icsbijwerken.xyz Open in urlscan Pro
172.67.201.191 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://api.channel.io/front/v7/one-time-msgs/475512/users/674764ce9b7712cb5438/click?url=https%3A%2F%2Ficsbijwerken.xy...
Effective URL:
https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT
Submission: On November 27 via manual (November 27th 2024, 8:31:33 pm UTC) from NL — Scanned from NL

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 30 HTTP transactions. The main IP is 172.67.201.191, located in United States and belongs to CLOUDFLARENET, US. The main domain is icsbijwerken.xyz.
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.

This is the only time icsbijwerken.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: International Card Services (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	43.202.85.49 43.202.85.49	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:303... 2606:4700:3036::ac43:c9bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	172.67.201.191 172.67.201.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
30	7

1 43.202.85.49 (Incheon, Korea, Republic Of) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-43-202-85-49.ap-northeast-2.compute.amazonaws.com

api.channel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:c9bf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

icsbijwerken.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.201.191 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

icsbijwerken.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	icsbijwerken.xyz 3 redirects icsbijwerken.xyz	51 KB
5	gstatic.com fonts.gstatic.com	59 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	76 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	82 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	19 KB
1	channel.io 1 redirects api.channel.io — Cisco Umbrella Rank: 130485	401 B
0	elzzpanel.info Failed elzzpanel.info Failed
30	8

	Domain	Requested by
18	icsbijwerken.xyz	3 redirects icsbijwerken.xyz code.jquery.com
5	fonts.gstatic.com	fonts.googleapis.com
3	cdn.jsdelivr.net	icsbijwerken.xyz
2	fonts.googleapis.com	icsbijwerken.xyz
1	code.jquery.com	icsbijwerken.xyz
1	cdnjs.cloudflare.com	icsbijwerken.xyz
1	api.channel.io	1 redirects
0	elzzpanel.info Failed	icsbijwerken.xyz
30	8

This site contains no links.

Subject Issuer	Validity	Valid
icsbijwerken.xyz WE1	`2024-11-27` - `2025-02-25`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT
Frame ID: 37A0439BA2DA8D9708F6A6E93192E442
Requests: 28 HTTP requests in this frame

Frame: https://icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 9F5081D114D59ED93BDA0F698CE051F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inloggen - Mijn ICS | International Card Services

Page URL History Show full URLs

https://api.channel.io/front/v7/one-time-msgs/475512/users/674764ce9b7712cb5438/click?url=https%3A%... HTTP 307
https://icsbijwerken.xyz/ HTTP 302
https://icsbijwerken.xyz/DUVzTTavlOw/?redirection=login HTTP 302
https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

30
Requests

87 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

289 kB
Transfer

1017 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://api.channel.io/front/v7/one-time-msgs/475512/users/674764ce9b7712cb5438/click?url=https%3A%2F%2Ficsbijwerken.xyz%2F HTTP 307
https://icsbijwerken.xyz/ HTTP 302
https://icsbijwerken.xyz/DUVzTTavlOw/?redirection=login HTTP 302
https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://icsbijwerken.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request sR8fHYp9jry9WBQBnmNG1MpT Show response
icsbijwerken.xyz/DUVzTTavlOw/
Redirect Chain

https://api.channel.io/front/v7/one-time-msgs/475512/users/674764ce9b7712cb5438/click?url=https%3A%2F%2Ficsbijwerken.xyz%2F
https://icsbijwerken.xyz/
https://icsbijwerken.xyz/DUVzTTavlOw/?redirection=login
https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

56 KB
18 KB

2428ms
2428ms

Document
text/html

172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.14 PleskLin
Resource Hash: db70ed694fc426453059ea6b6125c01b27abb37f85d09493f1c59926dd02fe84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e94e1c10a7c660a-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 27 Nov 2024 20:31:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UeIsRoTUvRODm3NlDzMozOZoJsmRZQxMDC2gxwKfxbbxzi28MpoShxpaJRZL8U0Yu%2BVljwHkQsx5DbePxBn72jScd1OuZH082wqjZK7IdFuydCFDrOLWlslXFA6O%2FPw3OjH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=17118&min_rtt=14645&rtt_var=6717&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4251&recv_bytes=4513&delivery_rate=885&cwnd=12000&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2481&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.3.14 PleskLin

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e94e1c088d5b93f-AMS
content-type: text/html; charset=UTF-8
date: Wed, 27 Nov 2024 20:31:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: sR8fHYp9jry9WBQBnmNG1MpT?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNL5wLTJth89%2BmzTEAeV2%2BTlCia7zsbRNHBnhGu0EHnOuMZKSbJId1P0vB8kaNjVmaI2uj%2BqKVsyBtjU9VPFG5M4iHGwixxEYm2oL%2FRJAxtPsxJ6xG0nW7U9Vx0Gz6rudhOLVAkhPz%2FRszFlJ1PQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=19341&min_rtt=14882&rtt_var=6097&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4785&recv_bytes=2425&delivery_rate=218767&cwnd=255&unsent_bytes=0&cid=bcdfd30f4ed3e26b&ts=517&x=0"
x-powered-by: PHP/8.3.14 PleskLin

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/ 227 KB
35 KB 71ms
27ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE"
age: 1615307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9JJlXud5R8ajXkIXAa3JpyMmmNxrE6%2FgBOakzNGWNAzQzOrGtbHzdX1K0Wt7pg7cQhTi1fEtyLHGM2n29EKVdwQoOR7QPwBJ0ZoV6%2B7wli%2BaCsMyM3sO5eKbk7I5Eiytv7GGNR7cXGxG6UcrQ4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230044-FRA, cache-lga21933-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e94e1d09a209f5a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34728
server: cloudflare
x-jsd-version: 5.3.1

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 48ms
27ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6421d693-4940"
age: 6431
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdKxFpRUD9REvAnr5M7arkr7ZKXfXmNL1pHNBXF31WLEPP8MHqaCaxtnZDI2BN4jP64suVh%2BKRFNAySUx4pO8OE47piYnAuuYyg1IVsmOLGnoMbv21CWEWq50L02KNtV73Dyg6cL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 20:31:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e94e1d07e560b3c-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18752
server: cloudflare

GET
H2 200 remixicon.css
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/ 120 KB
16 KB 79ms
36ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1e1f5-48QJs2Ev7WXpvZWlpyTMbKw/aZY"
age: 2549479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2aJ1GYXjap738n0FQHWfYSQTTqzfOXxvL5ZH9gQ%2BA1QC3FatbWLZr1yYzp7Qq2PVmsysvnXV8rh4Dj7gjA5%2F0FEGOk4M%2BaELbjeoeX5Jwamsr1YR3NtxlHOGvkaW3Sp1Mh3%2BfqurENFiMYLkuQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220074-FRA, cache-lga21952-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e94e1d09a249f5a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16438
server: cloudflare
x-jsd-version: 3.5.0

GET
H3 200 style.css
icsbijwerken.xyz/DUVzTTavlOw//media/css/ 30 KB
4 KB 61ms
60ms Stylesheet
text/css 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/css/style.css
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ad08352002623ab53be09d31a2dc442871cfd818fbfb9b4d51ba326523c29642

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6634e7d6-77ea"
age: 1369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4K23C1xKl5G1q88HA343cVmy78UODHakFEp4cKtGS1NvCJMqks0x2XcUuUyjWp9BR4PipNX47Yy2tOSTd2Beraox%2BmeeOZ6DPpSOeBEdl%2F662AB7AMZFkqVJzlSuu%2B3%2FObe"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=49&recv=26&lost=0&retrans=0&sent_bytes=41208&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2564&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/css
last-modified: Fri, 03 May 2024 13:34:14 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e94e1d05e7f660a-AMS
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 bars.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 257 B
941 B 51ms
50ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/bars.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fa29afbf0b37680bb9ec1fbd3404e422e4dc8cef44e94d4bb81197ed06dbb3b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "101-6178cc6892180"
age: 1369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XK2wbd26E5xLDe3PNm0SlQDD6pDuCh7wIwx%2FLx76QXMYHTDkW0ECFQgMydSGKCvAZyN8Lcsg4O9pNDmOC02RXNVmsmXBnQxJYC%2FwVK9X44%2FM%2BTtvivVeiPZjxHUek3GJUFh2"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=34&recv=26&lost=0&retrans=0&sent_bytes=25108&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2557&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 13:34:14 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version: 0.01
cf-ray: 8e94e1d05e80660a-AMS
accept-ranges: bytes
content-length: 257
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 icon-show.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 357 B
1 KB 44ms
43ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/icon-show.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f364ec0ca78a21aee2a4c598d0203e52a722be5439f861901cb2c43bed7a17a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "165-6178cc6892180"
age: 1368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yc8TRJtejngkPdkJIGEMO%2FYVHbxvguP8pukCZk297%2Fp4MJ3vAoE5Piu27C7orFVNg3hn8Iq65kh2YHNiSZRo%2FduIENlcC3I%2ByfveFylS35lovpuWU8ZdcmxgJi2zq2yPjXP"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=48&recv=26&lost=0&retrans=0&sent_bytes=40147&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2561&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 13:34:14 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version: 0.01
cf-ray: 8e94e1d07eac660a-AMS
accept-ranges: bytes
content-length: 357
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 left.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 421 B
1 KB 38ms
37ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/left.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2b3987b3c3c5cf45c06d0a40b370882289abad2336fa974e8f466840dcef778c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "1a5-6178cc6892180"
age: 1368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cYjbjz23cXEp0%2FI6bPOnf8xP3F%2FYQxUnIFTt0jGa6ODhUTnxlO32eg5d5C9AiUUrVa9JNnIB1hEXONZkTsgcs%2BRvTwYUVeIaBYULyCZE6FKzzkllQrIkN%2FvmQedCttA87vP"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=44&recv=26&lost=0&retrans=0&sent_bytes=36452&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2558&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 13:34:14 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version: 0.01
cf-ray: 8e94e1d07eb0660a-AMS
accept-ranges: bytes
content-length: 421
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 right.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 798 B
1 KB 39ms
38ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/right.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 47bc6bf26d209227d02dfc831f5f784dff1c2060b6dbb6353e6f5a9e0cf9e1c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "31e-6178cc6892180"
age: 1368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHUTHLl6QJ%2FLel7U5IxOFAZm%2FCzPjQznw4RnTVjToYG0Cl38cpk5rTBzTJBaayCb4bqPe07Qp%2Fa%2FMLC%2BDz9DTuR9ghhyoW2thp1IP8sJovq6ofboju5IySiGjrR8wJNzYUWv"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=45&recv=26&lost=0&retrans=0&sent_bytes=37577&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2559&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 13:34:14 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version: 0.01
cf-ray: 8e94e1d07eb1660a-AMS
accept-ranges: bytes
content-length: 798
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 badge.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 5 KB
6 KB 37ms
36ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/badge.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 88f7267b714b58c6a84534c4cd828e2b88407a7fdadb1633667afdb4c7a67cd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "6634e7d6-13c9"
age: 1368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8el0OQ93QAq5by1f%2FytmY4R0FspegQUQCR0YXndKSz3ngfm2EFVi2dSkOKzKJzXpX2MVRA0lLgejHqY74BEqGaeIzxeW3JGd%2FO0qKG4IVZVrDNXPTPZyOr29Aax%2FQdLBuOg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=35&recv=26&lost=0&retrans=0&sent_bytes=26072&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2557&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
last-modified: Fri, 03 May 2024 13:34:14 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e94e1d07eb2660a-AMS
accept-ranges: bytes
content-length: 5065
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 star.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 4 KB
4 KB 41ms
40ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/star.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 69bbbfd2c3177761de0c5fce950a484da568bddcdb0d23fe67da8c5df0979d13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "6634e7d6-ec6"
age: 1368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9vKvEKL87tlaE9z4Qg2oE%2BsxUJiFZbYwiF0HLHaQzK80uZBobUw3%2BrmYY0mHkHyo7iq2T5bSevJFf9ROL1JuRB7Bb4GgIhQihryfZ9XfcqG10k0UCMZqOmzf9r7UjpTQQ2g"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=40&recv=26&lost=0&retrans=0&sent_bytes=31917&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2557&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
last-modified: Fri, 03 May 2024 13:34:14 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e94e1d07eb3660a-AMS
accept-ranges: bytes
content-length: 3782
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 right2.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 339 B
1019 B 39ms
39ms Image
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/right2.png
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 15507e8d85de5d491cc0b5a893c875e1343080e099818efe566914eb5fd8ea93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "153-6178cc6892180"
age: 1368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2F7tl9FQQb%2FjPKr4jgm6rv4MoYCQbSyb5K4YcvKmYq%2FsXGmD04AlUA9ln%2FmtoV60b3i9Tq3YBZaiBxpuKUuzDQpMor1zmQOkU4xl26PVprunVqke37Gnwmei3XKS9Z9o5aSo"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=47&recv=26&lost=0&retrans=0&sent_bytes=39105&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2559&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 13:34:14 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version: 0.01
cf-ray: 8e94e1d07eb4660a-AMS
accept-ranges: bytes
content-length: 339
x-powered-by: PleskLin
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 79 KB
25 KB 57ms
30ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
age: 1859041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BAJ7I1EdElENsL%2FuYMHehOAz2RllXw7vX2AcSHCk7fY3BjyAEuJxpjszODzsCeqj0YMDCqK5HK7Pb3wPXpywyvuWd7FVXoMepzQH1z6nYwB55vaYZK%2BMN6PTX2YoJPVdyAOLvN9P3MKS3X8x%2F0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230159-FRA, cache-lga21931-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e94e1d09a259f5a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25109
server: cloudflare
x-jsd-version: 5.3.2

GET
H2 200 jquery-3.7.1.js Show response
code.jquery.com/ 279 KB
82 KB 64ms
18ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.js
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

content-encoding: gzip
etag: W/"28feccc0-45a82"
age: 2104748
x-cache: HIT, HIT
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 3060, 5012
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21929-LGA, cache-bru1480047-BRU
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732739489.396624,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83619
server: nginx

GET
H3 200 js.js Show response
icsbijwerken.xyz/DUVzTTavlOw//media/js/ 2 KB
1 KB 33ms
33ms Script
text/javascript 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/js/js.js
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c73ad47656797429ef209714ad85fbc68912b9e5d577e14a7e2f37708a86b625

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"667db440-6da"
age: 1369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZIp7OhnwbV2G6l8RT78qp1xcA8yIMvvuXGaLi5J%2BP8dKE7JBSXBRpcJvgoTExu1Zi0VGZ%2FievFX1yHgagjOseAopUEsvdZoRKE%2BImism8MCtp15Dl%2F82FoHWnqdXli0xLOX"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15984&min_rtt=14645&rtt_var=918&sent=32&recv=26&lost=0&retrans=0&sent_bytes=23648&recv_bytes=8548&delivery_rate=221389&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2556&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 18:49:36 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e94e1d07eb6660a-AMS
x-powered-by: PleskLin
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 91ms
35ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 20:31:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 27 Nov 2024 19:36:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
826 B 94ms
38ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 20:31:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 27 Nov 2024 19:36:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 67ms
32ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://icsbijwerken.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 18686
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:20:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:20:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 58ms
23ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://icsbijwerken.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 189804
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 15:48:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 15:48:05 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 83ms
48ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://icsbijwerken.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 115584
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 12:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 12:25:05 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 80ms
44ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://icsbijwerken.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 161667
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 23:37:02 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 77ms
41ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://icsbijwerken.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 16499
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:56:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:56:30 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 index.php Show response
icsbijwerken.xyz/DUVzTTavlOw/ 0
716 B 637ms
637ms XHR
text/html 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw/index.php?waiting=1
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.14, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H8%2BqX6a9lafReMnkFe9mgVKxZitJn7fP%2FhOg7h9KQpLf%2FZ5HIKS11KivEp2WcYreWYd1oolFPcyDHog5Y%2FINYoYvUgv2mQu1d9O3xuU4IOJrEdrKS903OIhuhsOIk4c8qgRF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e94e1d1780a660a-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16371&min_rtt=14645&rtt_var=955&sent=74&recv=61&lost=0&retrans=0&sent_bytes=55654&recv_bytes=27975&delivery_rate=116411&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=3325&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.14, PleskLin
server: cloudflare

POST api.php
elzzpanel.info/matches/Lf3CRCLqk5DDC/ 0
0

GET
H3

200

main.js Show response
icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 9F50
Redirect Chain

https://icsbijwerken.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
5 KB

24ms
24ms

Script
application/javascript

172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Requested by

Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Protocol

Server

172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f652eb596ada494406f71af80df943165b7f9675966c0b8d7bffec859e96a2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9Jyi00N19QPzd4CBiEWLl3jJAVP9jfwTuAzDtDG0cP%2BcMdZnEqvRc2r9aOdg5th4cQ0HtXpus9UMj9vCTA%2FbEU156lZ%2FFeZ4BJ1GngAOd97v5FL8QehqAI5DqUg814DFE94"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e94e1d1b859660a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16556&min_rtt=14645&rtt_var=1060&sent=57&recv=40&lost=0&retrans=0&sent_bytes=46513&recv_bytes=10041&delivery_rate=18585&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2752&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EquKQpqEraPLUBTOBqr4zvOY%2BR90WCzX07BLUqQ0DYbtBbd2ppiswewiXR7bfWV29NsgwuaV5uxdM3uHDHVoOgRTrC8xiVYcMv2uXbfbR6Zxo%2FogVdBaviiWCUW0BD0ZRHZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e94e1d19829660a-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=16808&min_rtt=14645&rtt_var=741&sent=55&recv=39&lost=0&retrans=0&sent_bytes=45803&recv_bytes=9721&delivery_rate=741586&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2727&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8e94e1c10a7c660a Show response
icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9F50 0
1 KB 34ms
30ms XHR
text/plain 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8e94e1c10a7c660a
Requested by: Host: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aa2ql3zyTSaoKDwKFfeK0Up5cdMQ65OGFuCr4o%2Fu8Y8vESaLSyoHjq5EKzg6MjU3p9Lg%2Fd03KH88zDCg6DzID50Ql6a3i2c7n5pCM8Oq6YaV%2Bu9OoW1Mh%2FFhdU%2F4g7FxqpQJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e94e1d248ff660a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16146&min_rtt=14645&rtt_var=999&sent=70&recv=59&lost=0&retrans=0&sent_bytes=51625&recv_bytes=27887&delivery_rate=213688&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2851&x=1", cfHdrFlush;dur=0
content-length: 0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 ff.png
icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ 2 KB
3 KB 31ms
30ms Other
image/png 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw//media/imgs/ff.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 04e1aba2dc4d4a1854c0909f5ff16a3ef390cbbcd06800e694831ccc96bedadb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?

Response headers

cf-cache-status: HIT
etag: "6634f4ec-850"
age: 1367
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e7eRQ44RzLL%2BZTCCEpy6qYWi0ZWDo%2FuwI5ObywAyrgr%2BMqLOtUqBeyfokZKh54tpJjX9eKlp2LxDPQo%2Bs1jw328o%2BKXNSBqT9Xy2QSV2buLcV4SH%2BZtz%2Bi5%2BkwzfQ4GL9rOV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16146&min_rtt=14645&rtt_var=999&sent=71&recv=59&lost=0&retrans=0&sent_bytes=52786&recv_bytes=27887&delivery_rate=213688&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=2853&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:29 GMT
content-type: image/png
last-modified: Fri, 03 May 2024 14:30:04 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e94e1d25907660a-AMS
accept-ranges: bytes
content-length: 2128
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 index.php Show response
icsbijwerken.xyz/DUVzTTavlOw/ 0
721 B 633ms
633ms XHR
text/html 172.67.201.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icsbijwerken.xyz/DUVzTTavlOw/index.php?waiting=1
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.14, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XK6%2B357fv31c2WrnHGwi%2BDW9cA8uCPTF5MMXrxamqRXeO5JZsEuQvt2uehmrv%2FQGa9NjWIgl%2FOl%2FPaI1yYlz7s%2FGAyx3mxZykRQRgDk3yAYKpkPqLanRE00cPJ7HJYM6y1%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e94e1dbcd60660a-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16292&min_rtt=14645&rtt_var=873&sent=76&recv=63&lost=0&retrans=0&sent_bytes=56417&recv_bytes=28785&delivery_rate=18137&cwnd=22800&unsent_bytes=0&cid=bff85b1d9989e2ab&ts=4969&x=1", cfHdrFlush;dur=0
date: Wed, 27 Nov 2024 20:31:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.14, PleskLin
server: cloudflare

GET index.php
icsbijwerken.xyz/DUVzTTavlOw/ 0
0

POST api.php
elzzpanel.info/matches/Lf3CRCLqk5DDC/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elzzpanel.info
URL: https://elzzpanel.info/matches/Lf3CRCLqk5DDC/api.php

Domain: icsbijwerken.xyz
URL: https://icsbijwerken.xyz/DUVzTTavlOw/index.php?waiting=1

Domain: elzzpanel.info
URL: https://elzzpanel.info/matches/Lf3CRCLqk5DDC/api.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: International Card Services (Financial)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
api.channel.io/	1970-01-21 01:29:04	Name: AWSALB Value: zhilsMBzPnAfKXEF43eivu8g8M/jAbklcq04QNc3hpFIZ4j6D377Pa+2Pum11kpT3Yz5enMyOZua+BUB8V4NUFEfSpZi6NyoxyAavb/hDHmYZ5Wpo/E+oL3KHV4Q
api.channel.io/	1970-01-21 01:29:04	Name: AWSALBCORS Value: zhilsMBzPnAfKXEF43eivu8g8M/jAbklcq04QNc3hpFIZ4j6D377Pa+2Pum11kpT3Yz5enMyOZua+BUB8V4NUFEfSpZi6NyoxyAavb/hDHmYZ5Wpo/E+oL3KHV4Q
icsbijwerken.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: kbpk7lca0p4hsgn00hfd7set7i
.icsbijwerken.xyz/	1970-01-21 10:04:35	Name: cf_clearance Value: J96hQ2YtZwa2qZRKsruKtebgZMxAgRZU48WNMBlWoNM-1732739489-1.2.1.1-B4I2yQH4BAax466bSTuWArWHYQXbDt.cdbLB3ToFJYDEJ8meReuFQi5sDxfF2cDS9XlHZihrmM5qf8cLu8XZifV9smK53B_RbiPyAvuUz9or0U0A22gO6LHGSRhl8LhVRzQHS7MCcMT7_KGdea1u_kwgPL83inSoUUJbOMv1WwWP_kWyJBA7PQ6NPmPHhH9w7xBkoM4lJuUEK2hs3dWqGzwyn09dIlMiKo32KQJYiYYkGgEp7TPcJdUS.KX8paHbdetR2aswh1BHil.dOe9l08JbM1EEwvkH2lGfpbZKl3ApJI0lJWwsE0bsTLWqaGUytRvpjNkhrCV_zJxft87OyO1mMo0zDMxAzrMpq_cLjWpkoeojrXyYi5xLqo6Km7sy

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT? Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://icsbijwerken.xyz/DUVzTTavlOw/sR8fHYp9jry9WBQBnmNG1MpT? Message: Access to fetch at 'https://elzzpanel.info/matches/Lf3CRCLqk5DDC/api.php' from origin 'https://icsbijwerken.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://elzzpanel.info/matches/Lf3CRCLqk5DDC/api.php Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.channel.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
elzzpanel.info
fonts.googleapis.com
fonts.gstatic.com
icsbijwerken.xyz
elzzpanel.info
icsbijwerken.xyz
104.17.24.14
172.217.18.3
172.67.201.191
2606:4700:3036::ac43:c9bf
2606:4700::6812:ba1f
2a00:1450:4001:800::200a
2a04:4e42:400::649
43.202.85.49
04e1aba2dc4d4a1854c0909f5ff16a3ef390cbbcd06800e694831ccc96bedadb
15507e8d85de5d491cc0b5a893c875e1343080e099818efe566914eb5fd8ea93
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2b3987b3c3c5cf45c06d0a40b370882289abad2336fa974e8f466840dcef778c
3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793
47bc6bf26d209227d02dfc831f5f784dff1c2060b6dbb6353e6f5a9e0cf9e1c0
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
69bbbfd2c3177761de0c5fce950a484da568bddcdb0d23fe67da8c5df0979d13
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
88f7267b714b58c6a84534c4cd828e2b88407a7fdadb1633667afdb4c7a67cd8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
ad08352002623ab53be09d31a2dc442871cfd818fbfb9b4d51ba326523c29642
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
c73ad47656797429ef209714ad85fbc68912b9e5d577e14a7e2f37708a86b625
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
db70ed694fc426453059ea6b6125c01b27abb37f85d09493f1c59926dd02fe84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f364ec0ca78a21aee2a4c598d0203e52a722be5439f861901cb2c43bed7a17a4
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f652eb596ada494406f71af80df943165b7f9675966c0b8d7bffec859e96a2b2
fa29afbf0b37680bb9ec1fbd3404e422e4dc8cef44e94d4bb81197ed06dbb3b2

icsbijwerken.xyz Open in urlscan Pro 172.67.201.191 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

87 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

289 kBTransfer

1017 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

icsbijwerken.xyz Open in urlscan Pro
172.67.201.191 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

87 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

289 kB
Transfer

1017 kB
Size

4
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!