iccupay-auth.us/b61705f85f6a5787b3797b783d692360/index.php
176.123.0.55301 Moved Permanently 274 B URL HTTP/1.1 iccupay-auth.us/b61705f85f6a5787b3797b783d692360/index.php
IP 176.123.0.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 816ce0e56a3133e9f46f486c43eb5a05
81a9b944c78c71b5ae83f2abc9607e9e3438c3b0
67d7e3907e592919638b23994d3ba09cbd42d77a8b88df40cbf937c79c0b35cb
Analyzer Verdict Alert fortinet Phishing
GET /b61705f85f6a5787b3797b783d692360/index.php HTTP/1.1
Host: iccupay-auth.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 14:53:19 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 274
Connection: keep-alive
Location: https://iccupay-auth.us/b61705f85f6a5787b3797b783d692360/index.php
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Fri, 02 Dec 2022 19:14:07 GMT
Date: Fri, 02 Dec 2022 14:53:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:22 GMT
Last-Modified: Fri, 02 Dec 2022 13:11:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13663
Expires: Fri, 02 Dec 2022 18:41:05 GMT
Date: Fri, 02 Dec 2022 14:53:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: if2YSmydichcQSeaZv6cRElCRicxjDU696XvpMpx4BPy4jbfGq1YOY8TATqEYo1A3fW4AYlUilc=
x-amz-request-id: 7MMQ6DDY4ZGN2AA3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 14:46:44 GMT
age: 398
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 14:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2110
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 14:53:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9adac0b6cde5e47cd7000dc741e853eb
271af1d472a24de5c08783eceedf82f5d1b29c77
814adbb8da382f7df5e4a4465c92797da7dd816966a7501ce9a3453de22aa1b0
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 14:53:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 20:46:50 GMT
Expires: Thu, 08 Dec 2022 20:46:49 GMT
Etag: "271af1d472a24de5c08783eceedf82f5d1b29c77"
Cache-Control: max-age=539006,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7734e449880cb527-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab8df2c6b2eae7d4eb1015cbe70effac
84f9ab922f7ddcaba214a49d4b816f1177239e4a
5124d3c2a1ca1f2e631ddaab0a84b9e3cc4ddfafe13a62e664c01d988468f78b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5124D3C2A1CA1F2E631DDAAB0A84B9E3CC4DDFAFE13A62E664C01D988468F78B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12466
Expires: Fri, 02 Dec 2022 18:21:09 GMT
Date: Fri, 02 Dec 2022 14:53:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 14:11:15 GMT
cache-control: public,max-age=3600
age: 2528
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6077
Cache-Control: max-age=158088
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:23 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:48:11 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LmXcvEft6KcVRlxmMcPP2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mJ6q6hVviRLGRw+iYIZZb6eg2s8=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6c4324523d468214b8a4b6fc3fa25cd5
2b887b36f01f34d237a515424a252b3f94a7c46f
7f314eae819e17de6195b4bb4a6ae8fb4443537cac44c43adf28be225289d519
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F314EAE819E17DE6195B4BB4A6AE8FB4443537CAC44C43ADF28BE225289D519"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 20:53:23 GMT
Date: Fri, 02 Dec 2022 14:53:23 GMT
Connection: keep-alive
iccu.com/
52.88.3.188301 Moved Permanently 162 B IP 52.88.3.188:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 14:53:24 GMT
content-type: text/html
content-length: 162
location: https://www.iccu.com/
server: Pagely-ARES/1.10.15
x-gateway-request-id: 46664d510266242aefcf4e532a5f49ea
strict-transport-security: max-age=31536000; includeSubDomains
x-gateway-cache-key: 1669835831.674|standard|https|iccu.com|||/
x-gateway-skip-cache: 1
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14229
Expires: Fri, 02 Dec 2022 18:50:33 GMT
Date: Fri, 02 Dec 2022 14:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14229
Expires: Fri, 02 Dec 2022 18:50:33 GMT
Date: Fri, 02 Dec 2022 14:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14229
Expires: Fri, 02 Dec 2022 18:50:33 GMT
Date: Fri, 02 Dec 2022 14:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14229
Expires: Fri, 02 Dec 2022 18:50:33 GMT
Date: Fri, 02 Dec 2022 14:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14229
Expires: Fri, 02 Dec 2022 18:50:33 GMT
Date: Fri, 02 Dec 2022 14:53:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 34389
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 61070
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 31956
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 61174
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 62317
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 61311
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9017551118f933b99e215c8a4a8cfe15
3c7477adccaaa4deb8e14c69059e7e8b4622a54d
b1f47d3a19df0772e3976ffd2580889d5cefc310c34a94d6284260269b0126f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=129561
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:25 GMT
Etag: "638952a3-1d7"
Expires: Sun, 04 Dec 2022 02:52:46 GMT
Last-Modified: Fri, 02 Dec 2022 01:19:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 446a8eea0b636cb70493156cbc344a37
5790603271e018dacd09684e901c82fc2d7353e0
88d081cba12a34d57d88914802ca6fd7bd8dcb826f6bc1a71af0892e617c1645
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124667
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:25 GMT
Etag: "63895560-1d7"
Expires: Sun, 04 Dec 2022 01:31:12 GMT
Last-Modified: Fri, 02 Dec 2022 01:31:12 GMT
Server: nginx
Content-Length: 471
www.iccu.com/
52.88.3.188200 OK 15 kB IP 52.88.3.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash e4f2b34b1c75c9b13e682d9086b8c5e2
60ef899e3d1a3fe8a1964aea5593de6a3bb4ab13
3b3473de0a96d56f9ac182d48ff2e32456c9e5ab14338b89123c1a209788caf6
GET / HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/html; charset=UTF-8
content-length: 15139
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2dde8b59cd0dbd138bb9a99cbb28cf01
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pingback: https://www.iccu.com/xmlrpc.php
permissions-policy: geolocation=(self "https://maps.google.com"), encrypted-media=(self "https://*.brightcove.com")
referrer-policy: no-referrer-when-downgrade
link: <https://www.iccu.com/wp-json/>; rel="https://api.w.org/", <https://www.iccu.com/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json", <https://www.iccu.com/>; rel=shortlink
set-cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; path=/
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669913902.242|standard|https|www.iccu.com|||/
x-gateway-cache-status: MISS
x-gateway-skip-cache: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M9ND4W
142.250.74.168200 OK 96 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M9ND4W
IP 142.250.74.168:0
File type ASCII text, with very long lines (43685)
Hash 2da4010217c3f6340d9803b08d71ab8e
b48ab1f63528711e31054d28939b2108199b84e5
8f5933c7f4411db41ef1de2daaaf9f1b9161c0012371d7019f94ea0468036ba3
GET /gtm.js?id=GTM-M9ND4W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 14:53:27 GMT
expires: Fri, 02 Dec 2022 14:53:27 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.iccu.com/lib/css/classic-themes.min.css
52.88.3.188200 OK 189 B URL HTTP/2 www.iccu.com/lib/css/classic-themes.min.css
IP 52.88.3.188:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /lib/css/classic-themes.min.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/css
content-length: 189
server: Pagely-ARES/1.10.15
x-gateway-request-id: 0ebe0fec84249929543e7fb64bd02df8
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "d9-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/css/classic-themes.min.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/modules/column-shortcodes//assets/css/shortcodes.css
52.88.3.188301 Moved Permanently 162 B URL HTTP/2 www.iccu.com/modules/column-shortcodes//assets/css/shortcodes.css
IP 52.88.3.188:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /modules/column-shortcodes//assets/css/shortcodes.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/html
content-length: 162
server: Pagely-ARES/1.10.15
x-gateway-request-id: ed6003ce488fdab07b4ddd92ec875810
location: /modules/column-shortcodes/assets/css/shortcodes.css
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/modules/column-shortcodes//assets/css/shortcodes.css
x-gateway-skip-cache: 1
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/icomoon.css
52.88.3.188200 OK 747 B URL HTTP/2 www.iccu.com/template/library/css/icomoon.css
IP 52.88.3.188:0
File type ASCII text, with very long lines (2562), with no line terminators
Hash e3e7094ccb9c273019e356f69ac05f2e
5f9810f3ebbbf73ff5f67c40be4cbd0c38929e4f
24ec1ac810e095b842dee829e01374cfe455bee90adb3a280eb3e501448ce1d4
GET /template/library/css/icomoon.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/css
content-length: 747
server: Pagely-ARES/1.10.15
x-gateway-request-id: b55a872e43a4b90dee03ee5393d2320d
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "a02-5cd37a02a01a1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/icomoon.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/style.css?ver1_0_2
52.88.3.188200 OK 8.3 kB URL HTTP/2 www.iccu.com/template/library/css/style.css?ver1_0_2
IP 52.88.3.188:0
File type ASCII text, with very long lines (29760)
Hash cba77c25d3e8c23c776784534ef42bce
f3d18ecec2857a9fe63baa5c7be106f65684aac1
4117e1d60e29886aab490eb34021da11f6858aebf8291433dc689439f3199472
GET /template/library/css/style.css?ver1_0_2 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/css
content-length: 8314
server: Pagely-ARES/1.10.15
x-gateway-request-id: 918ab868d834f0a1a2832ded154bc404
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "7474-5cd37a02a01a1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/style.css?ver1_0_2
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.google.com/maps/api/js?key=AIzaSyABExOv-r9mP-Y-ARK9pWG4lpZahWKHc8M
216.58.207.238200 OK 472 B URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyABExOv-r9mP-Y-ARK9pWG4lpZahWKHc8M
IP 216.58.207.238:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
GET /maps/api/js?key=AIzaSyABExOv-r9mP-Y-ARK9pWG4lpZahWKHc8M HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 14:53:27 GMT
expires: Fri, 02 Dec 2022 15:23:27 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53536
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/jquery.bxslider.css
52.88.3.188200 OK 811 B URL HTTP/2 www.iccu.com/template/library/css/jquery.bxslider.css
IP 52.88.3.188:0
File type ASCII text, with very long lines (2879), with no line terminators
Hash ca16461f4888b08bf4da689ec7704bd8
e19ec1dcb695797fe8167ad5684ca6d3cd72bfcf
c15ca83818c346b148ac7afd1def026806de8746f0f2b40b0d193398241d2910
GET /template/library/css/jquery.bxslider.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/css
content-length: 811
server: Pagely-ARES/1.10.15
x-gateway-request-id: 327637faf9fde6eebb792a2c43b5baca
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "b3f-5cd37a02a01a1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/jquery.bxslider.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
52.88.3.188200 OK 10 kB URL HTTP/2 www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
IP 52.88.3.188:0
File type ASCII text, with very long lines (327)
Hash 94db68ae02c56675d470e23e480fe336
1c018bb2fd01c53679e594d4ecfbc186f346d5ef
6338d7a04cc6cd27e9b4110d86b0c2b6c7cfc070274dcad98efa307d84d22c60
GET /template/library/css/redolive.css?v=2022.4.12.1246 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/css
content-length: 10107
server: Pagely-ARES/1.10.15
x-gateway-request-id: bc82e4674cda4a1069eeae423a84989d
last-modified: Tue, 12 Apr 2022 20:50:57 GMT
etag: "c8e7-5dc7b37be5275-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/redolive.css?v=2022.4.12.1246
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.css
52.88.3.188200 OK 1.4 kB URL HTTP/2 www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.css
IP 52.88.3.188:0
Hash c95bca9e0590cf1c2c2c1a5fae0cab66
198825529be8572c83e06d190906ea4a0c0aac21
0fd756899c22f1cb3d83d32627c2b0bcf54212479d8c166a81881b6e39dec75d
GET /template/library/js/libs/fancybox/jquery.fancybox.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: text/css
content-length: 1423
server: Pagely-ARES/1.10.15
x-gateway-request-id: c00457d7e314f4a97b9442c5c96cedb7
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "131f-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/fancybox/jquery.fancybox.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/lib/js/jquery/jquery.min.js
52.88.3.188200 OK 31 kB URL HTTP/2 www.iccu.com/lib/js/jquery/jquery.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
GET /lib/js/jquery/jquery.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: application/javascript
content-length: 30995
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2a9d19d728a3dd9ef541a5504480986b
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "15e54-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/js/jquery/jquery.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/lib/js/jquery/jquery-migrate.min.js
52.88.3.188200 OK 4.2 kB URL HTTP/2 www.iccu.com/lib/js/jquery/jquery-migrate.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /lib/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:27 GMT
content-type: application/javascript
content-length: 4169
server: Pagely-ARES/1.10.15
x-gateway-request-id: cd712b8c9952d495214941b8b129bf48
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "2bd8-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/js/jquery/jquery-migrate.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/modernizr.custom.min.js
52.88.3.188200 OK 6.2 kB URL HTTP/2 www.iccu.com/template/library/js/libs/modernizr.custom.min.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (14558)
Hash 20f3300b8d897519834c9b3ab7eb3672
4f7f3f6fce25d7aceb1d59fedd4f8c34880dfeb5
fa6245f7c4bf9b54001e291567b9fdd7dc4e62e4e88acbfa5853b11289fa9f9d
GET /template/library/js/libs/modernizr.custom.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 6221
server: Pagely-ARES/1.10.15
x-gateway-request-id: 3bcf378d29dfcf5de9424f2a0f04815b
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "3b16-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/modernizr.custom.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/3gj_OJ2r91s
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/3gj_OJ2r91s
IP 142.250.74.131:0
Hash 224d98b12a0f9a8c8bf746b5ce3142ae
17893eb3b8a3a358f31a67186faea0a4d29e6dc7
8d1e640e99e3f90847534de55b34dc33231f9d03958071f2ef4df315c47fead8
POST /s/gts1d4/3gj_OJ2r91s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 82a13927427f5f1c20de25793116a239
3a1ddd437d0a3051bb8fedbcf7ac0099db9f3d63
d539d48a3dd57a61fc70f16ad9ada27fa1fe4ac87ad98c12b388b83e1f5a89bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138056
Date: Fri, 02 Dec 2022 14:53:28 GMT
Etag: "638980fb-1d7"
Expires: Sun, 04 Dec 2022 05:14:24 GMT
Last-Modified: Fri, 02 Dec 2022 04:37:15 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ilqswPtJv6xilLcfCBNNNffaHyfesjvuYUUupuamIdr6qM5lDmFMfw==
Age: 2229
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 82a13927427f5f1c20de25793116a239
3a1ddd437d0a3051bb8fedbcf7ac0099db9f3d63
d539d48a3dd57a61fc70f16ad9ada27fa1fe4ac87ad98c12b388b83e1f5a89bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136519
Date: Fri, 02 Dec 2022 14:53:28 GMT
Etag: "638980fb-1d7"
Expires: Sun, 04 Dec 2022 04:48:47 GMT
Last-Modified: Fri, 02 Dec 2022 04:37:15 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nk1WhGRk35HTCQaFdGNfIdsqm-mg3yWH7lUbLcf0LyX4BChde7XLLA==
Age: 692
cdn.iccu.com/inc/themes/ro-iccu/library/images/green-section-overlay.png
143.204.55.117200 OK 20 kB URL HTTP/2 cdn.iccu.com/inc/themes/ro-iccu/library/images/green-section-overlay.png
IP 143.204.55.117:0
File type PNG image data, 615 x 237, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d79826090d5d93e4f7c7491e1d707d3
4b474ad04bc09d2e126a2f1b28b540ec73c0aeeb
2baab3fdf9a17de4b9c624505d7afc44efc72db4c9ba881b8e1377a3a3ac6b19
GET /inc/themes/ro-iccu/library/images/green-section-overlay.png HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20155
date: Wed, 30 Nov 2022 19:19:37 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: b3f1304bc3623ae48d3ace987bb5136f
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "4ebb-5cd37a02a9de1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/themes/ro-iccu/library/images/green-section-overlay.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dWcIU4AD03EX_6vU5Xs0oi0w-hKq9CG_1c4KryFFQKRLkrhw6-4GnQ==
age: 156831
X-Firefox-Spdy: h2
cdn.iccu.com/inc/env.js?v=2022.10.28.1614
143.204.55.117200 OK 194 B URL HTTP/2 cdn.iccu.com/inc/env.js?v=2022.10.28.1614
IP 143.204.55.117:0
Hash 90ccacfe7eaa1fecd1109f4560a668ba
69952f529ba894ee425a5d03624f6a575965b1e9
559d16f1cf16a250cf0719e4ce987558313e316bbec5830cfdaac8e87f66978f
GET /inc/env.js?v=2022.10.28.1614 HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 194
date: Fri, 02 Dec 2022 01:38:26 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: fa3568456adc87f7f7c00fd90d764c49
last-modified: Fri, 28 Oct 2022 21:54:40 GMT
etag: "131-5ec1f4dfdd898-gzip"
content-encoding: gzip
expires: Sat, 31 Dec 2022 10:40:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/env.js?v=2022.10.28.1614
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rpkUbGbu-lRye-GWGuMd0NOPYLCEDqBo3Sf8n6XTQD5EsWE_cngBaw==
age: 47701
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/jquery.fittext.js
52.88.3.188200 OK 1.2 kB URL HTTP/2 www.iccu.com/template/library/js/jquery.fittext.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (2196), with no line terminators
Hash 686f2646cb2125ded76f2ef7e2445605
84c646ed032b19b87e4a8bc90d6d35ab93c33409
b9ad8028b8f2b959114ba955daf0b10db1298f1452e8e38c8af7a0fdee6bce0c
GET /template/library/js/jquery.fittext.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 1160
server: Pagely-ARES/1.10.15
x-gateway-request-id: 47e2349390ed2040297e09ec32325e05
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "894-5cd37a02accc1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/jquery.fittext.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/scripts.js?v=2022.10.28.1614
52.88.3.188200 OK 4.0 kB URL HTTP/2 www.iccu.com/template/library/js/scripts.js?v=2022.10.28.1614
IP 52.88.3.188:0
File type ASCII text, with very long lines (380)
Hash 1c6cb1276182a249f513883c09acc1be
748b019c0f95cc3a0be49330a5b106df85b58e03
eae4d9afdd0e3e0b2b21d0fcb067578b5d269d0db64524becfed6fa1df659c38
GET /template/library/js/scripts.js?v=2022.10.28.1614 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 3965
server: Pagely-ARES/1.10.15
x-gateway-request-id: baeb7fdc7c22b3c0946487f7b9113f1b
last-modified: Wed, 12 Oct 2022 17:41:07 GMT
etag: "3636-5ead9e5c19469-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/scripts.js?v=2022.10.28.1614
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/jquery.bxslider.min.js
52.88.3.188200 OK 5.2 kB URL HTTP/2 www.iccu.com/template/library/js/jquery.bxslider.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (19040)
Hash f3bb76407c4ed0999771c696cee77648
c2bddad0ff58bbd5eb917a5fc828fd5b829444c0
d305f8cedacf0afc7c21b85b8c1d31060c9daa99997aef4bd05883f1230a17c0
GET /template/library/js/jquery.bxslider.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 5162
server: Pagely-ARES/1.10.15
x-gateway-request-id: 661ec95c65df70cb453fdcd9b60ed709
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "4b9f-5cd37a02accc1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/jquery.bxslider.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.js
52.88.3.188200 OK 14 kB URL HTTP/2 www.iccu.com/template/library/js/libs/fancybox/jquery.fancybox.js
IP 52.88.3.188:0
Hash 711e2ae0ba4411cc4bb74bd9b04807f0
b33f3c310875a4854605c4069742ef4da52e1251
9c8d84c1d9442efa552a20abc517f5b6b66ce92e7edcc66f93b3c8de0474bb31
GET /template/library/js/libs/fancybox/jquery.fancybox.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 13922
server: Pagely-ARES/1.10.15
x-gateway-request-id: 1c0851ff3c70c98d8a69387eeb3f1765
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "be42-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/fancybox/jquery.fancybox.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/iccu-logo.png
52.88.3.188200 OK 7.8 kB URL HTTP/2 www.iccu.com/template/library/images/iccu-logo.png
IP 52.88.3.188:0
File type PNG image data, 190 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash be75cbac6644f4e1ef319a28b0f9f1d6
5ce2570715da934919333d4883e09c8037f6c418
277d5b050c33065d5a7cdb4d4198b57fdaa351eec68bb519db0d769296f79849
GET /template/library/images/iccu-logo.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/png
content-length: 7785
server: Pagely-ARES/1.10.15
x-gateway-request-id: c89ecf725d610b651600de721e20b2de
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "1e69-5cd37a02abd21"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/iccu-logo.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
52.88.3.188200 OK 541 B URL HTTP/2 www.iccu.com/modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (1021)
Hash 9ba2f383ea1a378a83af00a4337cbcc6
a10de9935b0ff0277d762bb8a0629fc828726bcd
f76bb0c386ae1d0ff3821e00787611655393c99631c66bc06d4d8d9405fd761f
GET /modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 541
server: Pagely-ARES/1.10.15
x-gateway-request-id: c451ddefed065e6e67bce5b96600150d
last-modified: Sat, 12 Mar 2022 23:17:49 GMT
etag: "636-5da0da7e7ee01-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/modules/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/libs/gmaps.min.js
52.88.3.188200 OK 8.9 kB URL HTTP/2 www.iccu.com/template/library/js/libs/gmaps.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (31160), with no line terminators
Hash a4c617df82eb36cc9efcb7dd9eace22a
1e9aa8fd7c63e37b4a558a4de3d8d378741eaac9
8308472eb0f1d53b41028b10ae34a2e466d287882020839f915e0798bc36520f
GET /template/library/js/libs/gmaps.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 8917
server: Pagely-ARES/1.10.15
x-gateway-request-id: 12d878957efed2ee9dec9dbe2e6d42ff
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "79b8-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/libs/gmaps.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/branches.js
52.88.3.188200 OK 0 B URL HTTP/2 www.iccu.com/template/library/js/branches.js
IP 52.88.3.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/library/js/branches.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 0
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2856e98632e976ee8aa52178e9df4692
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "0-5cd37a02accc1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/branches.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/lib/js/jquery/jquery.form.min.js
52.88.3.188200 OK 6.0 kB URL HTTP/2 www.iccu.com/lib/js/jquery/jquery.form.min.js
IP 52.88.3.188:0
File type ASCII text, with very long lines (15977), with no line terminators
Hash 7aeeb733430179288e8fc8c304eb76dd
4c5767819308499db85ab40d64c1f06dadd007a8
dd5150b0eb0b9d8f0969f3e47a4c17edcdd613862456c2b4575910e038ff22f5
GET /lib/js/jquery/jquery.form.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 5958
server: Pagely-ARES/1.10.15
x-gateway-request-id: 3037d7026e3e9c9356b1beda74220c73
last-modified: Tue, 15 Nov 2022 21:14:51 GMT
etag: "3e69-5ed88d8baa8c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/lib/js/jquery/jquery.form.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/login.js
52.88.3.188200 OK 472 B URL HTTP/2 www.iccu.com/template/library/js/login.js
IP 52.88.3.188:0
Hash 9b8611198e96f5fe45ea4141cf74e4a6
abc8a4d37a109727fe6acafbe843fcd8ea358072
92d1723bab81567ae2b86a16ad9a8051577ecf7e1742401c8be69c873968e333
GET /template/library/js/login.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 472
server: Pagely-ARES/1.10.15
x-gateway-request-id: c59e85b0c099808c29dafe7c57bc18f9
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "41e-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/login.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/html5shiv.js
52.88.3.188200 OK 1.2 kB URL HTTP/2 www.iccu.com/template/library/js/html5shiv.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (645)
Hash 028192673bfb699f9b0b9adf25f022b7
b8e3276bf7ad1649798595d22b47866259f2b8fe
97cdab837957cde45a7b1f2f30f6926350c2ba423cd35e1a1d20299a149d0f12
GET /template/library/js/html5shiv.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 1248
server: Pagely-ARES/1.10.15
x-gateway-request-id: d724e99b9dd90faaa905f261ffe216c1
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "97c-5cd37a02accc1-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/html5shiv.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/js/respond.min.js
52.88.3.188200 OK 2.2 kB URL HTTP/2 www.iccu.com/template/library/js/respond.min.js
IP 52.88.3.188:0
File type HTML document, ASCII text, with very long lines (4204)
Hash eccf4ce2ff9ef9387cbd68c16098da2c
b1d0936582b0477ce15e3aa9d35b308d191cdf9d
32859d2277095945e7584fdbd93b94417675462a4259d2ab65ca36fcafbb99f2
GET /template/library/js/respond.min.js HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: application/javascript
content-length: 2151
server: Pagely-ARES/1.10.15
x-gateway-request-id: a3ef72f3f4aebbf69b7602b00d75bac8
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "1119-5cd37a02adc61-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/js/respond.min.js
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/modules/column-shortcodes/assets/css/shortcodes.css
52.88.3.188200 OK 694 B URL HTTP/2 www.iccu.com/modules/column-shortcodes/assets/css/shortcodes.css
IP 52.88.3.188:0
File type ASCII text, with CRLF line terminators
Hash 8bcd953dec4e1a00c06f422bf7c092e7
a3dae6ce7633a8144569a8aa6c98d77e9f404d44
c3b8402cec0d8e9306078e352e66e9ff7ea2e895d12f6cc9a8101ad2e4cd9769
GET /modules/column-shortcodes/assets/css/shortcodes.css HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: text/css
content-length: 694
server: Pagely-ARES/1.10.15
x-gateway-request-id: 04c7df4979e96a846735ab0248db7c6a
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "c71-5cd37a0252f3f-gzip"
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/modules/column-shortcodes/assets/css/shortcodes.css
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/fonts/PN-Regular.woff
52.88.3.188200 OK 57 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Regular.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 57260, version 2.3\012- data
Hash 40a7c5c7e81cedde9cc68d5a26d72552
7d0468c2607f929e3edbcf5e77ed0400b8ca221e
1d54edce75dd642fa65d1d2abf50bdb753117da33b274bba116a626b5839d9c8
GET /template/library/fonts/PN-Regular.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: font/woff
content-length: 57260
server: Pagely-ARES/1.10.15
x-gateway-request-id: 596343e4d0647e2c8d6d3cddc3d15bf0
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "dfac-5cd37a02a4021"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Regular.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Fri, 02 Dec 2022 14:53:28 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sat, 03 Dec 2022 13:53:09 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UGtCC8EWweDBH9_-YoHZqaTW_cUTVZvpvQNtUUgcwdkdEFhCu71R0Q==
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/smallGreenHump.png
52.88.3.188200 OK 693 B URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/smallGreenHump.png
IP 52.88.3.188:0
File type PNG image data, 123 x 26, 8-bit colormap, non-interlaced\012- data
Hash 0a16125594770ba6c98517e8c10cfaa2
fd6d49da706c4af6a0baf6a5c42bd3d5612632b5
9cad4e384c0705fee89906b6f469b12b8f3f8eee558eaf3a914be26556e8d975
GET /wp-content/uploads/2018/04/smallGreenHump.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/png
content-length: 693
server: Pagely-ARES/1.10.15
x-gateway-request-id: 4bd23cb7ac99b78c4b78bf7fd1423379
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "2b5-5cd37a0412389"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/smallGreenHump.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/whiteHump.png
52.88.3.188200 OK 928 B URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/whiteHump.png
IP 52.88.3.188:0
File type PNG image data, 198 x 47, 8-bit colormap, non-interlaced\012- data
Hash 1bb6d4e0f2b639acc42990b53936ef88
53a7c005a77a79e005d1d77d26f262810a6c8f01
963b3ce0f3b28e70452e781c268740099a3a5f1f15373bd44e2ea3b165bb25aa
GET /wp-content/uploads/2018/04/whiteHump.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/png
content-length: 928
server: Pagely-ARES/1.10.15
x-gateway-request-id: 39dfdd4c82a87919ce5373b8b82bb814
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "3a0-5cd37a0412389"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/whiteHump.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/greenHump.png
52.88.3.188200 OK 875 B URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/greenHump.png
IP 52.88.3.188:0
File type PNG image data, 198 x 47, 8-bit colormap, non-interlaced\012- data
Hash d273c8f38498e78e39cecdc266f088f4
49f4889a33182d04b5585b59790fe0a2e7cdafcc
5f8b15bcd22a660dd9b43abcceac5a884f40c1b105ec67eeed99053647a2a3eb
GET /wp-content/uploads/2018/04/greenHump.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/png
content-length: 875
server: Pagely-ARES/1.10.15
x-gateway-request-id: 9d8a3e8d4c2e9510a61f0036d99c88b0
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "36b-5cd37a04113e9"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/greenHump.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg
52.88.3.188200 OK 212 kB URL HTTP/2 www.iccu.com/wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg
IP 52.88.3.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 212 kB (212509 bytes)
Hash c9678c7f5a377c529e60cd2cec89c609
c972114ff40568ae1a522121d2017430a37482ff
4e0ce6477fa0592b330374eb88b772a98db2639a920785166b8bb87696cf32cc
GET /wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/jpeg
content-length: 212509
server: Pagely-ARES/1.10.15
x-gateway-request-id: 0fc59b923ca78f40b48024ed05d5aeb4
last-modified: Thu, 30 Sep 2021 14:54:39 GMT
etag: "33e1d-5cd37a0412389"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/wp-content/uploads/2018/04/shutterstock_179752877_reduced_green.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.evgnet.com/beacon/idahoccu/idahoccu/scripts/evergage.min.js
151.101.64.114200 OK 46 kB URL HTTP/2 cdn.evgnet.com/beacon/idahoccu/idahoccu/scripts/evergage.min.js
IP 151.101.64.114:0
File type ASCII text, with very long lines (594)
Hash e243e8ec57e1aa473dc8b94efcd22d21
64cf8734f133cff8ad9f36a28479f3621647b9af
489ace076435a44f46011c23b9d57e193dfd72733d3a18621f358348dab593c0
GET /beacon/idahoccu/idahoccu/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0Wfe2+9DCF07FpZ9JZcbf4WzK/xKdAsGAcRk4UWspOdPvTvLJyy9xSKHFaqGUqzgeOIJdjOROf8=
x-amz-request-id: 49ZQ2TCSRNHRE5QN
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Nov 2022 16:53:47 GMT
etag: "e243e8ec57e1aa473dc8b94efcd22d21"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 16
x-amz-meta-evergage-sum: 3e4eb9a21d26e3905cc09524ae1e62d53ef76672
x-amz-version-id: LCBHMnGE4xwQiSfAyUdMvNIazNvwfJuD
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Dec 2022 14:53:28 GMT
age: 45
x-served-by: cache-iad-kjyo7100059-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1669992809.758417,VS0,VE91
vary: Accept-Encoding
timing-allow-origin: *
content-length: 45931
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba3adf1de8b7fa9ce9c840bf2ba314e0
af62876b885bd23f0d9bf64d09dff1b4142978a4
88d0dcbbecbaf0db4ae60e94f218b4221e9d3a9df5ee2e8f2263bbbc6326917b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5494
Cache-Control: max-age=149234
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:28 GMT
Etag: "63899fe4-1d7"
Expires: Sun, 04 Dec 2022 08:20:42 GMT
Last-Modified: Fri, 02 Dec 2022 06:49:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.iccu.com/template/library/fonts/PN-Semibold.woff
52.88.3.188200 OK 57 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Semibold.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 57272, version 2.3\012- data
Hash d9b5bcfc35fdb6d396802d77cfd653ab
69aa33f4cf2d06eeb4049ca9c202f835071f2a24
72e4e99a5820302ea169be3ee1d39f75b288258baedf6311cdccc504ff11a079
GET /template/library/fonts/PN-Semibold.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: font/woff
content-length: 57272
server: Pagely-ARES/1.10.15
x-gateway-request-id: 33968a0b492a5c6e42d4a9df70962efa
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "dfb8-5cd37a02a4fc1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Semibold.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/css/fonts/icomoon.woff2?nwfys3
52.88.3.188200 OK 15 kB URL HTTP/2 www.iccu.com/template/library/css/fonts/icomoon.woff2?nwfys3
IP 52.88.3.188:0
File type Web Open Font Format (Version 2), TrueType, length 15184, version 1.0\012- data
Hash 375dde6977aa255d1b954f3dda483adc
d750a2a2a78842d60acf520faf8aecfba8a93b3f
b599ea6c6fb82de03e4eee221c06618f8b50c65c28787eba2c8045d7873562f1
GET /template/library/css/fonts/icomoon.woff2?nwfys3 HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/icomoon.css
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: font/woff2
content-length: 15184
server: Pagely-ARES/1.10.15
x-gateway-request-id: a56c45de72225a22538b0ebfe7e15ab8
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "3b50-5cd37a02a01a1"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/css/fonts/icomoon.woff2?nwfys3
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba3adf1de8b7fa9ce9c840bf2ba314e0
af62876b885bd23f0d9bf64d09dff1b4142978a4
88d0dcbbecbaf0db4ae60e94f218b4221e9d3a9df5ee2e8f2263bbbc6326917b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5494
Cache-Control: max-age=149234
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:28 GMT
Etag: "63899fe4-1d7"
Expires: Sun, 04 Dec 2022 08:20:42 GMT
Last-Modified: Fri, 02 Dec 2022 06:49:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba3adf1de8b7fa9ce9c840bf2ba314e0
af62876b885bd23f0d9bf64d09dff1b4142978a4
88d0dcbbecbaf0db4ae60e94f218b4221e9d3a9df5ee2e8f2263bbbc6326917b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5659
Cache-Control: max-age=149399
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:28 GMT
Etag: "63899fe4-1d7"
Expires: Sun, 04 Dec 2022 08:23:27 GMT
Last-Modified: Fri, 02 Dec 2022 06:49:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
jelly.mdhv.io/v1/star.gif?pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&evt=hi>mcb=584501614
216.239.32.21307 Temporary Redirect 193 B URL HTTP/2 jelly.mdhv.io/v1/star.gif?pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&evt=hi>mcb=584501614
IP 216.239.32.21:0
File type HTML document, ASCII text
Hash 9ffc1bc6923a889b58ecca6cd0155602
aa7b944f58236739a715888761d46d6ce7254b64
9623e86ad2b2d223435f8ddb22614b6b7f8ec49883667181aa1dc259f0cda75f
GET /v1/star.gif?pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&evt=hi>mcb=584501614 HTTP/1.1
Host: jelly.mdhv.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=utf-8
location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi>mcb=584501614&pid=k68xTQf5KLBLY7g6WVq8X5QX7IFv&src=mh&tx=b197eaa7-d5d8-4f2a-abf0-39bc04d7fd0b
x-cloud-trace-context: 8627ab349dddb5ac41c3ffe1e824e0a9
date: Fri, 02 Dec 2022 14:53:28 GMT
server: Google Frontend
content-length: 193
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-37JPF553KD>m=2oebu0&_p=2124001723&_gaz=1&cid=1546443691.1669992807&ul=en-us&sr=1280x1024&_s=1&sid=1669992806&sct=1&seg=0&dl=https%3A%2F%2Fwww.iccu.com%2F&dt=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-37JPF553KD>m=2oebu0&_p=2124001723&_gaz=1&cid=1546443691.1669992807&ul=en-us&sr=1280x1024&_s=1&sid=1669992806&sct=1&seg=0&dl=https%3A%2F%2Fwww.iccu.com%2F&dt=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37JPF553KD>m=2oebu0&_p=2124001723&_gaz=1&cid=1546443691.1669992807&ul=en-us&sr=1280x1024&_s=1&sid=1669992806&sct=1&seg=0&dl=https%3A%2F%2Fwww.iccu.com%2F&dt=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.iccu.com
date: Fri, 02 Dec 2022 14:53:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/cm/i?pid=4f35f424-49c8-4fe3-8e39-57f403fa9f72&u_scsid=eb0d6ee1-f350-4e1f-af1c-a4c3b71849fa&u_sclid=6f5fedca-8ba3-49de-97d7-d6713289a9ec
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=4f35f424-49c8-4fe3-8e39-57f403fa9f72&u_scsid=eb0d6ee1-f350-4e1f-af1c-a4c3b71849fa&u_sclid=6f5fedca-8ba3-49de-97d7-d6713289a9ec
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=4f35f424-49c8-4fe3-8e39-57f403fa9f72&u_scsid=eb0d6ee1-f350-4e1f-af1c-a4c3b71849fa&u_sclid=6f5fedca-8ba3-49de-97d7-d6713289a9ec HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
access-control-allow-origin: https://www.iccu.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQIKOoOSds7RUcP3tRIlYY22HZ8VnLw04dJV5c5TMTVSSxfY//E4juJTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 7
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-37JPF553KD&cid=1546443691.1669992807>m=2oebu0&aip=1
108.177.14.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-37JPF553KD&cid=1546443691.1669992807>m=2oebu0&aip=1
IP 108.177.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37JPF553KD&cid=1546443691.1669992807>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.iccu.com
date: Fri, 02 Dec 2022 14:53:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba3adf1de8b7fa9ce9c840bf2ba314e0
af62876b885bd23f0d9bf64d09dff1b4142978a4
88d0dcbbecbaf0db4ae60e94f218b4221e9d3a9df5ee2e8f2263bbbc6326917b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5494
Cache-Control: max-age=149234
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:28 GMT
Etag: "63899fe4-1d7"
Expires: Sun, 04 Dec 2022 08:20:42 GMT
Last-Modified: Fri, 02 Dec 2022 06:49:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/static/main.MWZjZmU3YWYyMA.js
95.101.10.128200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWZjZmU3YWYyMA.js
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21716)
Hash 8458ad0742c3d27ee850e25cda07a7f4
3bf1d2906a26efebef5a0b93deebaa05499154b1
6ddeca66ed8aee6389e7fff8eaacae748b7514f510d498150af43c2cd87955cd
GET /i18n/pixel/static/main.MWZjZmU3YWYyMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: _ttp=2IMYEe9XKXEBcfGopk5EBgZCvUf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202212011645193070A82F69D81AFFDCDE
x-tt-trace-host: 01ca4ab5944141049dd91beccec543ea55def027f5422df15d49bbe9049f86006a64301f92620d1a1d6e9dc6c89507aa2a59a337d7673279b1298301e0e8b29bcc032ad09a764aab8d6a30a6bd1c997e77
content-encoding: gzip
content-length: 66533
date: Fri, 02 Dec 2022 14:53:28 GMT
x-cache: TCP_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 51fbf1bc
X-Firefox-Spdy: h2
www.iccu.com/template/library/fonts/PN-Light.woff
52.88.3.188200 OK 57 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Light.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 57340, version 2.3\012- data
Hash 1eb197fea0cd5a6b704c69860aa15c1c
474fe8af6a90f241442804b25a7651c90d102381
4efa8c23eca941196761a29a78e304110e90c893dd2b48ec1a219e7a28c99553
GET /template/library/fonts/PN-Light.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: font/woff
content-length: 57340
server: Pagely-ARES/1.10.15
x-gateway-request-id: f3657ca9bee99cb91bb4ce7c3303a107
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "dffc-5cd37a02a4021"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Light.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/fonts/PN-Thin.woff
52.88.3.188200 OK 56 kB URL HTTP/2 www.iccu.com/template/library/fonts/PN-Thin.woff
IP 52.88.3.188:0
File type Web Open Font Format, CFF, length 55576, version 2.3\012- data
Hash 3a9176172ca0f43f450f1a7c0cebd032
d7f768234141ac4ac661b39b08cdcd528e1fcfd5
851bfc7968130cd0610a19365a0729fe91a97b3a8b4cc924368d361d0df51a10
GET /template/library/fonts/PN-Thin.woff HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: font/woff
content-length: 55576
server: Pagely-ARES/1.10.15
x-gateway-request-id: 0905d29cee6f730eade97819565a1849
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "d918-5cd37a02a6f01"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/fonts/PN-Thin.woff
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/bx_loader.gif
52.88.3.188200 OK 5.6 kB URL HTTP/2 www.iccu.com/template/library/images/bx_loader.gif
IP 52.88.3.188:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 77b8e992a3b89d8f8c6f3018b39152b8
fbf66db9e5e75afa60632543da6145f0781dd872
1781afbfbb64bbf86ab6ed3d0d8fc9755226c8bd76376df95424dc5538d4c4c7
GET /template/library/images/bx_loader.gif HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/jquery.bxslider.css
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/gif
content-length: 5615
server: Pagely-ARES/1.10.15
x-gateway-request-id: dabce3c979edb038e6a690d0b2cfd26e
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "15ef-5cd37a02a8e41"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/bx_loader.gif
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/static/identify_a7248.js
95.101.10.128200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_a7248.js
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 456771bfcd005f789dbfad5de8749f70
ea095c615c325edbf7c58b2e42f5364824df1db4
4ee65cef170f3f53f59faa04192040ec97ac6686a82de642e174a9ca92f4a30c
GET /i18n/pixel/static/identify_a7248.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: _ttp=2IMYEe9XKXEBcfGopk5EBgZCvUf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202211300604258E56A6F1193C78995BC8
x-tt-trace-host: 01300415901c0624de0b343e214cee4ba5fbccd7fa18c01108901b60df2fcc1fc86469c91f71cf8e7c2cf1ea2e151cba803b4337b5997854659b5910f3f01d4a6e79e3549e097a8d179d9043c6de35a76b
content-encoding: gzip
content-length: 30739
date: Fri, 02 Dec 2022 14:53:29 GMT
x-cache: TCP_MEM_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 51fbf218
X-Firefox-Spdy: h2
www.iccu.com/template/library/images/down-arrow.svg
52.88.3.188200 OK 895 B URL HTTP/2 www.iccu.com/template/library/images/down-arrow.svg
IP 52.88.3.188:0
Hash db7d057624027055361893e92a83f862
448b293b33af78b67dc05f4493b1306400d2c155
02557f060992b5b2be8531949b7b260d8324dab54d9e4739be5c578e26078d43
GET /template/library/images/down-arrow.svg HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/template/library/css/redolive.css?v=2022.4.12.1246
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: Pagely-ARES/1.10.15
x-gateway-request-id: 6789bff62c542ae4d0e217381b86024c
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: W/"257-5cd37a02a8e41"
expires: Fri, 30 Dec 2022 19:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/down-arrow.svg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
content-encoding: gzip
X-Firefox-Spdy: h2
collector-21348.us.tvsquared.com/tv2track.js
3.13.183.0200 OK 8.5 kB URL HTTP/1.1 collector-21348.us.tvsquared.com/tv2track.js
IP 3.13.183.0:0
File type ASCII text, with very long lines (1162)
Hash 0dfa43ce95b39a456eae5449442aff6e
f5a7a9573c38d97cb3c7d8d811b8b6707a7f2d88
3135834b3c8b03e052d94f9b63cf3f796ff4a3077256dd1daddc16d5c204306a
GET /tv2track.js HTTP/1.1
Host: collector-21348.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 14:53:29 GMT
ETag: "6306051b-2133"
Expires: Fri, 02 Dec 2022 15:03:29 GMT
Last-Modified: Wed, 24 Aug 2022 11:01:47 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
href.li/?https://iccu.com/
192.0.78.27200 OK 663 B URL HTTP/2 href.li/?https://iccu.com/
IP 192.0.78.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 75a5db662e034e5ce5eb9f1442a6bd18
c5cf5663411e0d5b42e1de1f726e5426935e4ec7
d0da45a7d85d48558d6e5095d1e61b4b22c21f21cb6077495d91f59307e82e76
GET /?https://iccu.com/ HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 14:53:23 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca BYPASS
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 701
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: _ttp=2IMYEe9XKXEBcfGopk5EBgZCvUf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221202145329C0A3CC312BBC312D890E
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6a2a54c5890960548a8a1e2e0a2153b7985455160de5020121ce9099bc1d0223bf46d26187a30be9342cfb79cb21e5e318bbad17156e0f345b743033b16c1d2c2
expires: Fri, 02 Dec 2022 14:53:29 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Dec 2022 14:53:29 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=9, origin; dur=136
x-origin-response-time: 136,95.101.10.124
x-akamai-request-id: 51fbf237
X-Firefox-Spdy: h2
collector-21348.us.tvsquared.com/tv2track.php?action_name=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&idsite=TV-7281635418-1&rec=1&r=274821&h=14&m=53&s=27&url=https%3A%2F%2Fwww.iccu.com%2F&_id=b0aabdcfb486d0c7&_idts=1669992807&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1833
3.13.183.0200 OK 42 B URL HTTP/1.1 collector-21348.us.tvsquared.com/tv2track.php?action_name=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&idsite=TV-7281635418-1&rec=1&r=274821&h=14&m=53&s=27&url=https%3A%2F%2Fwww.iccu.com%2F&_id=b0aabdcfb486d0c7&_idts=1669992807&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1833
IP 3.13.183.0:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&idsite=TV-7281635418-1&rec=1&r=274821&h=14&m=53&s=27&url=https%3A%2F%2Fwww.iccu.com%2F&_id=b0aabdcfb486d0c7&_idts=1669992807&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1833 HTTP/1.1
Host: collector-21348.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Fri, 02 Dec 2022 14:53:29 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: 0ea0c852-4b2b-43f3-85d4-945cabcef030
Server: nginx
Content-Length: 42
Connection: keep-alive
cdn.iccu.com/inc/uploads/2022/11/2022-holiday-rewards-slider.webp
143.204.55.117200 OK 53 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/11/2022-holiday-rewards-slider.webp
IP 143.204.55.117:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69ce75610cc6095890e707de58a70cfe
c5b14493f0909758592ba63df58b63bed7a21b6d
57cd46800651071f922837f1b81c23d3053b96510b0066a0557d1f86b08c6051
GET /inc/uploads/2022/11/2022-holiday-rewards-slider.webp HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 53164
date: Fri, 02 Dec 2022 14:53:29 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: 15e26ff4441b56ecef486acd534657ba
last-modified: Mon, 14 Nov 2022 17:39:19 GMT
etag: "cfac-5ed71b81d27a5"
expires: Sun, 01 Jan 2023 11:39:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/inc/uploads/2022/11/2022-holiday-rewards-slider.webp
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QpP_5eDsMerkgkuydDOcZpDrmvCtU_-wbVCtIhS4LTBwaiOJ_8eRuw==
X-Firefox-Spdy: h2
idahoccu.us-1.evergage.com/pr?.top=446&action=Homepage&.tt=427&.ttdns=14&.dt=5296&.btdns=12&.bv=16&_ak=idahoccu&_ds=idahoccu&.scv=56&channel=Web&_r=937548&.anonId=31a8a6269513474b&_anon=true
18.214.34.47204 No Content 0 B URL HTTP/2 idahoccu.us-1.evergage.com/pr?.top=446&action=Homepage&.tt=427&.ttdns=14&.dt=5296&.btdns=12&.bv=16&_ak=idahoccu&_ds=idahoccu&.scv=56&channel=Web&_r=937548&.anonId=31a8a6269513474b&_anon=true
IP 18.214.34.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pr?.top=446&action=Homepage&.tt=427&.ttdns=14&.dt=5296&.btdns=12&.bv=16&_ak=idahoccu&_ds=idahoccu&.scv=56&channel=Web&_r=937548&.anonId=31a8a6269513474b&_anon=true HTTP/1.1
Host: idahoccu.us-1.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Cookie: AWSALBCORS=rmk3nfBqJN9itjb3nKKQrb4Iacn4Xg5mTRGmAYOyNpEc/fYYWPxCqZAR65HiOwF0hyfQ7tcCf73/w6t3qpHDvls4O+CHMX9jL8QTC6k++Mk2tXc0IHhNrz+LvBKp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 14:53:29 GMT
set-cookie: AWSALB=ys6eim/CynytGjqKYJoQ2PRIbzK7t4tgINUz48Ss4UzFHY8IXzO9OiEK/589u2mV1W6rPJj+S9z1bnajVdy0XcSeAyiuiWZGvJ9zJ/sSYwE/eUhieNTwiRUoveD7; Expires=Fri, 09 Dec 2022 14:53:29 GMT; Path=/
AWSALBCORS=ys6eim/CynytGjqKYJoQ2PRIbzK7t4tgINUz48Ss4UzFHY8IXzO9OiEK/589u2mV1W6rPJj+S9z1bnajVdy0XcSeAyiuiWZGvJ9zJ/sSYwE/eUhieNTwiRUoveD7; Expires=Fri, 09 Dec 2022 14:53:29 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.iccu.com
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/10/medicare-AEP-slider.jpg
143.204.55.117200 OK 152 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/10/medicare-AEP-slider.jpg
IP 143.204.55.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x800, components 3\012- data
Size 152 kB (152053 bytes)
Hash abb51f9d5700eb19ee344716d0778f19
3299a57a55b08296921c8de478f9c4fbbfd17a9d
cf9aa4915b2c68f7f616fc4fbaf7ff698dffac44952fec27261c4c982760ac1a
GET /inc/uploads/2022/10/medicare-AEP-slider.jpg HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 152053
date: Fri, 02 Dec 2022 14:53:29 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: 1534f69fc1caabbd41c67b5110ae63e6
last-modified: Mon, 17 Oct 2022 16:23:48 GMT
etag: "251f5-5eb3d667e662b"
expires: Sun, 01 Jan 2023 11:09:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/inc/uploads/2022/10/medicare-AEP-slider.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HevF_TYN2DDYXGwV2lgHdD0wh9ajYIVemxpTPxCy8G7D7lufKCU_Ug==
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg
143.204.55.117200 OK 272 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg
IP 143.204.55.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x800, components 3\012- data
Size 272 kB (272090 bytes)
Hash 5921951f4f56f3ae73a9551ee0fddbb9
86db9e29ca111a03ad9f15ec91b6f913af4d57f9
55c074df6cd717efa5b6eff8d0b9fa65f70808bc7c0dad5a8ccb5b2d874311fd
GET /inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 272090
date: Fri, 02 Dec 2022 14:53:29 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: 89d3bb59c2ff4cd91095cef91fa159b1
last-modified: Tue, 01 Nov 2022 16:11:30 GMT
etag: "426da-5ec6afa1fda74"
expires: Sun, 01 Jan 2023 09:23:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.67||https|www.iccu.com|||/inc/uploads/2022/11/nov-dec-new-member-2022-slider.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UZ-sjyYcB95AD3CZKN11LTn58HKtMLf9HoiQarWI0kAXjzmzIpgJXQ==
X-Firefox-Spdy: h2
cdn.iccu.com/inc/uploads/2022/10/north-spokane-slider.webp
143.204.55.117200 OK 300 kB URL HTTP/2 cdn.iccu.com/inc/uploads/2022/10/north-spokane-slider.webp
IP 143.204.55.117:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 300 kB (299820 bytes)
Hash fb2184ac53d92d6ce52672916086cbcd
20bcbcc4837deaf63b6ed4c5fe0cb163fd813852
593f5b2717cf856e467c04678382a787707d3be5d230a3ae09780bb045c77a10
GET /inc/uploads/2022/10/north-spokane-slider.webp HTTP/1.1
Host: cdn.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 299820
date: Fri, 02 Dec 2022 14:53:29 GMT
server: Pagely-ARES/1.10.15
x-gateway-request-id: b8f3dccae52389fc64b4ec49507a44ab
last-modified: Tue, 25 Oct 2022 21:37:41 GMT
etag: "4932c-5ebe2b7c0356a"
expires: Sun, 01 Jan 2023 10:51:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/inc/uploads/2022/10/north-spokane-slider.webp
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R1p5UAzU7KSwcDW7-aePzzkC1fPEOqsTQxe-NrGUN-ZNyCy6ewN3NQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 958 B IP 93.184.220.29:0
Hash 888c4ca4979b42a0b010f719747574e8
51c3769ac0b5f8410346416b21e6d99c3e06f249
2eeed66082db7cf24b99230f76eceaa6aafec22e148cee49a42fb9ec912135b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5453
Cache-Control: max-age=123638
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:29 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:14:07 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=0CD83C738FA26E44144E2E1D8E576FDF; domain=.bing.com; expires=Wed, 27-Dec-2023 14:53:29 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 481BDF3951AA4F23813EDAA8D8A923FA Ref B: OSL30EDGE0219 Ref C: 2022-12-02T14:53:29Z
date: Fri, 02 Dec 2022 14:53:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/922652299/?random=1669992806878&cv=11&fst=1669992806878&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&auid=297729671.1669992806&rfmt=3&fmt=4
142.250.74.98200 OK 883 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/922652299/?random=1669992806878&cv=11&fst=1669992806878&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&auid=297729671.1669992806&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (1885), with no line terminators
Hash e0044d51ada2e8535d8dd7a14fec7fc4
12de450318dcb17f2a66a519af7d7ca406e59dec
0116417644125960409358e060b861041baa26e5bcea978bcbf682291c71ef1f
GET /pagead/viewthroughconversion/922652299/?random=1669992806878&cv=11&fst=1669992806878&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&auid=297729671.1669992806&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 14:53:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 883
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Dec-2022 15:08:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=GTM-NNR2J8L
216.239.34.178200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-NNR2J8L
IP 216.239.34.178:0
File type ASCII text, with very long lines (1921)
Hash 46c3907c55d27d20a0dc52a52d2463cd
30fcd0eef3336326f307a42c2a10e9f13a1c4850
257de29583870783707105db2a21f886968339a393cbb6d929243bf9f1102fac
GET /gtm/optimize.js?id=GTM-NNR2J8L HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 14:53:29 GMT
expires: Fri, 02 Dec 2022 14:53:29 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: OjezHZ2m9PL+6iXxjO2PpImzWHrIrWEcgRWwGen8xekMidfxbYLeCJPNFGIMTUdxEA03lEq+F2dEzGM/tZuw4A==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Fri, 02 Dec 2022 14:53:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37JPF553KD&cid=1546443691.1669992807>m=2oebu0&aip=1&z=1200101046
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37JPF553KD&cid=1546443691.1669992807>m=2oebu0&aip=1&z=1200101046
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37JPF553KD&cid=1546443691.1669992807>m=2oebu0&aip=1&z=1200101046 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 14:53:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5602
Cache-Control: max-age=123786
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:30 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:16:36 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.10200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.10:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 02 Dec 2022 14:53:30 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.iccu.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.iccu.com/template/library/images/apple-icon-touch.png
52.88.3.188200 OK 859 B URL HTTP/2 www.iccu.com/template/library/images/apple-icon-touch.png
IP 52.88.3.188:0
File type PNG image data, 129 x 129, 8-bit colormap, non-interlaced\012- data
Hash 2312274243580ec097982784e78fa4be
774e1cca659c43d7258a876c2c5ee5ad115209b1
03294dd31589f8331a9c6249eba2228e0e049c335a7823466438eaa84e6acde0
GET /template/library/images/apple-icon-touch.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807; _schn=_tyquce; _scid=de4e1779-1698-4021-87ba-a3cf7258f8dc; _sfid_4bb8={%22anonymousId%22:%2231a8a6269513474b%22%2C%22consents%22:[]}; _evga_2114={%22uuid%22:%2231a8a6269513474b%22}; _tq_id.TV-7281635418-1.6370=b0aabdcfb486d0c7.1669992807.0.1669992807..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:29 GMT
content-type: image/png
content-length: 859
server: Pagely-ARES/1.10.15
x-gateway-request-id: 29ca0106bb508d51c506b47e792e58d3
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "35b-5cd37a02a7ea1"
expires: Sun, 01 Jan 2023 11:54:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/library/images/apple-icon-touch.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.iccu.com/template/favicon.png
52.88.3.188200 OK 4.6 kB URL HTTP/2 www.iccu.com/template/favicon.png
IP 52.88.3.188:0
File type PNG image data, 100 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 02f5f86808d0fd3b59a9fcdb88e3ad02
2d849bd67e68f1f0d635bf074584c31d33c78ed8
16a37dc19eb0dcf637799a0c6f93165a0c239ab22073a817e6338cc4eea340ba
GET /template/favicon.png HTTP/1.1
Host: www.iccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.iccu.com/
Connection: keep-alive
Cookie: PHPSESSID=9kfq4ipceidp8bdl9vco0br69r; _gcl_au=1.1.297729671.1669992806; _ga_37JPF553KD=GS1.1.1669992806.1.0.1669992806.60.0.0; _ga=GA1.1.1546443691.1669992807; _schn=_tyquce; _scid=de4e1779-1698-4021-87ba-a3cf7258f8dc; _sfid_4bb8={%22anonymousId%22:%2231a8a6269513474b%22%2C%22consents%22:[]}; _evga_2114={%22uuid%22:%2231a8a6269513474b%22}; _tq_id.TV-7281635418-1.6370=b0aabdcfb486d0c7.1669992807.0.1669992807..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:29 GMT
content-type: image/png
content-length: 4568
server: Pagely-ARES/1.10.15
x-gateway-request-id: a70843377d8b107db5eebeb0078ea504
last-modified: Thu, 30 Sep 2021 14:54:37 GMT
etag: "11d8-5cd37a029f201"
expires: Fri, 30 Dec 2022 19:17:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-gateway-cache-key: 1669835831.674||https|www.iccu.com|||/template/favicon.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash d209d98d37ccf7f59237441db55fc9df
0e86976b9ab83423f42f26fbfcd0a93741c39fad
3794d17f01c38cf55d806b50038b4266962fe9cb36da1a943d7a30dad4395a42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140486
Date: Fri, 02 Dec 2022 14:53:30 GMT
Etag: "63897b39-1d7"
Expires: Sun, 04 Dec 2022 05:54:56 GMT
Last-Modified: Fri, 02 Dec 2022 04:12:41 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fKcl-f_w2Acwuj1OktW2xlng6jnjwWHpvlfRVaQ_457njwOI9IXyBw==
Age: 6135
bat.bing.com/action/0?ti=14005490&tm=gtm002&Ver=2&mid=a17f9db0-1464-4a74-8f6f-1765e2457aa7&sid=149cc8d0725111ed947a675a9f75f418&vid=149ce040725111eda6bbff2c0137dbf1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&p=https%3A%2F%2Fwww.iccu.com%2F&r=<=5296&evt=pageLoad&sv=1&rn=224814
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=14005490&tm=gtm002&Ver=2&mid=a17f9db0-1464-4a74-8f6f-1765e2457aa7&sid=149cc8d0725111ed947a675a9f75f418&vid=149ce040725111eda6bbff2c0137dbf1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&p=https%3A%2F%2Fwww.iccu.com%2F&r=<=5296&evt=pageLoad&sv=1&rn=224814
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=14005490&tm=gtm002&Ver=2&mid=a17f9db0-1464-4a74-8f6f-1765e2457aa7&sid=149cc8d0725111ed947a675a9f75f418&vid=149ce040725111eda6bbff2c0137dbf1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&p=https%3A%2F%2Fwww.iccu.com%2F&r=<=5296&evt=pageLoad&sv=1&rn=224814 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3D06D9817EC066E71613CBEF7F356738; domain=.bing.com; expires=Wed, 27-Dec-2023 14:53:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C82E8893816444DAFF04F2C1D1D59B9 Ref B: OSL30EDGE0219 Ref C: 2022-12-02T14:53:30Z
date: Fri, 02 Dec 2022 14:53:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 14:53:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/922652299/?random=1669992806878&cv=11&fst=1669989600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&fmt=3&is_vtc=1&random=1900199933&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/922652299/?random=1669992806878&cv=11&fst=1669989600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&fmt=3&is_vtc=1&random=1900199933&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/922652299/?random=1669992806878&cv=11&fst=1669989600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.iccu.com%2F&tiba=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&fmt=3&is_vtc=1&random=1900199933&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 14:53:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/14005490.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/14005490.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/14005490.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3561B48149E669D61DC9A6EF48136856; domain=.bing.com; expires=Wed, 27-Dec-2023 14:53:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A011E26958B4DE7862244B06E310E94 Ref B: OSL30EDGE0219 Ref C: 2022-12-02T14:53:30Z
date: Fri, 02 Dec 2022 14:53:29 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/events.js
34.238.229.64200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 34.238.229.64:0
File type ASCII text, with very long lines (16677)
Hash f8514c016abb7bd90963e8394556768f
a2d55fd548d19224f35d14a190aceb6bac7c7e31
516f53f4182502cd52998a3778e48a6a002853ed2d42ba84d747d3abfc726f6e
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Fri, 02 Dec 2022 14:53:30 GMT
Set-Cookie: sa-user-id=s%3A0-8a7b2660-3613-4111-6326-aab20b45088f.6Ew6ZBKuz2IMMTwjo9lKnZIULnxnFW0O83gZn%2BIFs3w; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AinsmYDYTQRFjJqqyC0UIj1taKpo.EiUqNxlwwvw1HWXClGjHNJVgv31MP3xzA9J11CZ60iY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5384
Connection: keep-alive
tags.srv.stackadapt.com/sa.css
34.238.229.64200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 34.238.229.64:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Fri, 02 Dec 2022 14:53:30 GMT
Content-Length: 27
Connection: keep-alive
tr.snapchat.com/collector/is_enabled?pids=4f35f424-49c8-4fe3-8e39-57f403fa9f72&tld=com
35.190.43.134200 OK 143 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=4f35f424-49c8-4fe3-8e39-57f403fa9f72&tld=com
IP 35.190.43.134:0
Hash 135c2eb221f961b7141d3ef4c9cc39ca
8f32193f4916fca93c9dffdb849a3eb0cc3a8c8f
83bd8c38731c4a9bda48a001ad4e77829fabc74274e8ba145d95e078b7914494
GET /collector/is_enabled?pids=4f35f424-49c8-4fe3-8e39-57f403fa9f72&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:28 GMT
access-control-allow-origin: https://www.iccu.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
34.238.229.64200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 34.238.229.64:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 3e51eaeb23182f34abe5754e5609f171
69311dffe80e16248ae6438ea594fd7ebcf99937
003d6bf5ca635bba6af6a81186ee7fe3016814ca3e3f7d81d6cac3f682ab5098
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Fri, 02 Dec 2022 14:53:30 GMT
Content-Length: 651
Connection: keep-alive
www.facebook.com/tr/?id=1599075523726654&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669992809041&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669992809040.1658647186&it=1669992808263&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=1599075523726654&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669992809041&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669992809040.1658647186&it=1669992808263&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 7bf710cd8dba79f07242ae351c3d6b42
71ce343d8dd01df8acc9bb34b1512f79e6f45df8
5d5a2c7554984936283240c81bcd23eeaa218b32d5fa42236f068d1ac6fd53c0
GET /tr/?id=1599075523726654&ev=PageView&dl=https%3A%2F%2Fwww.iccu.com%2F&rl=&if=false&ts=1669992809041&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669992809040.1658647186&it=1669992808263&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 14:53:30 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/51qugbww3f
13.107.227.53200 OK 1.3 kB URL HTTP/2 www.clarity.ms/tag/51qugbww3f
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1316), with no line terminators
Hash 51dc79237fb4904e1d845c23fbcda9c1
d143c795f9cc14e859238dba944a79c1fc74a6d8
39fcdab57bf1c91d0595077c91e2a5a60ef29fde634f519611fc0fa93207f4f0
GET /tag/51qugbww3f HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=90c2947802194384992d7d660537f0a1.20221202.20231202; expires=Sat, 02 Dec 2023 14:53:30 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0aRGKYwAAAAC1WPi4In7yTI6/Mv41VTz7T1NMMjMxMDUwMjA0MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 02 Dec 2022 14:53:29 GMT
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=SkL_wkqmNrMxibbUXomuNA&is_js=true&landing_url=https%3A%2F%2Fwww.iccu.com%2F&t=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&tip=qi514n-IwjgudJuw24jReUYpQYvcE9rppReH8lm6jiM&host=https://www.iccu.com&sa-user-id-v2=s%253AinsmYDYTQRFjJqqyC0UIj1taKpo.EiUqNxlwwvw1HWXClGjHNJVgv31MP3xzA9J11CZ60iY&sa-user-id=s%253A0-8a7b2660-3613-4111-6326-aab20b45088f.6Ew6ZBKuz2IMMTwjo9lKnZIULnxnFW0O83gZn%252BIFs3w
34.238.229.64200 OK 116 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=SkL_wkqmNrMxibbUXomuNA&is_js=true&landing_url=https%3A%2F%2Fwww.iccu.com%2F&t=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&tip=qi514n-IwjgudJuw24jReUYpQYvcE9rppReH8lm6jiM&host=https://www.iccu.com&sa-user-id-v2=s%253AinsmYDYTQRFjJqqyC0UIj1taKpo.EiUqNxlwwvw1HWXClGjHNJVgv31MP3xzA9J11CZ60iY&sa-user-id=s%253A0-8a7b2660-3613-4111-6326-aab20b45088f.6Ew6ZBKuz2IMMTwjo9lKnZIULnxnFW0O83gZn%252BIFs3w
IP 34.238.229.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 03e193f03f71be34743e8e1838deaede
0f310a13c8ca8b5990e23692651c36fed43c860f
d2670c49e889736cf1400cfa758194e1a3fe5d6e81dba3536baae1f7aab75013
GET /saq_pxl?uid=SkL_wkqmNrMxibbUXomuNA&is_js=true&landing_url=https%3A%2F%2Fwww.iccu.com%2F&t=Idaho%20Central%20Credit%20Union%20%7C%20Idaho%27s%20Premier%20Credit%20Union&tip=qi514n-IwjgudJuw24jReUYpQYvcE9rppReH8lm6jiM&host=https://www.iccu.com&sa-user-id-v2=s%253AinsmYDYTQRFjJqqyC0UIj1taKpo.EiUqNxlwwvw1HWXClGjHNJVgv31MP3xzA9J11CZ60iY&sa-user-id=s%253A0-8a7b2660-3613-4111-6326-aab20b45088f.6Ew6ZBKuz2IMMTwjo9lKnZIULnxnFW0O83gZn%252BIFs3w HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.iccu.com
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Dec 2022 14:53:30 GMT
Content-Length: 116
Connection: keep-alive
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 733
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.iccu.com
access-control-allow-credentials: true
date: Fri, 02 Dec 2022 14:53:30 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 14534
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iccupay-auth.us/b61705f85f6a5787b3797b783d692360/index.php
176.123.0.55302 Found 0 B URL HTTP/2 iccupay-auth.us/b61705f85f6a5787b3797b783d692360/index.php
IP 176.123.0.55:0
Analyzer Verdict Alert fortinet Phishing
GET /b61705f85f6a5787b3797b783d692360/index.php HTTP/1.1
Host: iccupay-auth.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 14:53:20 GMT
content-type: text/html; charset=UTF-8
location: https://href.li/?https://iccu.com/
x-powered-by: PHP/7.3.33
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: nosniff, nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
X-Firefox-Spdy: h2
idahoccu.us-1.evergage.com/api2/event/idahoccu?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6IkhvbWVwYWdlIiwiY29udGVudFpvbmVzIjpbIkhvbWVQYWdlIEhlcm8iLCJMYXRlc3RQb3N0Il0sInVybCI6Imh0dHBzOi8vd3d3LmljY3UuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiNTYifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiIzMWE4YTYyNjk1MTM0NzRiIn0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiNjQ2MTA2ODU3NjE4MjU3MSJ9
18.214.34.47200 OK 0 B URL HTTP/2 idahoccu.us-1.evergage.com/api2/event/idahoccu?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6IkhvbWVwYWdlIiwiY29udGVudFpvbmVzIjpbIkhvbWVQYWdlIEhlcm8iLCJMYXRlc3RQb3N0Il0sInVybCI6Imh0dHBzOi8vd3d3LmljY3UuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiNTYifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiIzMWE4YTYyNjk1MTM0NzRiIn0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiNjQ2MTA2ODU3NjE4MjU3MSJ9
IP 18.214.34.47:0
GET /api2/event/idahoccu?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6IkhvbWVwYWdlIiwiY29udGVudFpvbmVzIjpbIkhvbWVQYWdlIEhlcm8iLCJMYXRlc3RQb3N0Il0sInVybCI6Imh0dHBzOi8vd3d3LmljY3UuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiNTYifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiIzMWE4YTYyNjk1MTM0NzRiIn0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiNjQ2MTA2ODU3NjE4MjU3MSJ9 HTTP/1.1
Host: idahoccu.us-1.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.iccu.com
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 14:53:29 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALB=rmk3nfBqJN9itjb3nKKQrb4Iacn4Xg5mTRGmAYOyNpEc/fYYWPxCqZAR65HiOwF0hyfQ7tcCf73/w6t3qpHDvls4O+CHMX9jL8QTC6k++Mk2tXc0IHhNrz+LvBKp; Expires=Fri, 09 Dec 2022 14:53:29 GMT; Path=/
AWSALBCORS=rmk3nfBqJN9itjb3nKKQrb4Iacn4Xg5mTRGmAYOyNpEc/fYYWPxCqZAR65HiOwF0hyfQ7tcCf73/w6t3qpHDvls4O+CHMX9jL8QTC6k++Mk2tXc0IHhNrz+LvBKp; Expires=Fri, 09 Dec 2022 14:53:29 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.iccu.com
timing-allow-origin: *
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.227.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.iccu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0GweJYwAAAAAjciBFG16sQLPqXhzX0xKAQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0ahGKYwAAAAB7EUDUnuq3Qp36SdS/EwUyT1NMMjMxMDUwMjA0MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 02 Dec 2022 14:53:29 GMT
X-Firefox-Spdy: h2