urlscan.io logo urlscan.io
SecurityTrails logo

costaricaretireonss.com Open in urlscan Pro
2a06:98c1:3121::c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Submission Tags: https://phish.report @phish_report Search All
Submission: On September 19 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 77 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is costaricaretireonss.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2022. Valid for: a year.
This is the only time costaricaretireonss.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telekom (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
27 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 51.210.32.132 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
2 5 37.157.6.245 198622 (ADFORM)
10 104.111.215.143 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 185.54.150.22 60164 (WEBTREKK-AS)
1 185.54.150.115 60164 (WEBTREKK-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.58.27.30 16509 (AMAZON-02)
1 3 185.54.150.52 60164 (WEBTREKK-AS)
3 18.194.219.38 16509 (AMAZON-02)
3 2600:9000:21f... 16509 (AMAZON-02)
1 37.157.6.236 198622 (ADFORM)
3 2a03:2880:f02... 32934 (FACEBOOK)
3 80.158.67.40 34086 (SCZN-AS)
2 185.54.150.79 60164 (WEBTREKK-AS)
1 52.212.118.143 16509 (AMAZON-02)
1 2 185.54.150.123 60164 (WEBTREKK-AS)
6 2a03:2880:f12... 32934 (FACEBOOK)
1 46.51.134.251 16509 (AMAZON-02)
77 23
27    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
costaricaretireonss.com
1    51.210.32.132 (France)

ASN16276 (OVH, FR)
PTR: ns3172604.ip-51-210-32.eu
i.ibb.co
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
5    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
10    104.111.215.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-143.deploy.static.akamaitechnologies.com
tags-eu.tiqcdn.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)
responder.wt-safetag.com
1    185.54.150.115 (Germany)

ASN60164 (WEBTREKK-AS, DE)
cdn.wbtrk.net
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    52.58.27.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-27-30.eu-central-1.compute.amazonaws.com
t13.intelliad.de
3    185.54.150.52 (Germany)

ASN60164 (WEBTREKK-AS, DE)
PTR: pix.telekom.de
pix.telekom.de
3    18.194.219.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-219-38.eu-central-1.compute.amazonaws.com
t23.intelliad.de
3    2600:9000:21f3:3400:7:2732:be80:93a1 (United States)

ASN16509 (AMAZON-02, US)
ssl.xplosion.de
1    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    80.158.67.40 (Germany)

ASN34086 (SCZN-AS, DE)
www.telekom.de
2    185.54.150.79 (Germany)

ASN60164 (WEBTREKK-AS, DE)
geid.wbtrk.net
1    52.212.118.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-118-143.eu-west-1.compute.amazonaws.com
xups.xplosion.de
2    185.54.150.123 (Germany)

ASN60164 (WEBTREKK-AS, DE)
fbc.wcfbc.net
6    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    46.51.134.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-134-251.eu-west-1.compute.amazonaws.com
uss.xplosion.de
Apex Domain
Subdomains		 Transfer
27 costaricaretireonss.com
costaricaretireonss.com
360 KB
10 tiqcdn.com
tags-eu.tiqcdn.com — Cisco Umbrella Rank: 53821
37 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
779 B
6 telekom.de
pix.telekom.de — Cisco Umbrella Rank: 90700
www.telekom.de — Cisco Umbrella Rank: 114697
148 KB
6 adform.net
track.adform.net — Cisco Umbrella Rank: 3979
s2.adform.net — Cisco Umbrella Rank: 6329
38 KB
5 xplosion.de
ssl.xplosion.de — Cisco Umbrella Rank: 839456
xups.xplosion.de
uss.xplosion.de — Cisco Umbrella Rank: 37519
11 KB
5 intelliad.de
t13.intelliad.de — Cisco Umbrella Rank: 181227
t23.intelliad.de — Cisco Umbrella Rank: 128727
10 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
195 KB
3 wbtrk.net
cdn.wbtrk.net — Cisco Umbrella Rank: 158684
geid.wbtrk.net — Cisco Umbrella Rank: 123361
2 KB
2 wcfbc.net
fbc.wcfbc.net — Cisco Umbrella Rank: 45223
381 B
2 google.nl
www.google.nl — Cisco Umbrella Rank: 9480
612 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
572 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
2 KB
1 wt-safetag.com
responder.wt-safetag.com — Cisco Umbrella Rank: 32909
230 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
46 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13442
1 KB
77 17
Domain Requested by
27 costaricaretireonss.com costaricaretireonss.com
10 tags-eu.tiqcdn.com costaricaretireonss.com
6 www.facebook.com costaricaretireonss.com
5 track.adform.net 2 redirects costaricaretireonss.com
track.adform.net
3 www.telekom.de tags-eu.tiqcdn.com
3 connect.facebook.net costaricaretireonss.com
connect.facebook.net
3 ssl.xplosion.de tags-eu.tiqcdn.com
ssl.xplosion.de
3 t23.intelliad.de t13.intelliad.de
costaricaretireonss.com
3 pix.telekom.de 1 redirects costaricaretireonss.com
2 fbc.wcfbc.net 1 redirects costaricaretireonss.com
2 geid.wbtrk.net costaricaretireonss.com
2 t13.intelliad.de tags-eu.tiqcdn.com
t13.intelliad.de
2 www.google.nl costaricaretireonss.com
2 www.google.com 1 redirects costaricaretireonss.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
1 uss.xplosion.de costaricaretireonss.com
1 xups.xplosion.de ssl.xplosion.de
1 s2.adform.net costaricaretireonss.com
1 cdn.wbtrk.net costaricaretireonss.com
1 responder.wt-safetag.com costaricaretireonss.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com costaricaretireonss.com
1 i.ibb.co costaricaretireonss.com
77 23

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-22 -
2023-05-22		 a year crt.sh
ibb.co
R3		 2022-08-07 -
2022-11-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.wt-safetag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-17 -
2022-11-19		 2 years crt.sh
*.wbtrk.net
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.intelliad.de
Thawte RSA CA 2018		 2022-09-02 -
2023-09-02		 a year crt.sh
pix.telekom.de
TeleSec ServerPass Class 2 CA		 2022-07-13 -
2023-07-17		 a year crt.sh
*.xplosion.de
R3		 2022-07-30 -
2022-10-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-28 -
2022-09-26		 3 months crt.sh
www.telekom.de
TeleSec ServerPass Class 2 CA		 2022-08-02 -
2023-08-06		 a year crt.sh

This page contains 4 frames:

Primary Page: https://costaricaretireonss.com/wp-content/themes/dir/
Frame ID: F946CF63C1C8B6138C63DFD75BD9BDC6
Requests: 16 HTTP requests in this frame

Frame: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Frame ID: 2AD4EF5FF663AD8E83B923D0C5D634CF
Requests: 56 HTTP requests in this frame

Frame: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ls.htm
Frame ID: 1BF047B1A18D213F705F6B8B9559C7FC
Requests: 1 HTTP requests in this frame

Frame: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
Frame ID: CC6A3C9F1810E81B3C6AC1063BEC62D4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telekom Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:is-bin|INTERSHOP)
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

95 %
HTTPS

35 %
IPv6

17
Domains

23
Subdomains

23
IPs

5
Countries

868 kB
Transfer

2298 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&_rnd=0.5299672278222181 HTTP 302
  • https://www.google.com/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2058986825 HTTP 302
  • https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2058986825&ipr=y
Request Chain 50
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 62
  • https://pix.telekom.de/423493631852538/cc?a=r&c=wteid_423493631852538&t=https%3A%2F%2Ffbc.wcfbc.net%2Fv1%2Ffbc%3Fp%3D441%2C0%26acc%3D423493631852538%26t%3D1663566041741%26err%3D HTTP 301
  • https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663566041741&err=&c=wteid_423493631852538&v=4166356604100756739 HTTP 307
  • https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663566041741&err=&c=wteid_423493631852538&v=4166356604100756739&rc
Request Chain 69
  • https://track.adform.net/Serving/TrackPoint/?pm=120050&lid=3130201&ord=242349217257&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking. HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=242349217257&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
costaricaretireonss.com/wp-content/themes/dir/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f56a894575e0ee1b3c6ecd875724806f9090a86dc38a62b600f7e1a8e6b3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74cffcdf3f8ffa50-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 05:40:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1yWbW4kGJP2IhGl8%2B1ZY%2FoTpQ%2FPIOfDSFbuXcKxE7gXoX1oym8yoxTU0ENCjeag9gVSMXyWMb5%2BxdVcRijKqtYVAaQsqEeEDSLo%2FnUq7k%2FGJfWCElMZrbYonnZswqZbgzff80RJTf3JKFVYEd%2FEAnvU0Tam9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
components.css
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 		96 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c9a6a063bebf358281210d89deab95b3664efdaa7221d33003e76bb819481a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAuGs06ZOrOpqvRlBwQo1qHp6DI9PmNUZbb2VP4wK45DV6p1yV4OOAeXav%2F1ThHSJwZ3uPafUo%2FD1tAfDexcGbrIBWpN3IU4aGf8G%2F5Qa0Fa9WP0zaCsPewqeO7SZE2CtASAW4YvLNOcv1naMtGhwVxvBpzLdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
74cffce27974fa50-AMS
expires
Wed, 19 Oct 2022 05:40:39 GMT
login.css
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.css
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0160833250f888a24fda0fc62b1a091dcd975c910f84b8754b5cc1bde644e149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHun474BgHhEz7DQqp%2B%2FygsJB6A6CpETnpO7CIiK0ir%2FWVHBG2Pu2xs9mSofM%2BoFYvSaKwO6CjAGXLN5%2BHqP%2FJn0pRuDc55hjas%2BtWv5la%2BJa3ztRqrGeHcmQkNK5%2FTeIGPeZ38s%2B0RXS6Dmgp2CzYx4IW9VuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
74cffce27975fa50-AMS
expires
Wed, 19 Oct 2022 05:40:39 GMT
jquery-3.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/jquery-3.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19005
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HxRcmy3TNaFAADX%2Fn%2FvCrrB5UgqvbOd1Z2OF6pzmz9ZgO2pO9lpm9tGB%2Ft1RgMK%2FTbcRoX5L2LedjV1NehAMnHP9q1uoJn378tH4kHu5%2F%2BI12j6NXSdT0JqU6U1yFE%2BEcKi5QB51WvS0CLJ%2BvC%2ByX8QRROeiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffce27977fa50-AMS
expires
Wed, 19 Oct 2022 00:23:53 GMT
components.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d274b3c3f7c6565c2f3cc9b009770f143ceca121b91bc25f844f7040f18c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUP3pp%2FlUFmiFJ7UQreNQ9nmpSgBdYB5iM5a3D6jwPZCrewS%2BOc0IwFiAzeMhJRetNOVPlXpifi51hW4aNSQBrhh65SAM3RfskCPL8Tx3CDb%2BVIIcY4J9874WjuBnTnccoiji7Okuj8sYqKJ4LQHn6cpk5GPqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffce2797afa50-AMS
expires
Wed, 19 Oct 2022 05:40:39 GMT
login.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f12df8ac1275dc47e45c4286652edad140acdcf82db35c82840134b53d80df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJXhmK8EXAl4j0DRhaOMDDIztRJopTGO343CF9%2FagQ%2BfJyn8xPqTCi1qb6XZ6H%2Fxg21CKL4i8Gw3zlBDzYCpla%2BBx2Qhl57Za0RuTGTh1G0%2BzeK3rHwn5jiVniPeTB7Sm6Fj9%2Fxo2l3ornzYT4yFG1ZwYch9Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffce2797cfa50-AMS
expires
Wed, 19 Oct 2022 05:40:39 GMT
Screenshot-8.jpg
i.ibb.co/DfzDgmX/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/DfzDgmX/Screenshot-8.jpg
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172604.ip-51-210-32.eu
Software
nginx /
Resource Hash
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:39 GMT
server
nginx
content-length
1031
content-type
image/png
phoenix_login_tracking.htm
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ Frame 2AD4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefcfc1305138f6f58526af6d51a1a8ff86658dc09b93caef33a382017dd0adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74cffce61f3fb88b-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 05:40:40 GMT
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOl%2B2nQpoorG31palxRYIt0KLXlO8M2z8jytjWK6JHF64Hr6RCLIqde8sfLRaRX19GMEYoZp6iy1gRpVVhtRW%2FbnkR5lNiW2iwrTLaf9SS8sE8Wfm1aQW4tO8tWWJoZHY35bNQXmYPeuBNw5DEJNCjHWbISuGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
data_protection.svg
costaricaretireonss.com/wp-content/themes/dir/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/images/data_protection.svg
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6PaKYUUFKbN%2FgHedKJspNm0Iov6Dn1nJRMe5blE080V9NX51XIGwiz2so2zrP7oB2mibb%2BwdAdU62pamM%2FsJczkB0e3wAVV66hTXgLjrp5IZKksOdlRqJOBx%2BMpXEV2vDRJEs01NJqbfuSLOfMSmdtIeqI87A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce61f4cb88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
telegroteskscreen-bold.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.woff
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pWfw%2FWsLxZIDPYxGMdI84smY3kq%2Bzi%2BvUTS93EsFlPRCcQ7lkN8vAamHi4ZZJUm475FYzaQgAIzl9qQ6Qxkvsh8Hdg9dhfAy9hbBS94%2B37uaM8TEz4Ee1p1flZMpyM5stW5bMYDcHth%2FS4yZTHAG9Hkg%2B7nIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce61f4db88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
telegroteskscreen-thin.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.woff
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BF8P4Hu7sEQxx8Otxa4qnBf2oVmKUhRasHrgmhw3kzTzFoXxdMrNXJ2HQN7ZlEVDXawb5DlktV07viUTogEZ1Vb58a%2BxDguuQndPySzTLnIrcDWGk4ZX52fzZUxq3SxlMty4Wtc5C4ICyZ7mpW5OL3RcUSUAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce61f4eb88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
telegroteskscreen-regular.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.woff
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOGQXvOiVsj4zisZpsDpK2w3luJnulzWu8OddkLL312dpoE3uwSpr4hAjiMnqG6%2F0cLKXGcZ02rGHIkq87ATPNFE12TDzdfOj2KhSpgOLPmVVBsP%2FyuLTsOCPCp3xLu3zujJssgD7LGZqEI9U%2BRKBnY5%2B0SiwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce61f4fb88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
teleicon-ui.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.woff
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EtzwD%2FQmSKLZAI7TXXena7csKpfEz%2B3xB%2FgPx0U4Ymh8g6c5WTZjlNtUe6yOcFYnp%2B%2F77zA990geQL4mgqGtr8O1Vb1b3QCT2mYAmmbagqyS0SZDr9eu4gAQv3MAxS9z6TeOWhHbcvuntOU4tQf4gTo8nA7ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce61f53b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
telegroteskscreen-thin.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.ttf
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDgGAZBQBvwDyLzWDn8KabJq4IoMSUPRcBP6tcOLt3ARvKY6vXPTu9%2FPV96ka0yKpN1X%2FeUngn06DUmGbKPNtguu4FDCDHdBJ6rJJa%2B2J1Z0oIMk5QMWtBe4NtlUiI5Mx3qcoPe2Aa46ajmAZvda1KVmbOaRmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce8eba9b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
conversion_async.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/conversion_async.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab3e6719513e071caf669acd89fb8b819a0e9aead9bffb8ce340224f5c6ed54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60820
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agkeClVlgpykW23ln2MA2TiXpqzh0pRD5R%2BS7ARWtMd6J3%2BGZJAIzq0dZ8iQFYlSULnPV%2BLZ6fWUZxQJRpE4EHK00GKMYlan1cIC1gfzwxuvGBr56G61HqSa3wl83cf4X7kEfymnSpJxlCADA06pxsPtYLfcpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffce91bd5b88b-AMS
expires
Tue, 18 Oct 2022 12:47:00 GMT
196380495960676
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		49 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/196380495960676
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b928e4bff00195d50132fbd2eb4e09aed0b5d3e4ae50f58d1d48f78ad80f72d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhxqvuPKqxo4142kG6TMoD2ooNRhpf9nQOhr%2FTEx5cfAagi%2B1NKQKkkL5AfnZkVrMf5eFyAH2IIdOnLpTHaReAe%2BpiCA6EDWC4kxaGDNaggbUoHQct87wyyzDRkcg0Coy1n1ZjYfGFO0SPd7Pi3gQjOHyYynJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
accept-ranges
bytes
cf-ray
74cffce91bd7b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50254
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
EXPIRED
a_002
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		92 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a_002
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12dd26d92febfda94104e8e6e1fae56a700dde48ee46d557538497d15de1e6cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKqchbiN8jNi96t34OC1qF2tqEf9SmXtOVtAOwSOwHiONRxYpLkPO1Ep%2FHREkV49V48CyPVqPHsmVvgNaoMrWaF%2B0z6a0ayy6V9hfHOnDG9tjuzWH9YrdtNTZzIXYJAojcUDuXj8kAgm0FQxo2Zs4ASw7HV%2BHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
accept-ranges
bytes
cf-ray
74cffce91bd8b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
EXPIRED
utag.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a0146cd582489b149595e14b33fbbf41cf2ddb761b2f2ef60d0bd3d3e7517d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fUvPflG%2BhQ1o6OahBkB4Uv8eUwqCosBSFjnV1ezfZi3Vk81zO2Mi6SyEEict6flkQLk6J6STparS%2FGLEvQg93PAq4qk3P3GBBiXatwtXYdhd%2B3CLVF54PxfY7F%2Bf0or89rvpu%2FJNlzTzUn9pibBHuZ552%2BvJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffcea1d70b88b-AMS
expires
Wed, 19 Oct 2022 05:40:40 GMT
utag_004.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_004.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7dd30fa424475486000787392372f06cf8ec1882c749a5a818fd6624b1dc37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60819
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sn6P0PV6eQwpSw2L8Jjt4b0kqZXSrN7AM4IU7nDDZr7sEEq0qF1OFKKC4RzMf3r%2F6uTE5zl1joWmu8tBafN19bOuJElIzTlRwwb8NYz9TwSxDG9UennrnleKW24p1FGHmeFPJh4snlPIJr%2FvvoA4a631MOW14A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffcea1d72b88b-AMS
expires
Tue, 18 Oct 2022 12:47:00 GMT
utag_003.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_003.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2b63b6a04bea042f33716a5ec7692e1cf3154f660b7e4423e5d185211810d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60819
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FjLrjjAltlK%2FGTK%2BBqQEkhbPVoh%2FZ1%2FRKduXWOCgadkJF0OJ5lyCtHLkmPo8PjLF%2BCkTVxlnR7SjjRuUyIdso56ghjoa8SBQNYWJbQsmTqvPZ0OlIqmZMpDIAVYifDuqfLA0xBjhIbJ46O2f77NvZgi%2FmaHcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffcea1d73b88b-AMS
expires
Tue, 18 Oct 2022 12:47:00 GMT
onsite.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/onsite.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14382ccce783715cd78910b3b74ca0863367c01b6923b137d598e3c7a1f5900f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60819
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zep5DZ8XqDIaWin7jnZ0kLC017HKZ5U2uyF0AHwIVHzDKCKfso%2BxydCxDtboAjAFhPFgybCJ3lYWAusfN9DHLK%2BtsRzUCWPI6YC58GFO%2BNm1UNk4oqLS%2FVC3FYvfLUuWr39uNp3t9dVS7vKJlkcGmZeDJGnrew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffcea1d74b88b-AMS
expires
Tue, 18 Oct 2022 12:47:00 GMT
js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c38bcebdeb39314df096a73d8d898029c59993071e4b8a1650d1dd9fd4466b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zw9ite588g355m3I9atmTchKn1zicybLW7RpLJMWp8DBnCS5sQCCqDyqPdDEWuq6ion1Z9GieTHJDplOOwb9w1eP7OUIv7nfsyYmgpqruXCv1ggMpnjZP0BxpqHVGf%2F7BHOsU36RpVlJ8191O0OsXglPf2t9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
accept-ranges
bytes
cf-ray
74cffcea1d76b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92738
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
EXPIRED
a
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPJKBjaKSVV647TE9FN8RWOOczFreDuqk5%2BYNvp8fZrbqpoPMdSStzpgxiXenei6HWmI6gWV60V4%2Briu9aYrgRwSeRPQanqjTqQtxT5lfNNdy6WKUqQKEMIavypOcbRS2ZnLBj%2FcIbXPFaXTuZjJvXtCKWXFfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
74cffce91bdab88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
utag_002.js
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 2AD4 		104 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a46ae9b04fdb63d5a7132ebb1678c262d5470f74ec18d3a7e4f96de96c5b805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60820
x-server-powered-by
Engintron
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRKqswYnLucM0n6oav72OKLhUlb1hsGlr45FIjSuT1oqtS%2FlaTC6MP4Tf7lbF8DPwIS%2BBxz4UsEB827jNd%2FETi9yGX%2BisJhVauDtLw9o7ecIHXndZfsnlaK74B1ZP8RjeJVxzC4ZuPYvIxAh5Xj5PNlooEoK5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
74cffce91bdbb88b-AMS
expires
Tue, 18 Oct 2022 12:47:00 GMT
telegroteskscreen-regular.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.ttf
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEc1xgvKOBpVxMHqJDtom97Xhx8sXY1HykYOjAjSs88PHAgCNu0RRaSXlvdVcFAZctm76SuYWI%2FguFjyFMv%2BkK1ABfyRSuElUdn023O%2B2F6Hwu4ogjQ7OQNyVQS0fEiR1vBpbx1Ps1%2FIwzOGrNNRUh8nGhYYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce91bdfb88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
teleicon-ui.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.ttf
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xmhay7NpbKrM8gLmAotPptb9DmcX97bRbeZOV6erbyy5uQYgelZ7cDiAQvjTge9Yf9%2FneAowg3O55FfhH%2B7B4cOmy3rjdXnoY9HIgrI0XWPuaSadudHk1NHYvZ0ST7YzTnkwbn878LcqTl8RqjfsbqBCA6kqrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce91be0b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
telegroteskscreen-bold.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.ttf
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin
https://costaricaretireonss.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7R8ziQGFSyxR3nm%2Fj40mofMJjC55zILF91h7MTDJr3omKXPqjamFbcyKcyIRi%2FbbZscxIACMiyaQayohyhdfNTRApds%2FXwawmRxf42gwaDZU6EfjQK9tGm1RH%2B8Gj87yz2fAxmsLkdYJfq6dKEi7HpMBn%2FK3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
74cffce91be2b88b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
ls.htm
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 1BF0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ls.htm
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306f2ebde2a8145229dd48225e00d99fecb7dc729b4cfc0b4fa15c21ddcede29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74cffcea1d77b88b-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Sun, 18 Sep 2022 11:42:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQGV0FQ%2FRunvXzPjYT8Sq3fvYAyvwulbNKH%2FcT1ccsYgADSIfNFLTl723Mw8oyRN8fWB9SiP4Q0Xccq99ktE%2FOF4UtWvV1mE2EasO2dwiucj2D0qtXBcmodg%2BlJU5WVMPNNjg8GzQXewkhtjuzBGqFHR3pXGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 2AD4 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1001948399
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_003.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6229e782fe6457e62a11207ce20c60757cadbfb8ac4064e005a056e54b6b6191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46573
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 05:40:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 2AD4 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1001948399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 05:40:40 GMT
/
track.adform.net/Serving/Cookie/ Frame 2AD4 		73 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
180
expires
-1
utag.12.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.12.js?utv=ut4.44.201808200851
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2780be4293bd393b54fb765c8ec205363800aa0daa2e8f75e8fe6dc3ccbe8ccc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 08:59:05 GMT
server
AkamaiNetStorage
etag
"00331b45ea7a8bcc1b15697b3cc47160:1659517145.93956"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4104
utag.40.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.40.js?utv=ut4.44.201809140739
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1a96d30a100b47d5e1e1aa27005d349a1138871aafbd0c7f615741007e8473ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 13:21:02 GMT
server
AkamaiNetStorage
etag
"57e3c8243df62213db69e782634a0582:1616678462.606911"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3223
utag.55.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.55.js?utv=ut4.44.201807100941
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
62610c7225cf2c75c8c2c9e0a6ac9145a33b557f08da9429995d2b414ab933f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 13:20:55 GMT
server
AkamaiNetStorage
etag
"b51bb6e17b313627d3b66bd67220cf3e:1616678455.574718"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1514
utag.37.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.37.js?utv=ut4.44.201808200851
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f88e6b79e5cbd5c5bd0fc64b7747e35ab0f9d28d737482dcebec962e241bf43e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 11:02:56 GMT
server
AkamaiNetStorage
etag
"101be2496651d1af971f6bc57f58aeea:1597316576.155522"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2274
utag.101.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.101.js?utv=ut4.44.201902071424
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
43d5062c71b15a64799eb2428ac313f92af2be89a905469946aa45192407b038

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Wed, 14 Oct 2020 14:23:04 GMT
server
AkamaiNetStorage
etag
"3fa78873a63a88b79b619fb0ddbc1c20:1602685384.47941"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4932
utag.120.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.120.js?utv=ut4.44.201808200851
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
96abded29d7f33d0939bd257815ad1828604f9d5d0d3057c489f1afff0612b06

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 13:42:31 GMT
server
AkamaiNetStorage
etag
"d23bb6408a45d8997c543b1ca61c04fc:1602510151.057007"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4263
utag.125.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.125.js?utv=ut4.44.201812211142
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5bb09b27436ec99c084d4a7c1a555fc0f302081704b1e2eb20617dc522bda1cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 11:02:57 GMT
server
AkamaiNetStorage
etag
"34fd52d5ab3b4bbc0f4352712701702e:1597316576.963529"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4551
utag.126.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.126.js?utv=ut4.44.201808200838
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fc76360c70e8389fdd38e99d5c153c9d88b86569b3f42c40062f1c51ed85b336

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 13:42:32 GMT
server
AkamaiNetStorage
etag
"e2106e21783f1f66472ffc81ca38640f:1602510152.733921"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4265
utag.137.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.137.js?utv=ut4.44.201811140822
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ab2c778685ffddd1e0933e57fc864729fa8cb7921a3783d6546285c3e357aabc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 13:20:59 GMT
server
AkamaiNetStorage
etag
"855c89925a28019d50cd414a2f577f45:1616678459.349899"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2130
utag.151.js
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 2AD4 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7fb7ea7ac5d4073f1505391c735942e45e6be306696bd3572e9e53dc291848b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2019 12:55:16 GMT
server
AkamaiNetStorage
etag
"7e1f18db321ca90401028fb3dc3016d2:1554382516"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5035
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001948399/ Frame 2AD4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001948399/?random=1663566041043&cv=9&fst=1663566041043&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&ref=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&auid=1619176034.1663566041&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e3ea0b9181e6461e21390ce2e2dc0fd07e3a939c4643ba3367d281ef69dc76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1040
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
196380495960676
responder.wt-safetag.com/resp/api/get/ Frame 2AD4 		0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://responder.wt-safetag.com/resp/api/get/196380495960676?url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.22 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 05:40:41 GMT
Cache-Control
max-age: 0, must-revalidate
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/javascript
geid.min.js
cdn.wbtrk.net/js/ Frame 2AD4 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wbtrk.net/js/geid.min.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.115 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
5ef468e6b28f8232ff6dc2b54f48a016be6b2776a27b7e5191ab71393637dc57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 05:40:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jan 2016 09:43:24 GMT
Server
nginx
ETag
W/"56a5ee3c-5c4"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
/
www.google.com/pagead/1p-user-list/1001948399/ Frame 2AD4 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1001948399/?random=1663566041043&cv=9&fst=1663563600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&ref=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&async=1&fmt=3&is_vtc=1&random=2485400263&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/1001948399/ Frame 2AD4 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/1001948399/?random=1663566041043&cv=9&fst=1663563600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&ref=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&async=1&fmt=3&is_vtc=1&random=2485400263&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/947828095/ Frame 2AD4
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=...
  • https://www.google.com/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=20589...
  • https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=205898...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2058986825&ipr=y
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2058986825&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hfpc.min.js
t13.intelliad.de/ Frame 2AD4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t13.intelliad.de/hfpc.min.js
Requested by
Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.137.js?utv=ut4.44.201811140822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.27.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-27-30.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b95aa3f47aa13e07f6874689ff02c2a7757bd71dd61177c9ebbb55508fc7bb7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 10:44:22 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"1121-5bf4b7f416d80-gzip"
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
content-length
1911
wt
pix.telekom.de/423493631852538/ Frame 2AD4 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.telekom.de/423493631852538/wt?p=441,www.telekom.de.privatkunden.,1,1600x1200,24,1,1663566041405,https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F,1x1,0&tz=0&la=en&cg1=www.telekom.de&cg8=privatkunden&cg10=authentication.login&cp2=authentication.login&cp44=pk-omni-sales&cp54=not-logged-in&np=&pu=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&eor=1
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.54.150.52 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
pix.telekom.de
Software
1679091c /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Mon, 19 Sep 2022 05:40:41 GMT
server
1679091c
x-robots-tag
noindex, nofollow, noarchive
p3p
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif;charset=UTF-8
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
crossdevice.php
t23.intelliad.de/ Frame 2AD4 		125 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t23.intelliad.de/crossdevice.php?cl=6393536373136323131303&callback=iahfpccb&1663566041503
Requested by
Host: t13.intelliad.de
URL: https://t13.intelliad.de/hfpc.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.219.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-219-38.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f725af55fa0a2046cb2a5f5db489da011690d83799811ca23547f07c545cf9de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-type
application/javascript
content-length
145
expires
Sat, 26 Jul 1997 05:00:00 GMT
profiler.html
ssl.xplosion.de/ Frame CC6A 		176 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
Requested by
Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.37.js?utv=ut4.44.201808200851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3400:7:2732:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f410c489fe29c824fb79a74cdd9981740d0167b0dd4c3d392561d27c043e259e

Request headers

Referer
https://costaricaretireonss.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
13206
content-length
176
content-type
text/html
date
Mon, 19 Sep 2022 02:46:06 GMT
etag
"f09ec1be382233ee03b9d5a2fa90bc60"
last-modified
Wed, 30 Oct 2013 18:08:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-id
OI0NFBJqe3ZCDlwKjuewHK7dDR7rsi03xvUVLGEBr4QFhh2xIbibcg==
x-amz-cf-pop
FRA2-C2
x-amz-meta-s3cmd-attrs
uid:1127/gname:root/uname:it-mngt/gid:0/mode:33188/mtime:1382443140/atime:1382443140/ctime:1382443140
x-amz-version-id
null
x-cache
Hit from cloudfront
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame 2AD4
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 11:34:23 GMT
server
nginx
x-amz-request-id
tx000000000000026d03d7e-006327fd6c-32820e60-default
etag
W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Mon, 19 Sep 2022 05:40:41 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
fbevents.js
connect.facebook.net/en_US/ Frame 2AD4 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
K/G5Y4jzG+cYqsTiPo0lAH0Z/y1TPOCsq3yuxXgQx0Z5WxrzA1gMYBAnfEMvDQlkxttVTotnZsQuAuvtl70WhQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 05:40:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sidebar_min.css
www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/ Frame 2AD4 		73 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.css
Requested by
Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e4f06e1e6f9a75c292bae9623c46adfd265be893bd19869f90559776b4cf08b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 04:13:54 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
expires
Tue, 20 Sep 2022 04:13:54 GMT
cache-control
public,max-age=81193
accept-ranges
bytes
x-ua-compatible
IE=Edge
sidebar_min.css
www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/ Frame 2AD4 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.css
Requested by
Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 04:13:54 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
expires
Tue, 20 Sep 2022 04:13:54 GMT
cache-control
public,max-age=81193
accept-ranges
bytes
x-ua-compatible
IE=Edge
main.js
ssl.xplosion.de/scripts/ Frame CC6A 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.xplosion.de/scripts/main.js
Requested by
Host: ssl.xplosion.de
URL: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3400:7:2732:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7cc3389c6e9b2eacd26e9bd8c0ce27e8cb1f665ee620f9c13500f6eb812585e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
OopLweCu8q55EvAxCRIr2R1ZCpuEBk_J
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 10:47:26 GMT
server
AmazonS3
age
2947
etag
W/"7b4c52dd98b50730aad6f88a197222bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
cache-control
max-age=3600, no-transform, public
date
Mon, 19 Sep 2022 05:02:54 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tPxDO7XbPHJQf-AzPRA2pyyHiSTTJns82mZVIBkCPYyiEUfrFoj3ew==
1703416313287473
connect.facebook.net/signals/config/ Frame 2AD4 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1703416313287473?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
484ea4f4d5ed51367f4e173e81b800343aed32334af8bd6df57a64f76f917162
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86091
x-xss-protection
0
pragma
public
x-fb-debug
pDAhGL5ESWGXTz4xguobk97LKewoQa82XW1fOEsUCJnU48UTZ9ofV/PvOcP87ShgJlK2KdKEJwf1cQSFwiMTlQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 05:40:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
6393536373136323131303.js
t13.intelliad.de/cl/ Frame 2AD4 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t13.intelliad.de/cl/6393536373136323131303.js
Requested by
Host: t13.intelliad.de
URL: https://t13.intelliad.de/hfpc.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.27.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-27-30.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5e0a336c4dd2f591c67eb9067c1b90d93d70a091b0723f3728be497db48664b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 05:12:20 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"683b-5e900c18bf500-gzip"
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
content-length
6293
cc
geid.wbtrk.net/ Frame 2AD4 		2 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geid.wbtrk.net/cc?a=rtacdb&c=wt_geid&ac=wt_geid&av=816635660410012876028760&al=24&acp=/&acd=.wbtrk.net&acl=180&o=s&x=1663566041691
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
9bf31c7f /
Resource Hash
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Mon, 19 Sep 2022 05:40:41 GMT
server
9bf31c7f
x-robots-tag
noindex, nofollow, noarchive
x-wt-wcc
rtacdb
p3p
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
application/javascript;charset=UTF-8
content-length
2
expires
Mon, 26 Jul 1997 05:00:00 GMT
telekom.de.unterwegs.config.jsonp
ssl.xplosion.de/config/ Frame CC6A 		713 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.xplosion.de/config/telekom.de.unterwegs.config.jsonp
Requested by
Host: ssl.xplosion.de
URL: https://ssl.xplosion.de/scripts/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3400:7:2732:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42cd8c654da6bc525e0af88cf50384e1dc44e9ed97962f20a652c3c191a1eb26

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
_FMRVByoO2W7Nbc.kcZoax_AI2ac0U_B
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2017 09:08:14 GMT
server
AmazonS3
age
6787
etag
"1b1517e95e6418f28c275e28b78905d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 19 Sep 2022 05:40:41 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
713
x-amz-cf-id
0fM863ydIyEgoMY5X0fgIXb4RVR9ZhM2E0w6ZwA__eMm3VxkO2sP-w==
bnc.php
t23.intelliad.de/ Frame 2AD4 		43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/bnc.php?iacbos=bnc&cl=6393536373136323131303&sid=0.9203096233734447&fct=1663566042&lct=1663566042&nsc=0&cls=0&evid=&rand=2285850575690&uid=XD:W0XJm6NKYAAtCiL/Xcn2iTCAxeKd9hADFMJiGmM99QKCmFhgdCoEm2/WVXTEG4gAwrix2c0LQrqv7d8Q3/S+/NW7WOYPlLpNYFQ5vko/k9s=
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.219.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-219-38.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
access-control-allow-origin
https://costaricaretireonss.com
cache-control
no-store, no-cache, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
mct.php
t23.intelliad.de/ Frame 2AD4 		43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/mct.php?rand=9975979632111&iacbos=view&cl=6393536373136323131303&tc=&sc=&re=https%3A//costaricaretireonss.com/wp-content/themes/dir/&loc=https%3A//costaricaretireonss.com/wp-content/themes/dir/Telekom%2520Login_files/phoenix_login_tracking.htm&ia_u4pc=0&ia_c4dc=0&sft=0&ia_tld2u=&ia_bif=0&sk=15&uid=XD:W0XJm6NKYAAtCiL/Xcn2iTCAxeKd9hADFMJiGmM99QKCmFhgdCoEm2/WVXTEG4gAwrix2c0LQrqv7d8Q3/S+/NW7WOYPlLpNYFQ5vko/k9s=&isminifp=1
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.219.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-219-38.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
access-control-allow-origin
https://costaricaretireonss.com
cache-control
no-store, no-cache, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
xups.xplosion.de/ Frame CC6A 		4 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xups.xplosion.de/?cus=2000243&xplsid=243&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=&sessionid=904961531344452&cookieEnabled=true&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&userLang=en-US&userTimezone=0&uuid=b0126a88-64d9-60d9-7114-bf665aa410b4&scorex=undefined&hasFlash=false&tg=826&xpid=&xpidsignature=&timestamp=009845245229367&scriptversion=4.6.9-SNAPSHOT&px=jsonppgbs
Requested by
Host: ssl.xplosion.de
URL: https://ssl.xplosion.de/scripts/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-118-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssl.xplosion.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 05:40:41 GMT
content-type
application/json
fbc
fbc.wcfbc.net/v1/ Frame 2AD4
Redirect Chain
  • https://pix.telekom.de/423493631852538/cc?a=r&c=wteid_423493631852538&t=https%3A%2F%2Ffbc.wcfbc.net%2Fv1%2Ffbc%3Fp%3D441%2C0%26acc%3D423493631852538%26t%3D1663566041741%26err%3D
  • https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663566041741&err=&c=wteid_423493631852538&v=4166356604100756739
  • https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663566041741&err=&c=wteid_423493631852538&v=4166356604100756739&rc
69 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663566041741&err=&c=wteid_423493631852538&v=4166356604100756739&rc
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Server
185.54.150.123 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c1a69853198ae592f980806d6d489f43d03ee49f60df58b32ad375c03127703a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
server
nginx
content-length
69
content-type
image/png

Redirect headers

location
/v1/fbc?p=441,0&acc=423493631852538&t=1663566041741&err=&c=wteid_423493631852538&v=4166356604100756739&rc
date
Mon, 19 Sep 2022 05:40:41 GMT
server
nginx
content-length
217
content-type
text/html; charset=UTF-8
sidebar_min.js
www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/ Frame 2AD4 		132 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.js
Requested by
Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
5551e5d205435786101eed90dbef5731d891fb7f14b558e8146acab938b7ec3d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 04:14:17 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
expires
Tue, 20 Sep 2022 04:14:17 GMT
cache-control
public,max-age=81216
accept-ranges
bytes
x-ua-compatible
IE=Edge
254127818673288
connect.facebook.net/signals/config/ Frame 2AD4 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/254127818673288?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e4fce202b7957f6a3608780f46a5b9e6335cbfe979df5dce4f4dec234817c76
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86348
x-xss-protection
0
pragma
public
x-fb-debug
edqAcpQ71W1g6R0IamT8S4O5HMNIznqW5VAMxG4CYHQxP4KksRt/doHiYRLAPnO58J+zFM3AEY+4VHuuuM2lBw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 05:40:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2AD4 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1703416313287473&ev=PageView&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663566041888&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1663566041887.324701105&it=1663566041674&coo=false&rqm=GET
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 05:40:41 GMT
/
www.facebook.com/tr/ Frame 2AD4 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=254127818673288&ev=PageView&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663566041890&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%223961094147318048%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22299505258411378%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1663566041887.324701105&it=1663566041674&coo=false&rqm=GET
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 05:40:41 GMT
/
www.facebook.com/tr/ Frame 2AD4 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1703416313287473&ev=ViewContent&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663566041892&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1663566041887.324701105&it=1663566041674&coo=false&rqm=GET
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 05:40:41 GMT
/
www.facebook.com/tr/ Frame 2AD4 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=254127818673288&ev=ViewContent&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663566041893&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1663566041887.324701105&it=1663566041674&coo=false&rqm=GET
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 05:40:41 GMT
/
track.adform.net/Serving/TrackPoint/ Frame 2AD4
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=120050&lid=3130201&ord=242349217257&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iL...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=242349217257&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5k...
42 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=242349217257&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
905d2b3a1d589f9c58199ad5e1183399c62048a619d2278f274829aa54252613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
5598
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=242349217257&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
cc
pix.telekom.de/423493631852538/ Frame 2AD4 		160 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.telekom.de/423493631852538/cc?a=c&c=wteid_423493631852538&rn_wteid_423493631852538=wt3_eid&v=&cp=/&cd=180&ccl=180&w=3
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.54.150.52 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
pix.telekom.de
Software
1679091c /
Resource Hash
422b2ba5225d160964a385ede385cff450622f160e4f9a37b756f1ddc189dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
last-modified
Mon, 19 Sep 2022 05:40:41 GMT
server
1679091c
x-robots-tag
noindex, nofollow, noarchive
x-wt-wcc
toclient
p3p
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
application/javascript;charset=UTF-8
content-length
160
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
uss.xplosion.de/ Frame 2AD4 		42 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uss.xplosion.de/usersync?sid=92078&fpid=4166356604100756739
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.134.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-134-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 05:40:42 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
image/gif
content-length
42
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
/
track.adform.net/Serving/TrackPoint/ Frame 2AD4 		139 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=120004&ADFPageName=BLOCKED%20DOMAIN%7Ccostaricaretireonss.com&ADFdivider=%7C&ord=888421837363&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6d0d8621173b58a3431981207a529619a69b8ce1941cbb3dd0426fe13f668ed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
212
expires
-1
cc
geid.wbtrk.net/ Frame 2AD4 		34 B
161 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geid.wbtrk.net/cc?a=c&c=wt_geid&rn_wt_geid=wt_geid&v=&cp=/&cl=-1&ccd=1&w=2&x=1663566042717
Requested by
Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software
9bf31c7f /
Resource Hash
f9ded5934212189b61777ae3bc3fc776dab5f9e438f85d239d7b2ede571e21e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 05:40:42 GMT
last-modified
Mon, 19 Sep 2022 05:40:42 GMT
server
9bf31c7f
x-robots-tag
noindex, nofollow, noarchive
x-wt-wcc
toclient
p3p
policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
application/javascript;charset=UTF-8
content-length
34
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ Frame 2AD4 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1703416313287473&ev=Microdata&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663566043391&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=2&o=30&fbp=fb.1.1663566041887.324701105&it=1663566041674&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 05:40:43 GMT
/
www.facebook.com/tr/ Frame 2AD4 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=254127818673288&ev=Microdata&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663566043393&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=2&o=30&fbp=fb.1.1663566041887.324701105&it=1663566041674&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://costaricaretireonss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:40:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 05:40:43 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telekom (Telecommunication)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| accountLocked boolean| accountLockedPermanent number| accountLockExpiration boolean| loginFailed function| $ function| jQuery object| Login

26 Cookies

Domain/Path Name / Value
pix.telekom.de/423493631852538 Name: wteid_423493631852538
Value: 4166356604100756739
pix.telekom.de/423493631852538 Name: wtsid_423493631852538
Value: 1
.costaricaretireonss.com/ Name: _gcl_au
Value: 1.1.1619176034.1663566041
.costaricaretireonss.com/ Name: CONSENTMGR
Value: c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1663566040944%7Cconsent:true
.costaricaretireonss.com/ Name: utag_main
Value: v_id:018354434f710002e217fe84d41203074006606c00b08$_sn:1$_ss:1$_st:1663567840946$ses_id:1663566040946%3Bexp-session$_pn:1%3Bexp-session
.costaricaretireonss.com/ Name: first_encounter
Value: 1
.costaricaretireonss.com/ Name: wt_cdbeid
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUktYFX-CsWCm09ATJix1nH_BAXOAUnD3bXPzF1eh5bqLEP2YNgXqOjCAKDD
pix.telekom.de/ Name: wt_nbg_Q3
Value: !1zBhCgJkiDa7xSe7MOh2eXQWYSomxioj9sXhDkHbcyUpx6MI6DlUzJ11zTed571Mhb3q84N8lTTHoQ==
.t23.intelliad.de/ Name: iact
Value: 0001565B08EF38CC9EE15470C1A6D64677CF
costaricaretireonss.com/ Name: ia-6393536373136323131303
Value: XD:W0XJm6NKYAAtCiL/Xcn2iTCAxeKd9hADFMJiGmM99QKCmFhgdCoEm2/WVXTEG4gAwrix2c0LQrqv7d8Q3/S+/NW7WOYPlLpNYFQ5vko/k9s=
costaricaretireonss.com/ Name: ia_bncl_6393536373136323131303
Value: 0.9203096233734447%201663566042%201663566042%200%200
.t23.intelliad.de/ Name: iactxd_42882
Value: 0001565B08EF38CC9EE15470C1A6D64677CF
.costaricaretireonss.com/ Name: _fbp
Value: fb.1.1663566041887.324701105
.wcfbc.net/ Name: wt_cdbeid
Value: f826368f92dbab46c96f1aa88b5f3b59
.xplosion.de/ Name: pid
Value: BSwCBsaCWDf8BSJ3ESw0EiRkWsfsBsR3ESfABifABifABfrr
.xplosion.de/ Name: pid_short
Value: 5qc562IHBSbhWCLDcU3CBaI2__rr
.xplosion.de/ Name: pid_signature
Value: BdB0BqWlwqw0wsbCwd7FBCw0WdUFWsBCBCUkEqB0HSJAWSBZBSJsHJrr
geid.wbtrk.net/ Name: wt_nbg_Q3
Value: !+ZNvPh+ApJBj8GHpjGYh4zwSUbWZoP2u3dN2LHYpwpeK6FrqBkdqs0QQKOIO4NykjNnHIFYCi+Ln4w==
.adform.net/ Name: C
Value: 1
.costaricaretireonss.com/ Name: wt3_eid
Value: %3B423493631852538%7C4166356604100756739
.costaricaretireonss.com/ Name: wt_cookiecontrol
Value: 1
.costaricaretireonss.com/ Name: wt_rla
Value: 423493631852538%2C3%2C1663566041407
.adform.net/ Name: uid
Value: 8906958446646348999
.xplosion.de/ Name: ep
Value: YygA2uGS416SW5Bl3DlK
.costaricaretireonss.com/ Name: wt_geid
Value: 68934a3e9455fa72420237eb

14 Console Messages

Source Level URL
Text
network error URL: https://i.ibb.co/DfzDgmX/Screenshot-8.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/images/data_protection.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Message:
Refused to execute script from 'https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a_002' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Message:
Refused to execute script from 'https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/196380495960676' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security error URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Message:
Refused to execute script from 'https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wbtrk.net
connect.facebook.net
costaricaretireonss.com
fbc.wcfbc.net
geid.wbtrk.net
googleads.g.doubleclick.net
i.ibb.co
pix.telekom.de
responder.wt-safetag.com
s2.adform.net
ssl.xplosion.de
t13.intelliad.de
t23.intelliad.de
tags-eu.tiqcdn.com
track.adform.net
uss.xplosion.de
www.facebook.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.telekom.de
xups.xplosion.de
104.111.215.143
172.217.18.2
18.194.219.38
185.54.150.115
185.54.150.123
185.54.150.22
185.54.150.52
185.54.150.79
2600:9000:21f3:3400:7:2732:be80:93a1
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:831::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3121::c
37.157.6.236
37.157.6.245
46.51.134.251
51.210.32.132
52.212.118.143
52.58.27.30
80.158.67.40
0160833250f888a24fda0fc62b1a091dcd975c910f84b8754b5cc1bde644e149
0e3ea0b9181e6461e21390ce2e2dc0fd07e3a939c4643ba3367d281ef69dc76e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12dd26d92febfda94104e8e6e1fae56a700dde48ee46d557538497d15de1e6cb
14382ccce783715cd78910b3b74ca0863367c01b6923b137d598e3c7a1f5900f
1a96d30a100b47d5e1e1aa27005d349a1138871aafbd0c7f615741007e8473ce
1e4fce202b7957f6a3608780f46a5b9e6335cbfe979df5dce4f4dec234817c76
2780be4293bd393b54fb765c8ec205363800aa0daa2e8f75e8fe6dc3ccbe8ccc
29a0146cd582489b149595e14b33fbbf41cf2ddb761b2f2ef60d0bd3d3e7517d
306f2ebde2a8145229dd48225e00d99fecb7dc729b4cfc0b4fa15c21ddcede29
40f12df8ac1275dc47e45c4286652edad140acdcf82db35c82840134b53d80df
422b2ba5225d160964a385ede385cff450622f160e4f9a37b756f1ddc189dede
42cd8c654da6bc525e0af88cf50384e1dc44e9ed97962f20a652c3c191a1eb26
42d274b3c3f7c6565c2f3cc9b009770f143ceca121b91bc25f844f7040f18c94
43d5062c71b15a64799eb2428ac313f92af2be89a905469946aa45192407b038
484ea4f4d5ed51367f4e173e81b800343aed32334af8bd6df57a64f76f917162
4ab3e6719513e071caf669acd89fb8b819a0e9aead9bffb8ce340224f5c6ed54
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5551e5d205435786101eed90dbef5731d891fb7f14b558e8146acab938b7ec3d
5a46ae9b04fdb63d5a7132ebb1678c262d5470f74ec18d3a7e4f96de96c5b805
5bb09b27436ec99c084d4a7c1a555fc0f302081704b1e2eb20617dc522bda1cb
5c2b63b6a04bea042f33716a5ec7692e1cf3154f660b7e4423e5d185211810d6
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5e0a336c4dd2f591c67eb9067c1b90d93d70a091b0723f3728be497db48664b6
5ef468e6b28f8232ff6dc2b54f48a016be6b2776a27b7e5191ab71393637dc57
6229e782fe6457e62a11207ce20c60757cadbfb8ac4064e005a056e54b6b6191
62610c7225cf2c75c8c2c9e0a6ac9145a33b557f08da9429995d2b414ab933f3
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
6d0d8621173b58a3431981207a529619a69b8ce1941cbb3dd0426fe13f668ed9
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c38bcebdeb39314df096a73d8d898029c59993071e4b8a1650d1dd9fd4466b2
8e7dd30fa424475486000787392372f06cf8ec1882c749a5a818fd6624b1dc37
905d2b3a1d589f9c58199ad5e1183399c62048a619d2278f274829aa54252613
96abded29d7f33d0939bd257815ad1828604f9d5d0d3057c489f1afff0612b06
a7fb7ea7ac5d4073f1505391c735942e45e6be306696bd3572e9e53dc291848b
ab2c778685ffddd1e0933e57fc864729fa8cb7921a3783d6546285c3e357aabc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b928e4bff00195d50132fbd2eb4e09aed0b5d3e4ae50f58d1d48f78ad80f72d4
b95aa3f47aa13e07f6874689ff02c2a7757bd71dd61177c9ebbb55508fc7bb7d
b9f56a894575e0ee1b3c6ecd875724806f9090a86dc38a62b600f7e1a8e6b3ea
c1a69853198ae592f980806d6d489f43d03ee49f60df58b32ad375c03127703a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7cc3389c6e9b2eacd26e9bd8c0ce27e8cb1f665ee620f9c13500f6eb812585e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f06e1e6f9a75c292bae9623c46adfd265be893bd19869f90559776b4cf08b6
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
eefcfc1305138f6f58526af6d51a1a8ff86658dc09b93caef33a382017dd0adf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f410c489fe29c824fb79a74cdd9981740d0167b0dd4c3d392561d27c043e259e
f725af55fa0a2046cb2a5f5db489da011690d83799811ca23547f07c545cf9de
f7c9a6a063bebf358281210d89deab95b3664efdaa7221d33003e76bb819481a
f88e6b79e5cbd5c5bd0fc64b7747e35ab0f9d28d737482dcebec962e241bf43e
f9ded5934212189b61777ae3bc3fc776dab5f9e438f85d239d7b2ede571e21e5
fc76360c70e8389fdd38e99d5c153c9d88b86569b3f42c40062f1c51ed85b336