, 8-bit colormap, non-interlaced\012- data
Hash d273c8f38498e78e39cecdc266f088f4
49f4889a33182d04b5585b59790fe0a2e7cdafcc
5f8b15bcd22a660dd9b43abcceac5a884f40c1b105ec67eeed99053647a2a3eb
GET /wp-content/uploads/2018/04/greenHump.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: image/png
content-length: 875
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2105cc89db017920a23a3c16b56f4b1f
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "36b-5cd37a04113e9"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/greenHump.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Fri, 02 Dec 2022 01:38:27 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sat, 03 Dec 2022 01:15:27 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HKwPdRSC7REXpzjl8FY-QvP3Uj-FayrdJP9jwqMfa4E-pw0NFgJe_w==
X-Firefox-Spdy: h2
cdn.evgnet.com/beacon/idahoccu/idahoccu/scripts/evergage.min.js
151.101.128.114200 OK 46 kB URL HTTP/2 cdn.evgnet.com/beacon/idahoccu/idahoccu/scripts/evergage.min.js
IP 151.101.128.114:0
File type ASCII text, with very long lines (594)
Hash e243e8ec57e1aa473dc8b94efcd22d21
64cf8734f133cff8ad9f36a28479f3621647b9af
489ace076435a44f46011c23b9d57e193dfd72733d3a18621f358348dab593c0
GET /beacon/idahoccu/idahoccu/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0Wfe2+9DCF07FpZ9JZcbf4WzK/xKdAsGAcRk4UWspOdPvTvLJyy9xSKHFaqGUqzgeOIJdjOROf8=
x-amz-request-id: 49ZQ2TCSRNHRE5QN
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Nov 2022 16:53:47 GMT
etag: "e243e8ec57e1aa473dc8b94efcd22d21"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 16
x-amz-meta-evergage-sum: 3e4eb9a21d26e3905cc09524ae1e62d53ef76672
x-amz-version-id: LCBHMnGE4xwQiSfAyUdMvNIazNvwfJuD
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Dec 2022 01:38:27 GMT
age: 99
x-served-by: cache-iad-kjyo7100059-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1669945107.984753,VS0,VE94
vary: Accept-Encoding
timing-allow-origin: *
content-length: 45931
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 020a01fc5296b74c1a42fa3daf23bab5
da10e30da593315e2205d666b61f6083dd070ae7
ce75eb8216401a607589078be6885b858fa877849384ccf55e7bacd40aa78c69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:27 GMT
Last-Modified: Fri, 02 Dec 2022 00:26:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDMJCTRC77U9BMO6V730&lib=ttq
23.36.79.32200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDMJCTRC77U9BMO6V730&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2120)
Hash 7917cc09c444ac36411f149f2bc60519
e4d6dbfe2d59d5c292ebc4342900053cc90aaf05
814717c24dcee84c3f68e58533a0232dd2d6fb9527e7355947691b26ee23a3e3
GET /i18n/pixel/events.js?sdkid=CDMJCTRC77U9BMO6V730&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022120201382780AA6BE812E84DDB54B6
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60f0f8705d0913ef2ab3aa01c72e35298f72dc9aebb9e68c4cb3883eb4d260cc3c522ce87c7529db1c0640887493f4e484418c21750c6fa849d7c1ee695370202e2b4cd887ba8ddebe963ff04ddb99082f
content-encoding: gzip
content-length: 1066
x-origin-response-time: 64,23.201.31.150
x-akamai-request-id: 10467bc1.d958818
expires: Fri, 02 Dec 2022 01:38:27 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Dec 2022 01:38:27 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IKzYDAt8IMoErXXkZJbd7QQI2F; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-201-31-150.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=64, inner; dur=3
x-parent-response-time: 163,23.36.79.28
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 020a01fc5296b74c1a42fa3daf23bab5
da10e30da593315e2205d666b61f6083dd070ae7
ce75eb8216401a607589078be6885b858fa877849384ccf55e7bacd40aa78c69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:27 GMT
Last-Modified: Fri, 02 Dec 2022 00:26:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
23.36.79.32200 OK 62 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMA.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (25602)
Hash 46e419afe1d1eae8b3cc5879882fa98e
042f443a29546c4322266b2a3b30ca575a5c4811
f0afb51c6106aac41448e6e47d8287ce2a8aa871805b2cbb3fdee26d7e19dcf6
GET /i18n/pixel/static/main.MTRjZDliOGFlMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: _ttp=2IKzYDAt8IMoErXXkZJbd7QQI2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221201150723ED924227A87E5FF9CE13
x-tt-trace-host: 01fab06eb892e489693f2d013b537b14c6ac6b3db49a7ad94a982cf2deb9586f77b6b87a497e52ea023ad71249767d7bc5be6f4f71e9dd38e20c74f6d048e77ccf225b8783d230e6360c1412e69163aa4f
content-encoding: gzip
date: Fri, 02 Dec 2022 01:38:27 GMT
content-length: 62390
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
x-akamai-request-id: d95887b
X-Firefox-Spdy: h2
www.iccu.com/template/library/fonts/PN-Semibold.woff
52.88.3.188200 OK 57 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Semibold.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 57272, version 2.3\012- data
Hash d9b5bcfc35fdb6d396802d77cfd653ab
69aa33f4cf2d06eeb4049ca9c202f835071f2a24
72e4e99a5820302ea169be3ee1d39f75b288258baedf6311cdccc504ff11a079
GET /template/library/fonts/PN-Semibold.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: font/woff
content-length: 57272
server: Pagely-ARES/1.10.15
x-gateway-request-id: 404c9d252e5ee4fce1268b7b64477620
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "dfb8-5cd37a02a4fc1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Semibold.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/fonts/icomoon.woff2?nwfys3
52.88.3.188200 OK 15 kB URL HTTP/2 www.iccu.com/template/library/css/fonts/icomoon.woff2?nwfys3
IP 52.88.3.188:0
File type Web Open Font Format (Version 2), TrueType, length 15184, version 1.0\012- data
Hash 375dde6977aa255d1b954f3dda483adc
d750a2a2a78842d60acf520faf8aecfba8a93b3f
b599ea6c6fb82de03e4eee221c06618f8b50c65c28787eba2c8045d7873562f1
GET /template/library/css/fonts/icomoon.woff2?nwfys3 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/icomoon.css
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: font/woff2
content-length: 15184
server: Pagely-ARES/1.10.15
x-gateway-request-id: d7eb98041db263fde7bac241d8aa6c87
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "3b50-5cd37a02a01a1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/fonts/icomoon.woff2?nwfys3
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/fonts/PN-Light.woff
52.88.3.188200 OK 57 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Light.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 57340, version 2.3\012- data
Hash 1eb197fea0cd5a6b704c69860aa15c1c
474fe8af6a90f241442804b25a7651c90d102381
4efa8c23eca941196761a29a78e304110e90c893dd2b48ec1a219e7a28c99553
GET /template/library/fonts/PN-Light.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: font/woff
content-length: 57340
server: Pagely-ARES/1.10.15
x-gateway-request-id: 28f7f0289d2ac8847e6102871a6c7479
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "dffc-5cd37a02a4021"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Light.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/fonts/PN-Thin.woff
52.88.3.188200 OK 56 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Thin.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 55576, version 2.3\012- data
Hash 3a9176172ca0f43f450f1a7c0cebd032
d7f768234141ac4ac661b39b08cdcd528e1fcfd5
851bfc7968130cd0610a19365a0729fe91a97b3a8b4cc924368d361d0df51a10
GET /template/library/fonts/PN-Thin.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: font/woff
content-length: 55576
server: Pagely-ARES/1.10.15
x-gateway-request-id: a6c0c52a4b62248135a2e766ef575e57
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "d918-5cd37a02a6f01"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Thin.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=4f35f424-49c8-4fe3-8e39-57f403fa9f72&u_scsid=1ac2f4d7-6fd8-4e27-8803-dab2478f1d20&u_sclid=49f59eeb-fa9e-4b71-a43d-f2c24312a2d6
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=4f35f424-49c8-4fe3-8e39-57f403fa9f72&u_scsid=1ac2f4d7-6fd8-4e27-8803-dab2478f1d20&u_sclid=49f59eeb-fa9e-4b71-a43d-f2c24312a2d6
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=4f35f424-49c8-4fe3-8e39-57f403fa9f72&u_scsid=1ac2f4d7-6fd8-4e27-8803-dab2478f1d20&u_sclid=49f59eeb-fa9e-4b71-a43d-f2c24312a2d6 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:27 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:27 GMT
access-control-allow-origin: https://www.iccu.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AMAQEwIkkqL4aB02nMHzvuPoeSJMsd7KjixKmpPW2VQYCd0aACNvCPvwBgnO1SDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/11/2022-holiday-rewards-slider.webp
143.204.55.116200 OK 53 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/11/2022-holiday-rewards-slider.webp
IP 143.204.55.116:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69ce75610cc6095890e707de58a70cfe
c5b14493f0909758592ba63df58b63bed7a21b6d
57cd46800651071f922837f1b81c23d3053b96510b0066a0557d1f86b08c6051
GET /inc/uploads/2022/11/2022-holiday-rewards-slider.webp HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 53164
date: Fri, 02 Dec 2022 01:38:26 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: ae97bd91c496cdf31037203437364226
last-modified: Mon, 14 Nov 2022 17:39:19 GMT
etag: "cfac-5ed71b81d27a5"
expires: Sat, 31 Dec 2022 11:02:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/uploads/2022/11/2022-holiday-rewards-slider.webp
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Qvlm2LY1GmNDuFwXQhTimL3YNn_N9jq0PsZ3LTUekMjCcvL4YnopTw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 020a01fc5296b74c1a42fa3daf23bab5
da10e30da593315e2205d666b61f6083dd070ae7
ce75eb8216401a607589078be6885b858fa877849384ccf55e7bacd40aa78c69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:27 GMT
Last-Modified: Fri, 02 Dec 2022 00:26:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.iccu.com/wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg
52.88.3.188200 OK 212 kB URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg
IP 52.88.3.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 212 kB (212509 bytes)
Hash c9678c7f5a377c529e60cd2cec89c609
c972114ff40568ae1a522121d2017430a37482ff
4e0ce6477fa0592b330374eb88b772a98db2639a920785166b8bb87696cf32cc
GET /wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: image/jpeg
content-length: 212509
server: Pagely-ARES/1.10.15
x-gateway-request-id: dfeeaa0dc9283b9227791474d0c447b7
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "33e1d-5cd37a0412389"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/bx_loader.gif
52.88.3.188200 OK 5.6 kB URL HTTP/2 www.iccu.com/template/library/images/bx_loader.gif
IP 52.88.3.188:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 77b8e992a3b89d8f8c6f3018b39152b8
fbf66db9e5e75afa60632543da6145f0781dd872
1781afbfbb64bbf86ab6ed3d0d8fc9755226c8bd76376df95424dc5538d4c4c7
GET /template/library/images/bx_loader.gif HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/jquery.bxslider.css
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:27 GMT
content-type: image/gif
content-length: 5615
server: Pagely-ARES/1.10.15
x-gateway-request-id: e77d27819895c823df43ef962fc280f3
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "15ef-5cd37a02a8e41"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/bx_loader.gif
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_87671.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_87671.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3904a2d72a2f511d5c880e9ee1ecf51c
3d31bba82f4e6465d39158df7bf21aaf737c3383
0b9166ee15325fef2b2014ff8ea844cf5766b7605f566c274048152e8b1cd8f1
GET /i18n/pixel/static/identify_87671.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: _ttp=2IKzYDAt8IMoErXXkZJbd7QQI2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221025132316F80FA7E63D4578714882
x-tt-trace-host: 015720010e4cdc282df4fc80cf78bd2dddb7690c595eb6de72e640e5719fc1783fa3a117acf8783861c9b1a0e011382f534f2e840e795a57845c7147ea27ce830a72cd5dec7a946e64d3ac2f92a831f887
content-encoding: gzip
date: Fri, 02 Dec 2022 01:38:27 GMT
content-length: 30897
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=14
x-akamai-request-id: d9588ab
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e58e3c74633457b92d8458cf2015e021
d667d9c7af11f305a440fa4dc2310c5d1494c5a9
a19277b6621bbc3e93039736b4410674e07ddd8df0de7c2a0e1a1542cfeae403
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97745
Date: Fri, 02 Dec 2022 01:38:27 GMT
Etag: "638822af-1d7"
Expires: Sat, 03 Dec 2022 04:47:32 GMT
Last-Modified: Thu, 01 Dec 2022 03:42:39 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GPnL_sYzYt7qeXREXDK0rlSVbm3gG1D60t0GbCi9BUCfo7Z7GOYqxA==
Age: 3893
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 701
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: _ttp=2IKzYDAt8IMoErXXkZJbd7QQI2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202212020138278DA745A0BA09E0CEFEE0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60f0f8705d0913ef2ab3aa01c72e35298f2884189c9971a50617a9c0115f9a7c73458a48711a4a16cc8d8a20fe9b8f34488ed4937d536977c9bdffcba9d4dda24b173f456f6db7afda1a2a0e106a1c886a
x-origin-response-time: 21,23.201.31.173
x-akamai-request-id: bbbcb2dd.d9588b1
expires: Fri, 02 Dec 2022 01:38:27 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Dec 2022 01:38:27 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-201-31-173.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=21, inner; dur=16
x-parent-response-time: 123,23.36.79.28
X-Firefox-Spdy: h2
collector-21348.us.tvsquared.com/tv2track.js
3.22.179.81200 OK 8.5 kB URL HTTP/1.1 collector-21348.us.tvsquared.com/tv2track.js
IP 3.22.179.81:0
File type ASCII text, with very long lines (1162)
Hash 0dfa43ce95b39a456eae5449442aff6e
f5a7a9573c38d97cb3c7d8d811b8b6707a7f2d88
3135834b3c8b03e052d94f9b63cf3f796ff4a3077256dd1daddc16d5c204306a
GET /tv2track.js HTTP/1.1
Host: collector-21348.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 01:38:27 GMT
ETag: "6306051b-2133"
Expires: Fri, 02 Dec 2022 01:48:27 GMT
Last-Modified: Wed, 24 Aug 2022 11:01:47 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 33471d58601290406f7d3694208ec067
630fa936adc8c52c94a0cdcd9747e89e8b42226e
6a787a7ea845d4bf7d3fe6ba199e2b6c3a1687a5d9e244d9a0666f6325da3476
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 01:38:27 GMT
Last-Modified: Fri, 02 Dec 2022 00:52:20 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3ecg5qN8wFlLFoOkZnZFecKo6HZoHXDIOlbx40WpXn1rrvmk17zn7A==
Age: 2767
collector-21348.us.tvsquared.com/tv2track.php?action_name=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&idsite=TV-7281635418-1&rec=1&r=565997&h=1&m=38&s=25&url=https%3A%2F%2Fwww.iccu.com%2F&_id=7060eb89c434fe2c&_idts=1669945106&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1709
3.22.179.81200 OK 42 B URL HTTP/1.1 collector-21348.us.tvsquared.com/tv2track.php?action_name=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&idsite=TV-7281635418-1&rec=1&r=565997&h=1&m=38&s=25&url=https%3A%2F%2Fwww.iccu.com%2F&_id=7060eb89c434fe2c&_idts=1669945106&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1709
IP 3.22.179.81:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&idsite=TV-7281635418-1&rec=1&r=565997&h=1&m=38&s=25&url=https%3A%2F%2Fwww.iccu.com%2F&_id=7060eb89c434fe2c&_idts=1669945106&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1709 HTTP/1.1
Host: collector-21348.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Fri, 02 Dec 2022 01:38:27 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: 689113db-33a1-44d7-9de4-5e65faaf36e1
Server: nginx
Content-Length: 42
Connection: keep-alive
idahoccu.us-1.evergage.com/api2/event/idahoccu?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6IkhvbWVwYWdlIiwiY29udGVudFpvbmVzIjpbIkhvbWVQYWdlIEhlcm8iLCJMYXRlc3RQb3N0Il0sInVybCI6Imh0dHBzOi8vd3d3LmljY3UuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiNTYifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiI1YWZkYmMyNzc5N2ExOWU4In0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiMTgxNzIyMTUyNjQ1ODY2MjIifQ%3D%3D
18.214.34.47200 OK 143 B URL HTTP/2 idahoccu.us-1.evergage.com/api2/event/idahoccu?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6IkhvbWVwYWdlIiwiY29udGVudFpvbmVzIjpbIkhvbWVQYWdlIEhlcm8iLCJMYXRlc3RQb3N0Il0sInVybCI6Imh0dHBzOi8vd3d3LmljY3UuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiNTYifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiI1YWZkYmMyNzc5N2ExOWU4In0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiMTgxNzIyMTUyNjQ1ODY2MjIifQ%3D%3D
IP 18.214.34.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f791ef44b7ea2bcdb250cad27de9cc6
0df4a0f47cb916de7d10f0f8dab6737d754ea2ad
ed01af5d102d93a8c3578b1ea4584a61cdbe5e82b70345865847f8f03f849167
GET /api2/event/idahoccu?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6IkhvbWVwYWdlIiwiY29udGVudFpvbmVzIjpbIkhvbWVQYWdlIEhlcm8iLCJMYXRlc3RQb3N0Il0sInVybCI6Imh0dHBzOi8vd3d3LmljY3UuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiNTYifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiI1YWZkYmMyNzc5N2ExOWU4In0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiMTgxNzIyMTUyNjQ1ODY2MjIifQ%3D%3D HTTP/1.1
Host: idahoccu.us-1.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:27 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALB=AiFpPTqr67wdahMUpXxNp3bHbFxU/TFRrAeel8rZ/Ryvsc+/EYgZWwQKa1JQ5f3slrfjmeGlD9DmoTcpjlBUmGnbmbOMcMRq6Ky1Q+6zJzMl7HKsancNls46j0P4; Expires=Fri, 09 Dec 2022 01:38:27 GMT; Path=/
AWSALBCORS=AiFpPTqr67wdahMUpXxNp3bHbFxU/TFRrAeel8rZ/Ryvsc+/EYgZWwQKa1JQ5f3slrfjmeGlD9DmoTcpjlBUmGnbmbOMcMRq6Ky1Q+6zJzMl7HKsancNls46j0P4; Expires=Fri, 09 Dec 2022 01:38:27 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.iccu.com
timing-allow-origin: *
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/10/medicare-AEP-slider.jpg
143.204.55.116200 OK 152 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/10/medicare-AEP-slider.jpg
IP 143.204.55.116:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x800, components 3\012- data
Size 152 kB (152053 bytes)
Hash abb51f9d5700eb19ee344716d0778f19
3299a57a55b08296921c8de478f9c4fbbfd17a9d
cf9aa4915b2c68f7f616fc4fbaf7ff698dffac44952fec27261c4c982760ac1a
GET /inc/uploads/2022/10/medicare-AEP-slider.jpg HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 152053
date: Fri, 02 Dec 2022 01:38:27 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: ce45932931e783bbd2061c24e1e4a536
last-modified: Mon, 17 Oct 2022 16:23:48 GMT
etag: "251f5-5eb3d667e662b"
expires: Sat, 31 Dec 2022 10:15:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/uploads/2022/10/medicare-AEP-slider.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FpZN_v39_nAsxukR8WzLmfWFA9-JJDhrSSUvhztuE7IgE0oPyQ3Ngg==
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg
143.204.55.116200 OK 272 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg
IP 143.204.55.116:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x800, components 3\012- data
Size 272 kB (272090 bytes)
Hash 5921951f4f56f3ae73a9551ee0fddbb9
86db9e29ca111a03ad9f15ec91b6f913af4d57f9
55c074df6cd717efa5b6eff8d0b9fa65f70808bc7c0dad5a8ccb5b2d874311fd
GET /inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 272090
date: Fri, 02 Dec 2022 01:38:27 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: 141ddc101bb9590772e447c4cd408f93
last-modified: Tue, 01 Nov 2022 16:11:30 GMT
etag: "426da-5ec6afa1fda74"
expires: Sat, 31 Dec 2022 11:02:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dD2_cUalEYT-rJOHMKwDK_5-zekcoojCoggDashsSFgZnvbXbfmUtQ==
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/10/north-spokane-slider.webp
143.204.55.116200 OK 300 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/10/north-spokane-slider.webp
IP 143.204.55.116:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 300 kB (299820 bytes)
Hash fb2184ac53d92d6ce52672916086cbcd
20bcbcc4837deaf63b6ed4c5fe0cb163fd813852
593f5b2717cf856e467c04678382a787707d3be5d230a3ae09780bb045c77a10
GET /inc/uploads/2022/10/north-spokane-slider.webp HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 299820
date: Fri, 02 Dec 2022 01:38:27 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: 61e46a6750de94d7c17ac8bcff709d41
last-modified: Tue, 25 Oct 2022 21:37:41 GMT
etag: "4932c-5ebe2b7c0356a"
expires: Sat, 31 Dec 2022 08:05:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/uploads/2022/10/north-spokane-slider.webp
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bcUG2ZYVJ_B6Bu9uHns2pl1N4e5QnMaRFLCJ9rMuh1FVbJq8tZtKLA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/922652299/?random=1669945105213&cv=11&fst=1669945105213&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&auid=1734308782.1669945104&rfmt=3&fmt=4
142.250.74.130200 OK 881 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/922652299/?random=1669945105213&cv=11&fst=1669945105213&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&auid=1734308782.1669945104&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1885), with no line terminators
Hash 88f2d93eda11f53b4e6eb845dd834e56
507ccaea34395afc8551031b5cd60a8491d71a2e
39f5250ed01b9c6d204778257de96066f1105c11f08ccbfcea06d90eab434833
GET /pagead/viewthroughconversion/922652299/?random=1669945105213&cv=11&fst=1669945105213&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&auid=1734308782.1669945104&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 01:38:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 881
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Dec-2022 01:53:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 994 B IP 93.184.220.29:0
Hash 574f58676cf0b5029fd618eb07ccd888
0066a63e2c798873bee80f622030b211a007cb1a
f0d899d6cb8090d311302cd9137488aee1ffaa998a6702fc25f02108ca2bfaa6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5379
Cache-Control: max-age=171265
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:12:53 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/gtm/optimize.js?id=GTM-NNR2J8L
216.239.34.178200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-NNR2J8L
IP 216.239.34.178:0
File type ASCII text, with very long lines (1921)
Hash 46c3907c55d27d20a0dc52a52d2463cd
30fcd0eef3336326f307a42c2a10e9f13a1c4850
257de29583870783707105db2a21f886968339a393cbb6d929243bf9f1102fac
GET /gtm/optimize.js?id=GTM-NNR2J8L HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 01:38:28 GMT
expires: Fri, 02 Dec 2022 01:38:28 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash df169ce602a3bb847c575192cb8b744f
be40c6958e00904f9f50d56a729b87270a48d7c7
e47e8fd99a7313873847ce85655117b5b7ba34ddfed7c2900006f3f2be0ae7ee
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11430
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=191C770C0DB766AF08EF65620CE067C1; domain=.bing.com; expires=Wed, 27-Dec-2023 01:38:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D684EC4CEECF40B396F6EA047CA03466 Ref B: OSL30EDGE0309 Ref C: 2022-12-02T01:38:28Z
date: Fri, 02 Dec 2022 01:38:27 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37JPF553KD&cid=1949642682.1669945104>m=2oebu0&aip=1&z=1224341389
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37JPF553KD&cid=1949642682.1669945104>m=2oebu0&aip=1&z=1224341389
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37JPF553KD&cid=1949642682.1669945104>m=2oebu0&aip=1&z=1224341389 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 01:38:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
172.217.21.170200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 172.217.21.170:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 02 Dec 2022 01:38:28 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.iccu.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/apple-icon-touch.png
52.88.3.188200 OK 859 B URL HTTP/2 www.iccu.com/template/library/images/apple-icon-touch.png
IP 52.88.3.188:0
File type PNG image data, 129 x 129, 8-bit colormap, non-interlaced\012- data
Hash 2312274243580ec097982784e78fa4be
774e1cca659c43d7258a876c2c5ee5ad115209b1
03294dd31589f8331a9c6249eba2228e0e049c335a7823466438eaa84e6acde0
GET /template/library/images/apple-icon-touch.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104; _schn=_x5rfyn; _scid=f778c131-78e1-44d1-8b29-b766cfed8dfb; _sfid_4bb8={%22anonymousId%22:%225afdbc27797a19e8%22%2C%22consents%22:[]}; _evga_2114={%22uuid%22:%225afdbc27797a19e8%22}; _tq_id.TV-7281635418-1.6370=7060eb89c434fe2c.1669945106.0.1669945106..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:28 GMT
content-type: image/png
content-length: 859
server: Pagely-ARES/1.10.15
x-gateway-request-id: c84d2399334ed56832f0a47679d80766
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "35b-5cd37a02a7ea1"
expires: Sat, 31 Dec 2022 11:43:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/apple-icon-touch.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.240.1200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 0sSgV/fuPEHjY4loZzhAncvY4ot9XIDmxt2T3E6GXY3AUsVUJ0pTTKddqyZx+m+a6yWRp/8Hu5FGz1tvKnGnWA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 01:38:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.iccu.com/template/favicon.png
52.88.3.188200 OK 4.6 kB URL HTTP/2 www.iccu.com/template/favicon.png
IP 52.88.3.188:0
File type PNG image data, 100 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 02f5f86808d0fd3b59a9fcdb88e3ad02
2d849bd67e68f1f0d635bf074584c31d33c78ed8
16a37dc19eb0dcf637799a0c6f93165a0c239ab22073a817e6338cc4eea340ba
GET /template/favicon.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104; _schn=_x5rfyn; _scid=f778c131-78e1-44d1-8b29-b766cfed8dfb; _sfid_4bb8={%22anonymousId%22:%225afdbc27797a19e8%22%2C%22consents%22:[]}; _evga_2114={%22uuid%22:%225afdbc27797a19e8%22}; _tq_id.TV-7281635418-1.6370=7060eb89c434fe2c.1669945106.0.1669945106..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:28 GMT
content-type: image/png
content-length: 4568
server: Pagely-ARES/1.10.15
x-gateway-request-id: 91540f712cda43af86565289781f6728
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "11d8-5cd37a029f201"
expires: Fri, 30 Dec 2022 19:17:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/favicon.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5379
Cache-Control: max-age=171265
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:12:53 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d22bb75c93f3a7f2530223d73086791a
51cf1879c86096d072f67016aeaeb66f6783bbf2
84f349e7c4d24e42e10fb1dece1050a4a1299e3d50d48d854cda4df719fc465e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100277
Date: Fri, 02 Dec 2022 01:38:28 GMT
Etag: "638829ae-1d7"
Expires: Sat, 03 Dec 2022 05:29:46 GMT
Last-Modified: Thu, 01 Dec 2022 04:12:30 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gEPUZOHU-847QUrdPq1u8e8alnNg8tzdK8RU6cR8KuMsBMSmAuPkLw==
Age: 4635
bat.bing.com/action/0?ti=14005490&tm=gtm002&Ver=2&mid=ab7c09d3-c3f9-416f-9ab5-2d976e5f83aa&sid=0432f4f071e211edaddb3f1a78879ebe&vid=0432e7f071e211ed835b9128c9d9e919&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&p=https%3A%2F%2Fwww.iccu.com%2F&r=<=4201&evt=pageLoad&sv=1&rn=938341
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=14005490&tm=gtm002&Ver=2&mid=ab7c09d3-c3f9-416f-9ab5-2d976e5f83aa&sid=0432f4f071e211edaddb3f1a78879ebe&vid=0432e7f071e211ed835b9128c9d9e919&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&p=https%3A%2F%2Fwww.iccu.com%2F&r=<=4201&evt=pageLoad&sv=1&rn=938341
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=14005490&tm=gtm002&Ver=2&mid=ab7c09d3-c3f9-416f-9ab5-2d976e5f83aa&sid=0432f4f071e211edaddb3f1a78879ebe&vid=0432e7f071e211ed835b9128c9d9e919&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&p=https%3A%2F%2Fwww.iccu.com%2F&r=<=4201&evt=pageLoad&sv=1&rn=938341 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=15E50AB1DA3867BF18CB18DFDB6F66BE; domain=.bing.com; expires=Wed, 27-Dec-2023 01:38:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BCA66FD5FA0442159BF11B03FA487130 Ref B: OSL30EDGE0309 Ref C: 2022-12-02T01:38:28Z
date: Fri, 02 Dec 2022 01:38:27 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:38:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/922652299/?random=1669945105213&cv=11&fst=1669942800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&fmt=3&is_vtc=1&random=2009227779&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/922652299/?random=1669945105213&cv=11&fst=1669942800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&fmt=3&is_vtc=1&random=2009227779&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/922652299/?random=1669945105213&cv=11&fst=1669942800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&fmt=3&is_vtc=1&random=2009227779&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 01:38:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/51qugbww3f
13.107.219.53200 OK 1.3 kB URL HTTP/2 www.clarity.ms/tag/51qugbww3f
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1319), with no line terminators
Hash dc77513228b9e75cf19dfe0414ab0091
af8dd688470afe2516834b52cb3cf3767e692e4c
b3841604a13bc96427b4518f631d024e85a7b3bfbd88a392cc160194625e8a03
GET /tag/51qugbww3f HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=90a57fa43d934733b8a0f653a9e6bdb4.20221202.20231202; expires=Sat, 02 Dec 2023 01:38:28 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-cache: CONFIG_NOCACHE
x-azure-ref: 0FFeJYwAAAAA9dmaQYlYaRJTAWvIqOaGwT1NMMjMxMDUwMjA0MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 02 Dec 2022 01:38:27 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/14005490.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/14005490.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/14005490.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=27A2FF0298A569DA2A24ED6C99F2686C; domain=.bing.com; expires=Wed, 27-Dec-2023 01:38:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42CC576BC60040349B10D5FC427D5EA8 Ref B: OSL30EDGE0309 Ref C: 2022-12-02T01:38:28Z
date: Fri, 02 Dec 2022 01:38:28 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/events.js
3.216.203.91200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 3.216.203.91:0
File type ASCII text, with very long lines (16677)
Hash f133f43d762f5d7a843bda0da49e6131
85da5143303952d5eb3025536847dec6c3dd98fa
d92c4c289969429a14f9b79c30adee798765c3f3ba9fa106faba67adaf2c9f12
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Fri, 02 Dec 2022 01:38:28 GMT
Set-Cookie: sa-user-id=s%3A0-3b823b64-6725-4dc7-4105-3c526cee1720.3VwM3Bkpj%2BM53WE8s4TLC0ZE4xjAXK51FOo1okXAv6Q; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AO4I7ZGclTcdBBTxSbO4XIFtaKpo.NLfCXJoiReURRLYR9QX%2Bz%2F3oDvBTzWcJGCOl3EDqhuY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5395
Connection: keep-alive
tags.srv.stackadapt.com/sa.css
3.216.203.91200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 3.216.203.91:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Fri, 02 Dec 2022 01:38:28 GMT
Content-Length: 27
Connection: keep-alive
tags.srv.stackadapt.com/sa.jpeg
3.216.203.91200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 3.216.203.91:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash cf227a017766e1b4d1704cf91fb2f665
18ad4f362ea84bde44ddb4391d3a18170569c4a4
52aa4289a0077fc456684894df50e9d379b27a448c182bc9ac04840e019c2698
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Fri, 02 Dec 2022 01:38:29 GMT
Content-Length: 651
Connection: keep-alive
www.facebook.com/tr/?id=1599075523726654&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669945107308&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669945107307.1444799852&it=1669945106616&coo=false&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1599075523726654&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669945107308&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669945107307.1444799852&it=1669945106616&coo=false&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1599075523726654&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669945107308&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669945107307.1444799852&it=1669945106616&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 01:38:29 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=398312224211246&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669945107310&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669945107307.1444799852&it=1669945106616&coo=false&exp=a0&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=398312224211246&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669945107310&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669945107307.1444799852&it=1669945106616&coo=false&exp=a0&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=398312224211246&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669945107310&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669945107307.1444799852&it=1669945106616&coo=false&exp=a0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 01:38:29 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=SkL_wkqmNrMxibbUXomuNA&is_js=true&landing_url=https%3A%2F%2Fwww.iccu.com%2F&t=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&tip=KhbaGbzHQLtL5H0wViBQ3t96hQGKUbQGDkcAT4RkTXw&host=https://www.iccu.com&sa-user-id-v2=s%253AO4I7ZGclTcdBBTxSbO4XIFtaKpo.NLfCXJoiReURRLYR9QX%252Bz%252F3oDvBTzWcJGCOl3EDqhuY&sa-user-id=s%253A0-3b823b64-6725-4dc7-4105-3c526cee1720.3VwM3Bkpj%252BM53WE8s4TLC0ZE4xjAXK51FOo1okXAv6Q
3.216.203.91200 OK 116 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=SkL_wkqmNrMxibbUXomuNA&is_js=true&landing_url=https%3A%2F%2Fwww.iccu.com%2F&t=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&tip=KhbaGbzHQLtL5H0wViBQ3t96hQGKUbQGDkcAT4RkTXw&host=https://www.iccu.com&sa-user-id-v2=s%253AO4I7ZGclTcdBBTxSbO4XIFtaKpo.NLfCXJoiReURRLYR9QX%252Bz%252F3oDvBTzWcJGCOl3EDqhuY&sa-user-id=s%253A0-3b823b64-6725-4dc7-4105-3c526cee1720.3VwM3Bkpj%252BM53WE8s4TLC0ZE4xjAXK51FOo1okXAv6Q
IP 3.216.203.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 03e193f03f71be34743e8e1838deaede
0f310a13c8ca8b5990e23692651c36fed43c860f
d2670c49e889736cf1400cfa758194e1a3fe5d6e81dba3536baae1f7aab75013
GET /saq_pxl?uid=SkL_wkqmNrMxibbUXomuNA&is_js=true&landing_url=https%3A%2F%2Fwww.iccu.com%2F&t=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&tip=KhbaGbzHQLtL5H0wViBQ3t96hQGKUbQGDkcAT4RkTXw&host=https://www.iccu.com&sa-user-id-v2=s%253AO4I7ZGclTcdBBTxSbO4XIFtaKpo.NLfCXJoiReURRLYR9QX%252Bz%252F3oDvBTzWcJGCOl3EDqhuY&sa-user-id=s%253A0-3b823b64-6725-4dc7-4105-3c526cee1720.3VwM3Bkpj%252BM53WE8s4TLC0ZE4xjAXK51FOo1okXAv6Q HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.iccu.com
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Dec 2022 01:38:29 GMT
Content-Length: 116
Connection: keep-alive
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 735
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.iccu.com
access-control-allow-credentials: true
date: Fri, 02 Dec 2022 01:38:28 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82826
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.iccu.com
access-control-allow-credentials: true
date: Fri, 02 Dec 2022 01:38:28 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&RedC=c.clarity.ms&MXFR=025B631AD8806F7700D77174DC80614F
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=025B631AD8806F7700D77174DC80614F; domain=.clarity.ms; expires=Wed, 27-Dec-2023 01:38:30 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 02 Dec 2022 01:38:30 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&RedC=c.clarity.ms&MXFR=025B631AD8806F7700D77174DC80614F
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&RedC=c.clarity.ms&MXFR=025B631AD8806F7700D77174DC80614F
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&RedC=c.clarity.ms&MXFR=025B631AD8806F7700D77174DC80614F HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&MUID=26B081E44EC76FBE31A7938A4F906E3A
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=26B081E44EC76FBE31A7938A4F906E3A; domain=c.bing.com; expires=Wed, 27-Dec-2023 01:38:30 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A157491827E944BF8CC1B84ABEF90655 Ref B: OSL30EDGE0309 Ref C: 2022-12-02T01:38:30Z
date: Fri, 02 Dec 2022 01:38:30 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&MUID=26B081E44EC76FBE31A7938A4F906E3A
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&MUID=26B081E44EC76FBE31A7938A4F906E3A
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=200B9024C1D543D6874D0E34DD749B5C&MUID=26B081E44EC76FBE31A7938A4F906E3A HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 02-Dec-2022 01:48:30 GMT; path=/; SameSite=None; Secure;
date: Fri, 02 Dec 2022 01:38:30 GMT
content-length: 42
X-Firefox-Spdy: h2
iccuauth-pay.com/a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true
176.123.0.55302 Found 516 B URL HTTP/2 iccuauth-pay.com/a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true
IP 176.123.0.55:0
Hash 24f728b0c3a10d8e4ce26994f5baebc6
34fe1388ee6f6ef53aec40bb9bc1e7540743f5ae
06e2a79ae7c0164f3ed41cec573e35fdcd0e29c7af4bf8c55a7aa010d30aec0f
Analyzer Verdict Alert quad9 Sinkholed
GET /a0acfa46d86f7610b2c73dbb28f64701/login.php?user=true HTTP/1.1
Host: iccuauth-pay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 01:38:21 GMT
content-type: text/html; charset=UTF-8
location: https://href.li/?https://iccu.com/
x-powered-by: PHP/7.3.33
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: nosniff, nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 11568
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vmss.boldchat.com/aid/885055130827083336/bc.vms4/vms.js
52.38.150.246200 OK 18 kB URL HTTP/1.1 vmss.boldchat.com/aid/885055130827083336/bc.vms4/vms.js
IP 52.38.150.246:0
File type ASCII text, with very long lines (53979), with no line terminators
Hash 4113927a177d567c16ad555f70da7004
05998965d6c354e360def5fde9ed26df3158a343
5dea531896ed6c464701c29be8ecb864e2c33427577aa5b8f384f415c5e8150e
GET /aid/885055130827083336/bc.vms4/vms.js HTTP/1.1
Host: vmss.boldchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Origin-Agent-Cluster: ?0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Set-Cookie: bc-visitor-id=0=0; Domain=.boldchat.com; Expires=Sat, 02-Dec-2023 01:38:30 GMT; Path=/; HttpOnly; SameSite=None
Cache-Control: max-age=7200, public
ETag: "4113927A177D567C16AD555F70DA7004"
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Content-Length: 18147
Date: Fri, 02 Dec 2022 01:38:30 GMT
Server: BoldChat/8006
X-Content-Type-Options: nosniff
visitor-services.boldchat.com/visitor-token-service/visitor-token
18.197.58.119200 OK 38 B URL HTTP/2 visitor-services.boldchat.com/visitor-token-service/visitor-token
IP 18.197.58.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3a41aa8012ec9061a026624fc7391419
e169d946c627cb61b4e09c2bb3f08a1936ab542c
c0271fcd0e0bde73e2137326002f6b130aefae2986c4363572681ee540d7f853
GET /visitor-token-service/visitor-token HTTP/1.1
Host: visitor-services.boldchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:31 GMT
content-type: application/json; charset=utf-8
content-length: 38
vary: Origin
access-control-allow-origin: https://www.iccu.com
access-control-allow-credentials: true
set-cookie: bc.visitor_token=7004257459558137856; Path=/; Expires=Sun, 01-Dec-2024 01:38:31 GMT; Domain=.boldchat.com; SameSite=none; Secure; HttpOnly
x-correlation-id: 03d0429d-a142-4d86-9496-71edb462c80a
x-response-time: 0.242967ms
X-Firefox-Spdy: h2
href.li/?https://iccu.com/
192.0.78.26200 OK 0 B URL HTTP/2 href.li/?https://iccu.com/
IP 192.0.78.26:0
GET /?https://iccu.com/ HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:38:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca BYPASS
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/down-arrow.svg
52.88.3.188200 OK 0 B URL HTTP/2 www.iccu.com/template/library/images/down-arrow.svg
IP 52.88.3.188:0
GET /template/library/images/down-arrow.svg HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=s4is5l00040puqmiv6h25oqujj; _gcl_au=1.1.1734308782.1669945104; _ga_37JPF553KD=GS1.1.1669945104.1.0.1669945104.60.0.0; _ga=GA1.1.1949642682.1669945104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:26 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: Pagely-ARES/1.10.15
x-gateway-request-id: df607bae53f884270cae541cb5e535be
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: W/"257-5cd37a02a8e41"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/down-arrow.svg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
content-encoding: gzip
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=4f35f424-49c8-4fe3-8e39-57f403fa9f72&tld=com
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=4f35f424-49c8-4fe3-8e39-57f403fa9f72&tld=com
IP 35.190.43.134:0
GET /collector/is_enabled?pids=4f35f424-49c8-4fe3-8e39-57f403fa9f72&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:38:27 GMT
access-control-allow-origin: https://www.iccu.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.219.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0GweJYwAAAAAjciBFG16sQLPqXhzX0xKAQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0FFeJYwAAAADjZY70NXdQT6kCI1pHxLsQT1NMMjMxMDUwMjA0MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 02 Dec 2022 01:38:27 GMT
X-Firefox-Spdy: h2