costaricaretireonss.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://costaricaretireonss.com/wp-content/themes/dir/
Submission: On September 19 via api (September 19th 2022, 10:52:47 pm UTC) from JP — Scanned from NL

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 17 domains to perform 79 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is costaricaretireonss.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2022. Valid for: a year.

This is the only time costaricaretireonss.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telekom (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
27	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.210.32.132 51.210.32.132	16276 (OVH) (OVH)
2 5	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
11	23.7.192.80 23.7.192.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	185.54.150.22 185.54.150.22	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	185.54.150.115 185.54.150.115	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1 4	185.54.150.52 185.54.150.52	60164 (WEBTREKK-AS) (WEBTREKK-AS)
4	185.54.150.79 185.54.150.79	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	52.58.27.30 52.58.27.30	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	80.158.67.40 80.158.67.40	34086 (SCZN-AS) (SCZN-AS)
3	3.71.168.227 3.71.168.227	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:225... 2600:9000:2251:3e00:7:2732:be80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.54.150.123 185.54.150.123	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	3.248.103.16 3.248.103.16	16509 (AMAZON-02) (AMAZON-02)
1	54.78.90.85 54.78.90.85	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
79	23

27 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

costaricaretireonss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.32.132 (France)

ASN16276 (OVH, FR)
PTR: ns3172604.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.7.192.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-192-80.deploy.static.akamaitechnologies.com

tags-eu.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)

responder.wt-safetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.115 (Germany)

ASN60164 (WEBTREKK-AS, DE)

cdn.wbtrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.54.150.52 (Germany) 1 redirects

ASN60164 (WEBTREKK-AS, DE)
PTR: pix.telekom.com

pix.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.54.150.79 (Germany)

ASN60164 (WEBTREKK-AS, DE)

geid.wbtrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.27.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-27-30.eu-central-1.compute.amazonaws.com

t13.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 80.158.67.40 (Germany)

ASN34086 (SCZN-AS, DE)

www.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.168.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-168-227.eu-central-1.compute.amazonaws.com

t23.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:3e00:7:2732:be80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ssl.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.123 (Germany) 1 redirects

ASN60164 (WEBTREKK-AS, DE)

fbc.wcfbc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.103.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-103-16.eu-west-1.compute.amazonaws.com

xups.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.90.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-90-85.eu-west-1.compute.amazonaws.com

uss.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	costaricaretireonss.com costaricaretireonss.com	360 KB
11	tiqcdn.com tags-eu.tiqcdn.com — Cisco Umbrella Rank: 53821	38 KB
7	telekom.de 1 redirects pix.telekom.de — Cisco Umbrella Rank: 90700 www.telekom.de — Cisco Umbrella Rank: 114697	2 KB
6	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3979 s2.adform.net — Cisco Umbrella Rank: 6329	38 KB
5	xplosion.de ssl.xplosion.de — Cisco Umbrella Rank: 839456 xups.xplosion.de uss.xplosion.de — Cisco Umbrella Rank: 37519	11 KB
5	intelliad.de t13.intelliad.de — Cisco Umbrella Rank: 181227 t23.intelliad.de — Cisco Umbrella Rank: 128727	10 KB
5	wbtrk.net cdn.wbtrk.net — Cisco Umbrella Rank: 158684 geid.wbtrk.net — Cisco Umbrella Rank: 123361	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	564 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	196 KB
2	wcfbc.net 1 redirects fbc.wcfbc.net — Cisco Umbrella Rank: 45223	380 B
2	google.nl www.google.nl — Cisco Umbrella Rank: 9480	612 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	572 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	wt-safetag.com responder.wt-safetag.com — Cisco Umbrella Rank: 32909	230 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13442	1 KB
79	17

	Domain	Requested by
27	costaricaretireonss.com	costaricaretireonss.com
11	tags-eu.tiqcdn.com	costaricaretireonss.com
5	track.adform.net	2 redirects costaricaretireonss.com track.adform.net
4	www.facebook.com	costaricaretireonss.com
4	geid.wbtrk.net	costaricaretireonss.com
4	pix.telekom.de	1 redirects costaricaretireonss.com
3	ssl.xplosion.de	tags-eu.tiqcdn.com ssl.xplosion.de
3	connect.facebook.net	costaricaretireonss.com connect.facebook.net
3	t23.intelliad.de	t13.intelliad.de costaricaretireonss.com
3	www.telekom.de	tags-eu.tiqcdn.com
2	fbc.wcfbc.net	1 redirects costaricaretireonss.com
2	www.google.nl	costaricaretireonss.com
2	www.google.com	1 redirects costaricaretireonss.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	t13.intelliad.de	tags-eu.tiqcdn.com t13.intelliad.de
1	uss.xplosion.de	costaricaretireonss.com
1	xups.xplosion.de	ssl.xplosion.de
1	s2.adform.net	costaricaretireonss.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.wbtrk.net	costaricaretireonss.com
1	responder.wt-safetag.com	costaricaretireonss.com
1	www.googletagmanager.com	costaricaretireonss.com
1	i.ibb.co	costaricaretireonss.com
79	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-22` - `2023-05-22`	a year	crt.sh
ibb.co R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.wt-safetag.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-17` - `2022-11-19`	2 years	crt.sh
*.wbtrk.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-22`	a year	crt.sh
pix.telekom.de TeleSec ServerPass Class 2 CA	`2022-07-13` - `2023-07-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.intelliad.de Thawte RSA CA 2018	`2022-09-02` - `2023-09-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.telekom.de TeleSec ServerPass Class 2 CA	`2022-08-02` - `2023-08-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-29` - `2022-09-27`	3 months	crt.sh
*.xplosion.de R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://costaricaretireonss.com/wp-content/themes/dir/
Frame ID: 8FF7FA7648A1161BE1C977EB906D4575
Requests: 16 HTTP requests in this frame

Frame: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Frame ID: 4D0433E1715EFF288BEEC4A967A5E53A
Requests: 58 HTTP requests in this frame

Frame: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ls.htm
Frame ID: DC211675D515D0D36F5FD2A7A6D1D09E
Requests: 1 HTTP requests in this frame

Frame: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
Frame ID: 9A59455B0E07E7578EAD87DB923D19D0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telekom Login

Detected technologies

Intershop (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

(?:is-bin|INTERSHOP)

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

95 %
HTTPS

35 %
IPv6

17
Domains

23
Subdomains

23
IPs

6
Countries

722 kB
Transfer

2020 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 56

https://pix.telekom.de/423493631852538/cc?a=r&c=wteid_423493631852538&t=https%3A%2F%2Ffbc.wcfbc.net%2Fv1%2Ffbc%3Fp%3D441%2C0%26acc%3D423493631852538%26t%3D1663627963816%26err%3D HTTP 301
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663627963816&err=&c=wteid_423493631852538&v=4166362796300390081 HTTP 307
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663627963816&err=&c=wteid_423493631852538&v=4166362796300390081&rc

Request Chain 67

https://track.adform.net/Serving/TrackPoint/?pm=120050&lid=3130201&ord=195726266944&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking. HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=195726266944&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.

Request Chain 72

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&_rnd=0.33595519363729176 HTTP 302
https://www.google.com/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2153780141 HTTP 302
https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2153780141&ipr=y

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
costaricaretireonss.com/wp-content/themes/dir/ 7 KB
2 KB 552ms
485ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f56a894575e0ee1b3c6ecd875724806f9090a86dc38a62b600f7e1a8e6b3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74d5e4a4ce0bb778-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 22:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icourU1zA9a7b1%2F15nZCHKau9larTs3ETXw1qF8S866jaRz%2Bssym3fwILeBruJolA2qOI6bdkDAdltD6N9T%2B0u5C1ci8FyXXEDFEqErAxBu9GZKaJ329cJZKVasX6rhKnbBCcKwOICsCxrBEPnpnssTDhroC5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 components.css
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 96 KB
18 KB 522ms
520ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c9a6a063bebf358281210d89deab95b3664efdaa7221d33003e76bb819481a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpDQO%2FHuaN6T2I%2BBCeNtm81t87%2F9hQj91JlibZj30uGW2Vwre%2BE%2F8w2Up8hpWYtPcTwBZpGTl2bHdVIl%2BTkMCTt3HXvKu6dmWXeI1LoQk0rZFrgn%2BMrGzUUIM7uJuSAFc%2BOimgge7%2BTQHjm4yKqbYcSF4UFTkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 74d5e4a7d8c2b778-AMS
expires: Wed, 19 Oct 2022 22:52:41 GMT

GET
H2 200 login.css
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 14 KB
4 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.css

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0160833250f888a24fda0fc62b1a091dcd975c910f84b8754b5cc1bde644e149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109574
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JrxpMjbJDC3JxGkdbf57mbHy87ZPDuqHocqtZndfL6jFAgmLjubgOtOkvv5aSbfjtQBVYcbItXXMzrGs1i1N3b5GOl%2BlEJChAHKjHWhtsQsqfQq0KvlXo%2BVsTNaeKonmU4fRasw%2BZgTbkLTtTwmwg5%2BW40YdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 74d5e4a7d8c4b778-AMS
expires: Tue, 18 Oct 2022 16:26:27 GMT

GET
H2 200 jquery-3.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 85 KB
31 KB 626ms
625ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/jquery-3.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHWx142yngui%2BOs9%2F4I9Kiq1QtfEQbTg1uZH%2BZIohCmOoCqHDAMlu8VGrLzljyg4RX8lXxaPTRQ%2F3zn09ffyuAnxM89%2B2bjkNhl0rZCweVC26TSWWrmkoh%2BzW7HcoZlfPywJ7GkEVAcXNjLJ%2BefsygMeaN2A4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4a7d8c5b778-AMS
expires: Wed, 19 Oct 2022 22:52:41 GMT

GET
H2 200 components.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 76 KB
23 KB 34ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d274b3c3f7c6565c2f3cc9b009770f143ceca121b91bc25f844f7040f18c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109573
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8KKhCZUaSqDZBAUS9L8ZIO2fSsmnl5Q0rReoC9L3peCHJ6t9PPAYyC1BVLNDSOCs3L9rv9pSJUPL0ZdCxmmhBD8%2BmKu7nJp6A7FCWEg5d5motw8mnnC2BbFafJBNfiZoJSmjwQdKEme60k4NbxgP2%2Bn7l4UYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4a7d8c6b778-AMS
expires: Tue, 18 Oct 2022 16:26:27 GMT

GET
H2 200 login.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ 12 KB
3 KB 33ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f12df8ac1275dc47e45c4286652edad140acdcf82db35c82840134b53d80df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109574
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgMflRdPLIMu%2F%2B0VSDTbdzrHtcOe1nvw5IoiHgRbeZZ3zEtdDnhqtDSJB6C9vsY5Gu9FfEGc3%2BAFNjWBRRe%2BqdYjqKPOZ5mtUmoc%2FwxkemCLE4TMFCidlbSov0%2B%2FrhXnXftYsyrFmd93o0%2FZD2RD9LTXvdTI9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4a7d8c7b778-AMS
expires: Tue, 18 Oct 2022 16:26:27 GMT

GET
H2 404 Screenshot-8.jpg
i.ibb.co/DfzDgmX/ 1 KB
1 KB 130ms
34ms Image
image/png 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/DfzDgmX/Screenshot-8.jpg
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
server: nginx
content-length: 1031
content-type: image/png

GET
H3 200 phoenix_login_tracking.htm Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/ Frame 4D04 3 KB
2 KB 465ms
464ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefcfc1305138f6f58526af6d51a1a8ff86658dc09b93caef33a382017dd0adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74d5e4ac3977b77f-AMS
content-encoding: br
content-type: text/html
date: Mon, 19 Sep 2022 22:52:42 GMT
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSUjiW%2FB%2Bp1SiK9xynWGmb2eRr8JmJ5C7sbxNvveBHc9zgIdnHYPSro%2FH485Fy9p6OxguXitXOjCvNxBxU8TLX%2BXDLo3CjWnwz0oN%2BSeWJ%2BjTLWs2I12rt8DpNsxUna6AuNEYnreUJVUWMRVtpG7R60lvQBz4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H3 404 data_protection.svg
costaricaretireonss.com/wp-content/themes/dir/images/ 315 B
315 B 463ms
463ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/images/data_protection.svg

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqvNgJ9XHwDtJV5sKY6AfJ7V8WEr%2Bx%2Bu%2B00RveMnxRflg6hHqHQ8W8AATj7E4dPCxhUYfIXQNY41cgoUdcjZQPfiaK7zFGVkT9cdl6CVsZZyFJo%2BO6ot8Cl2%2Bkw3q9B92Q8OknWOmCPiqVktF1zxBWZe9maWQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4ac397eb77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 telegroteskscreen-bold.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 450ms
449ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.woff

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEZihqSxxyTBpbAJkJPGHzIEIJw%2FRD18YLGYlcqxuarvOWACFdGA8a%2FklM7ud3wiRuK6OjdS9Tb7tvBVMPPD16gKuJhARwvdCFDM8c54NMLCcUf0F%2BFmLCeXbZC3NId78o8v%2BjqVn%2FAFzRnxagWA9lX%2Fum0mJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4ac397fb77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 telegroteskscreen-thin.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 483ms
481ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.woff

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXGDS%2Bgu1lGHbhyzDTVRFCaohWt7EMzigr%2BpF2ho8djff7BRjXLehNYF2NIcPa7i2SUreloxyUWOwBG8M0ZChXc9uY6f1tN5SSFnLbRhAgxafX1uRMi5le1W2%2BPhNON7vPfpIWSNUL%2Btey%2FCXopAoe6DdqEgpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4ac3980b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 telegroteskscreen-regular.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 482ms
480ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.woff

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWX1kTHyVyVYsKuU8NnSwuHwpxu%2BPa9TAiFpSjrqLDGwdT4gHiOSe%2FXmDbdpiA%2FuM7HxA9ItBmvxbCAKG%2F3YRCVsVetHhkwicdN6C6eqijFSMOMVjvQeXFADJmkSavEIJEyXSfErCLcsWjys68mBW8WcLtNmbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4ac3982b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 teleicon-ui.woff
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 452ms
451ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.woff

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L0Z0BLv53KkdoRb7Qt%2B%2Byq%2B1NY9VAlpZhcAbgvZlhQMhoxF0%2BYjDsVQYVnIEMNCjKwQd8bPDw7%2FUugHdzBZbOJWVVw65SRUCmpwC6CYYPg7cKDhohicLZ33Vszjy636EKNzinPa251k7vgGBos%2FXLj3ieWSLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4ac3983b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 telegroteskscreen-bold.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 449ms
449ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.ttf

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJoa7%2FNe%2BaclmlsLpukpcQvIh8KVYmxNXsp7ZuFn263iRoJTLZqq42VtuW%2B2XVbmkJvHUptn%2B%2FZIsk%2B85TOBTowQYfWa5bXmU%2F6zzm1VRUd4Rn0Xi%2Fi%2F4EQVGzHHjcS63yi6cjhtJZSCkEFUmsqPC4hufAEzEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4af0c22b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 teleicon-ui.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 457ms
456ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.ttf

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJD61nWjIG%2FVCBw5cYLHRzfPnRQmLtseoVXDvmgE5FRqCEuHQzL8UEjtiCwZ4Jp8wtNrUc9PkUjWjoI9m3pAZEMxGKfv4VuN%2FBlRd4f4H4xnhrTOfGCUp4G%2FPoxorlCIF0VYb2GVMKpIfUqhee5vL2fK0Dx7eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4af1c25b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 conversion_async.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 23 KB
9 KB 32ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/conversion_async.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab3e6719513e071caf669acd89fb8b819a0e9aead9bffb8ce340224f5c6ed54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108306
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aptTV%2FMjpjQ%2BNLZ19sDDy3fNhR3i%2B%2BrbQT9ESol8JOwVPvs9XFh4YThg457Lp9pm5hXGdoS%2BevRAsR%2FrrA%2B1gDO6%2F22T%2FM1HLCxKoiPR%2BO0up1tYS80EMz7K08svT%2BI7VmArwVHfyF3RWlgXwoe97RJLRw4fOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4af3c45b77f-AMS
expires: Tue, 18 Oct 2022 16:47:36 GMT

GET
H3 200 196380495960676 Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 49 KB
50 KB 247ms
246ms Script
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/196380495960676

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b928e4bff00195d50132fbd2eb4e09aed0b5d3e4ae50f58d1d48f78ad80f72d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp0WIqF9CKh5AmpOT9e8EknLSXGQ%2BU1rO20gvz%2B8M2Am1tvx8lh75JG%2B1AI4yHz01AJN2gRH%2Fce4MUGN8ObPcpfnEVrFciWRGmtV9daTv90ecsN%2Bx4Ky7ebmDL7Sj9YGO6uqbvoN2DPIp8W%2BdovCXD5yRYvHbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
accept-ranges: bytes
cf-ray: 74d5e4af3c47b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50254
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: EXPIRED

GET
H3 200 a_002 Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 92 B
600 B 453ms
452ms Script
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a_002

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12dd26d92febfda94104e8e6e1fae56a700dde48ee46d557538497d15de1e6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WX49aRhqS6NHFW8IjWkZQPRI7F3z50pcdw1bOwdQfiJInwLoVyCMZp81SQPNJGkcmyZ6AQVFZsyVLeMYBY0fMq5bjGGidUeJXsyKtJMS2v15%2BDzEZIt6eqXGo1%2FlhawxJk%2FXlpmdJtIeQDPg1qkoLlHy3l9wxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
accept-ranges: bytes
cf-ray: 74d5e4af3c48b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: EXPIRED

GET
H3 200 utag.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 96 KB
28 KB 34ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a0146cd582489b149595e14b33fbbf41cf2ddb761b2f2ef60d0bd3d3e7517d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108306
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BX4K1h%2FYOZEcTdqahN5iHaVoXjxID%2B11C624bV4N1lVbTmXFuKWTbEQ%2Fs8WFUpELjxeekFeShPeWsnh%2FLuOeTW94DoQoIGjq%2F5Jyr6HiATr%2B6FaUSLES76cjlYongquW%2B5zcTqvf%2BtKSGj9eciDrUYbgxo3UvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4b20eb1b77f-AMS
expires: Tue, 18 Oct 2022 16:47:36 GMT

GET
H3 200 utag_004.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 88 KB
25 KB 38ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_004.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7dd30fa424475486000787392372f06cf8ec1882c749a5a818fd6624b1dc37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108306
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XS%2FR4FHeCQeVI6f20jvQ%2BQih0fv8SMIpAxw%2FAtLaxOaRz%2FNjhvW2lkeqTQqVpMD%2F8rd%2Bwe6RMsPmEhXuJPvmQwuOBWZUq1k2u7UynY5v4xbKnIKqn6iQA0kV4M%2BHQQ0epdi8%2FP7z7M%2FjLgZW7vmONUWvv%2FQN3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4b21eb3b77f-AMS
expires: Tue, 18 Oct 2022 16:47:36 GMT

GET
H3 200 utag_003.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 3 KB
2 KB 32ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_003.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2b63b6a04bea042f33716a5ec7692e1cf3154f660b7e4423e5d185211810d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108306
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGTgmmVlGDezTdjylIbM6%2B8wVFJm33lFhZh7tW1W%2BBbfQShoboMDoTaXEOJnSV9ez%2BUEw%2BhEPQCM8zw4fP6yJ5FMyvArGedsGC9RGwlnoWIR1RZucaDpZpZYMPu2gh%2Bm2IOMU3BvlHRrI6iM9H3SW1Yt3Wg2gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4b21eb4b77f-AMS
expires: Tue, 18 Oct 2022 16:47:36 GMT

GET
H3 200 onsite.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 127 KB
44 KB 622ms
622ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/onsite.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14382ccce783715cd78910b3b74ca0863367c01b6923b137d598e3c7a1f5900f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88B%2Bx2iOFxh9kaSTuazikcSbIMT5N4HRB1UZ0DYD3Df69K%2B8Rh0ea%2Bc46rXAjIlnSq9AQRsBRRiBZ2Mt15MkwFiiTG%2B3dcm1k3EtQNQv%2BFFrE%2Bj2tlsUyGpx1LZRGXtyUxx57rM9UJ6CtgPAVVvRFCH9%2FcM6Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4b21eb5b77f-AMS
expires: Wed, 19 Oct 2022 22:52:43 GMT

GET
H3 200 js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 91 KB
91 KB 254ms
253ms Script
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c38bcebdeb39314df096a73d8d898029c59993071e4b8a1650d1dd9fd4466b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AEL1CcXUfDa6Xk94a4%2FpUET5DCMIz2zHw9DSJfjBIKYFO3uLug5KbOCH2APxlmT3xY8aZ4h4c%2FSWd9GKh5R%2B616i%2FSrg2HTDLnkipdDAyUycUMmxzaa%2FLOJLAM3d8EPRYSW7e9uFETxHLM1IuDrIiMZxA6duQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
accept-ranges: bytes
cf-ray: 74d5e4b21eb6b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92738
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: EXPIRED

GET
H3 404 a
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 0
0 455ms
455ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYOi9U7I7edaF7Te4BLfGrBwpThO9yjGt3CeWcVellLSJ0UK41AkZDwSlunWPEAALktA4AOQl87wXb6v7c8TEWP4OHDtAL%2FO8hjO5fK1lCOMQy94IALqMYklXJk1Y%2FJTJxl%2FY7z2n4Icry3wpJwtjO1FlthhBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 74d5e4af3c4ab77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 utag_002.js Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame 4D04 104 KB
27 KB 33ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a46ae9b04fdb63d5a7132ebb1678c262d5470f74ec18d3a7e4f96de96c5b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112733
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJT6BtIApKM0in49evN8rlaUq9xUhfpMD%2B8LsemPuTtKUXaFwNAcpAEtFAMu9tWVVlPTql0D7BHlwBU3EQr4ECR2zN4V2Kr7%2FdjfCYLrmh69FQCW54VcSOf%2FzLMHL%2F2Qa6TIFe6aTbRR8C06o1agSaj1xFIuAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 74d5e4af3c4bb77f-AMS
expires: Tue, 18 Oct 2022 15:33:49 GMT

GET
H3 404 telegroteskscreen-regular.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 457ms
456ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.ttf

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oina8jFxGzkvFjHQ7lIPAB4z1J3cDrFTEdcqqP%2B7bvNuNrkCjgcZY5r3lNVOaT6%2BRG2hwxv28wlpeYg%2BTCvRc1WcADCmxcW%2BIspGvwdPoFd74ZfVRgRZGNOkMxyh5ndvWd9YvMuzaAageYjRQs1lpAtB8iZbIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4af4c4fb77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 404 telegroteskscreen-thin.ttf
costaricaretireonss.com/wp-content/themes/dir/fonts/ 0
0 459ms
458ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.ttf

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/components.css
Origin: https://costaricaretireonss.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poODoKZgiEGtAD9SGcWj%2BNkDzZvawtImgKAKopYtVDsQ1i0nucLSkd%2BjTSfThqA%2BPk5sscfjHo3PE6Q4mzEfvuBd%2Fwg9VDC8r9ulgLFG2eokAF75r9n753ptQg4aqvk3oDVsjmD%2BAQyXA299Z%2FLtJyaCl814MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 74d5e4af4c50b77f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 ls.htm Show response
costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ Frame DC21 2 KB
1 KB 164ms
164ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/ls.htm

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

306f2ebde2a8145229dd48225e00d99fecb7dc729b4cfc0b4fa15c21ddcede29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74d5e4b21ebfb77f-AMS
content-encoding: br
content-type: text/html
date: Mon, 19 Sep 2022 22:52:43 GMT
last-modified: Sun, 18 Sep 2022 11:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FIjcMuW1gP18ibb%2FkxJc4Y6%2B62gOg%2BQq1%2FtNefciGO7jOy%2B9Wgat8EPXCxJCtT76nD8qmttWZupvqMi4lTFbRFsg5nNNRLVFHKVXSJIQ0MYtSl3bdatW7yKnKPBV40JrxSj2GxXRcWiD7nLaF5zXBkwMaBFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ Frame 4D04 73 B
495 B 149ms
39ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 180
expires: -1

GET
H2 200 utag.12.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 11 KB
4 KB 208ms
45ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.12.js?utv=ut4.44.201808200851
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2780be4293bd393b54fb765c8ec205363800aa0daa2e8f75e8fe6dc3ccbe8ccc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 08:59:05 GMT
server: AkamaiNetStorage
etag: "00331b45ea7a8bcc1b15697b3cc47160:1659517145.93956"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4104

GET
H2 200 utag.40.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 11 KB
3 KB 537ms
375ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.40.js?utv=ut4.44.201809140739
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1a96d30a100b47d5e1e1aa27005d349a1138871aafbd0c7f615741007e8473ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 13:21:02 GMT
server: AkamaiNetStorage
etag: "57e3c8243df62213db69e782634a0582:1616678462.606911"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3223

GET
H2 200 utag.55.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 3 KB
2 KB 1293ms
1131ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.55.js?utv=ut4.44.201807100941
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 62610c7225cf2c75c8c2c9e0a6ac9145a33b557f08da9429995d2b414ab933f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:44 GMT
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 13:20:55 GMT
server: AkamaiNetStorage
etag: "b51bb6e17b313627d3b66bd67220cf3e:1616678455.574718"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1514

GET
H2 200 utag.37.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 9 KB
2 KB 501ms
339ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.37.js?utv=ut4.44.201808200851
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f88e6b79e5cbd5c5bd0fc64b7747e35ab0f9d28d737482dcebec962e241bf43e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:02:56 GMT
server: AkamaiNetStorage
etag: "101be2496651d1af971f6bc57f58aeea:1597316576.155522"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2274

GET
H2 200 utag.101.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 16 KB
5 KB 539ms
377ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.101.js?utv=ut4.44.201902071424
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 43d5062c71b15a64799eb2428ac313f92af2be89a905469946aa45192407b038

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 14:23:04 GMT
server: AkamaiNetStorage
etag: "3fa78873a63a88b79b619fb0ddbc1c20:1602685384.47941"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4932

GET
H2 200 utag.120.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 15 KB
4 KB 499ms
338ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.120.js?utv=ut4.44.201808200851
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 96abded29d7f33d0939bd257815ad1828604f9d5d0d3057c489f1afff0612b06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:42:31 GMT
server: AkamaiNetStorage
etag: "d23bb6408a45d8997c543b1ca61c04fc:1602510151.057007"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4263

GET
H2 200 utag.125.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 15 KB
5 KB 336ms
335ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.125.js?utv=ut4.44.201812211142
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5bb09b27436ec99c084d4a7c1a555fc0f302081704b1e2eb20617dc522bda1cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:02:57 GMT
server: AkamaiNetStorage
etag: "34fd52d5ab3b4bbc0f4352712701702e:1597316576.963529"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4551

GET
H2 200 utag.126.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 15 KB
4 KB 845ms
844ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.126.js?utv=ut4.44.201808200838
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fc76360c70e8389fdd38e99d5c153c9d88b86569b3f42c40062f1c51ed85b336

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:44 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:42:32 GMT
server: AkamaiNetStorage
etag: "e2106e21783f1f66472ffc81ca38640f:1602510152.733921"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4265

GET
H2 200 utag.137.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 6 KB
2 KB 59ms
59ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.137.js?utv=ut4.44.201811140822
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ab2c778685ffddd1e0933e57fc864729fa8cb7921a3783d6546285c3e357aabc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 13:20:59 GMT
server: AkamaiNetStorage
etag: "855c89925a28019d50cd414a2f577f45:1616678459.349899"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2130

GET
H2 200 utag.151.js Show response
tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/ Frame 4D04 18 KB
5 KB 215ms
214ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7fb7ea7ac5d4073f1505391c735942e45e6be306696bd3572e9e53dc291848b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 12:55:16 GMT
server: AkamaiNetStorage
etag: "7e1f18db321ca90401028fb3dc3016d2:1554382516"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5035

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4D04 116 KB
46 KB 183ms
58ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1001948399

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a81c9296d219a081f0f7f2ee5e2a890682b2c70e49d7a3af62967e34857ed32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46542
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 22:20:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 22:52:43 GMT

GET
H/1.1 204
No Content 196380495960676 Show response
responder.wt-safetag.com/resp/api/get/ Frame 4D04 0
230 B 236ms
35ms Script
text/javascript 185.54.150.22
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://responder.wt-safetag.com/resp/api/get/196380495960676?url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.22 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 22:52:43 GMT
Cache-Control: max-age: 0, must-revalidate
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/javascript

GET
H/1.1 200
OK geid.min.js Show response
cdn.wbtrk.net/js/ Frame 4D04 1 KB
935 B 199ms
35ms Script
application/javascript 185.54.150.115
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wbtrk.net/js/geid.min.js
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.115 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5ef468e6b28f8232ff6dc2b54f48a016be6b2776a27b7e5191ab71393637dc57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 22:52:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2016 09:43:24 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 wt
pix.telekom.de/865234457892410/ Frame 4D04 43 B
497 B 171ms
36ms Image
image/gif 185.54.150.52
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.telekom.de/865234457892410/wt?p=441,www.telekom.de.privatkunden.,1,1600x1200,24,1,1663627963257,https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F,1x1,0&tz=0&la=en&cg1=www.telekom.de&cg8=privatkunden&cg10=authentication.login&cp2=authentication.login&cp44=pk-omni-sales&cp54=not-logged-in&np=&pu=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&eor=1
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.52 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS: pix.telekom.com
Software: 1679091c /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:42 GMT
last-modified: Mon, 19 Sep 2022 22:52:43 GMT
server: 1679091c
x-robots-tag: noindex, nofollow, noarchive
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif;charset=UTF-8
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cc Show response
geid.wbtrk.net/ Frame 4D04 2 B
441 B 121ms
35ms Script
application/javascript 185.54.150.79
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geid.wbtrk.net/cc?a=rtacdb&c=wt_geid&ac=wt_geid&av=816636279630068607986079&al=24&acp=/&acd=.wbtrk.net&acl=180&o=s&x=1663627963436
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c74d97b0 /
Resource Hash: 6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
last-modified: Mon, 19 Sep 2022 22:52:43 GMT
server: c74d97b0
x-robots-tag: noindex, nofollow, noarchive
x-wt-wcc: rtacdb
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
content-length: 2
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cc Show response
geid.wbtrk.net/ Frame 4D04 2 B
222 B 101ms
36ms Script
application/javascript 185.54.150.79
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geid.wbtrk.net/cc?a=rtacdb&c=wt_geid&ac=wt_geid&av=816636279630086743367433&al=24&acp=/&acd=.wbtrk.net&acl=180&o=s&x=1663627963456
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_004.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c81e728d /
Resource Hash: 6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:42 GMT
last-modified: Mon, 19 Sep 2022 22:52:43 GMT
server: c81e728d
x-robots-tag: noindex, nofollow, noarchive
x-wt-wcc: rtacdb
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
content-length: 2
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 4D04 41 KB
16 KB 147ms
62ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1001948399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 22:52:43 GMT

GET
H2 200 wt
pix.telekom.de/423493631852538/ Frame 4D04 43 B
602 B 36ms
35ms Image
image/gif 185.54.150.52
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.telekom.de/423493631852538/wt?p=441,www.telekom.de.privatkunden.,1,1600x1200,24,1,1663627963480,https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F,1x1,0&tz=0&la=en&cg1=www.telekom.de&cg8=privatkunden&cg10=authentication.login&cp2=authentication.login&cp44=pk-omni-sales&cp54=not-logged-in&np=&pu=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&eor=1
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.52 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS: pix.telekom.com
Software: 6512bd43 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
last-modified: Mon, 19 Sep 2022 22:52:43 GMT
server: 6512bd43
x-robots-tag: noindex, nofollow, noarchive
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif;charset=UTF-8
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 hfpc.min.js Show response
t13.intelliad.de/ Frame 4D04 4 KB
2 KB 119ms
35ms Script
application/javascript 52.58.27.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t13.intelliad.de/hfpc.min.js
Requested by: Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.137.js?utv=ut4.44.201811140822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.27.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-27-30.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b95aa3f47aa13e07f6874689ff02c2a7757bd71dd61177c9ebbb55508fc7bb7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 10:44:22 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "1121-5bf4b7f416d80-gzip"
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
content-length: 1911

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001948399/ Frame 4D04 2 KB
2 KB 153ms
80ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001948399/?random=1663627963626&cv=9&fst=1663627963626&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&ref=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&auid=1586439315.1663627963&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

666d09a53182342e10e393f81ed946523090dd4cc35940ebe1492895196a3b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 sidebar_min.css
www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/ Frame 4D04 0
0 139ms
45ms Stylesheet
text/html 80.158.67.40
SCZN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.css
Requested by: Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 503 sidebar_min.css
www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/ Frame 4D04 0
0 183ms
90ms Image
text/html 80.158.67.40
SCZN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.css
Requested by: Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 crossdevice.php Show response
t23.intelliad.de/ Frame 4D04 125 B
573 B 193ms
37ms Script
application/javascript 3.71.168.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t23.intelliad.de/crossdevice.php?cl=6393536373136323131303&callback=iahfpccb&1663627963643
Requested by: Host: t13.intelliad.de
URL: https://t13.intelliad.de/hfpc.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.168.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-168-227.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 727b32f43d49e5518a4801e83cee84a7c74a605f65d8fa70428c2b3646e9d314

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate
content-type: application/javascript
content-length: 145
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4D04 101 KB
27 KB 152ms
50ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: 6/HWmQkzyTOkT9Bt/7foBR6UAPxndfwvsOvU4ku0icW9M4X0pzdsyskYNhXv/1g7bhBqZjlcgRMidPxyRCOWdg==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 22:52:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 profiler.html Show response
ssl.xplosion.de/ Frame 9A59 176 B
620 B 108ms
32ms Document
text/html 2600:9000:2251:3e00:7:2732:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
Requested by: Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.37.js?utv=ut4.44.201808200851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3e00:7:2732:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f410c489fe29c824fb79a74cdd9981740d0167b0dd4c3d392561d27c043e259e

Request headers

Referer: https://costaricaretireonss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10326
content-length: 176
content-type: text/html
date: Mon, 19 Sep 2022 20:00:38 GMT
etag: "f09ec1be382233ee03b9d5a2fa90bc60"
last-modified: Wed, 30 Oct 2013 18:08:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-id: Mnvrbtz5GxbheMnt-fxo6XIRAxL6crcoc3B78QUHpWKTB5AXv8xMAw==
x-amz-cf-pop: FRA60-P3
x-amz-meta-s3cmd-attrs: uid:1127/gname:root/uname:it-mngt/gid:0/mode:33188/mtime:1382443140/atime:1382443140/ctime:1382443140
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 4D04
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

285ms
41ms

Script
application/javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:44 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx0000000000000287576e3-006328e82c-32820e60-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 19 Sep 2022 22:52:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001948399/ Frame 4D04 42 B
548 B 116ms
45ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001948399/?random=1663627963626&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&ref=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&async=1&fmt=3&is_vtc=1&random=3472831591&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/1001948399/ Frame 4D04 42 B
548 B 197ms
71ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1001948399/?random=1663627963626&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&ref=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&async=1&fmt=3&is_vtc=1&random=3472831591&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fbc
fbc.wcfbc.net/v1/ Frame 4D04
Redirect Chain

https://pix.telekom.de/423493631852538/cc?a=r&c=wteid_423493631852538&t=https%3A%2F%2Ffbc.wcfbc.net%2Fv1%2Ffbc%3Fp%3D441%2C0%26acc%3D423493631852538%26t%3D1663627963816%26err%3D
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663627963816&err=&c=wteid_423493631852538&v=4166362796300390081
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663627963816&err=&c=wteid_423493631852538&v=4166362796300390081&rc

69 B
128 B

36ms
35ms

Image
image/png

185.54.150.123
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=423493631852538&t=1663627963816&err=&c=wteid_423493631852538&v=4166362796300390081&rc
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Server: 185.54.150.123 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c1a69853198ae592f980806d6d489f43d03ee49f60df58b32ad375c03127703a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:44 GMT
server: nginx
content-length: 69
content-type: image/png

Redirect headers

location: /v1/fbc?p=441,0&acc=423493631852538&t=1663627963816&err=&c=wteid_423493631852538&v=4166362796300390081&rc
date: Mon, 19 Sep 2022 22:52:43 GMT
server: nginx
content-length: 217
content-type: text/html; charset=UTF-8

GET
H2 200 main.js Show response
ssl.xplosion.de/scripts/ Frame 9A59 24 KB
8 KB 35ms
35ms Script
application/javascript 2600:9000:2251:3e00:7:2732:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.xplosion.de/scripts/main.js
Requested by: Host: ssl.xplosion.de
URL: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3e00:7:2732:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7cc3389c6e9b2eacd26e9bd8c0ce27e8cb1f665ee620f9c13500f6eb812585e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: OopLweCu8q55EvAxCRIr2R1ZCpuEBk_J
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 10:47:26 GMT
server: AmazonS3
age: 46
etag: W/"7b4c52dd98b50730aad6f88a197222bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-transform, public
date: Mon, 19 Sep 2022 22:52:01 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: AxEzIiaFTVHnElkBUrNO94JcLe9_PlewXW5ACM8U4W7NeAwFZ2mC5w==

GET
H2 200 6393536373136323131303.js Show response
t13.intelliad.de/cl/ Frame 4D04 26 KB
6 KB 35ms
35ms Script
application/javascript 52.58.27.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t13.intelliad.de/cl/6393536373136323131303.js
Requested by: Host: t13.intelliad.de
URL: https://t13.intelliad.de/hfpc.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.27.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-27-30.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5e0a336c4dd2f591c67eb9067c1b90d93d70a091b0723f3728be497db48664b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:43 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 22:12:19 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "683b-5e90f014a96c0-gzip"
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
content-length: 6293

GET
H2 503 sidebar_min.js
www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/ Frame 4D04 0
0 45ms
45ms Script
text/html 80.158.67.40
SCZN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.js
Requested by: Host: tags-eu.tiqcdn.com
URL: https://tags-eu.tiqcdn.com/utag/telekom/phoenix/prod/utag.151.js?utv=ut4.44.201901241444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 telekom.de.unterwegs.config.jsonp Show response
ssl.xplosion.de/config/ Frame 9A59 713 B
1 KB 33ms
32ms Script
application/javascript 2600:9000:2251:3e00:7:2732:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.xplosion.de/config/telekom.de.unterwegs.config.jsonp
Requested by: Host: ssl.xplosion.de
URL: https://ssl.xplosion.de/scripts/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3e00:7:2732:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42cd8c654da6bc525e0af88cf50384e1dc44e9ed97962f20a652c3c191a1eb26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssl.xplosion.de/profiler.html?customer=telekom.de.unterwegs&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: _FMRVByoO2W7Nbc.kcZoax_AI2ac0U_B
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2017 09:08:14 GMT
server: AmazonS3
age: 2755
etag: "1b1517e95e6418f28c275e28b78905d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 19 Sep 2022 22:06:49 GMT
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 713
x-amz-cf-id: 8bu1P4edZgUyv6QhOi78ShIh7VA2md695LG8gZOCphenZqU1dZ-Lgg==

GET
H2 200 bnc.php
t23.intelliad.de/ Frame 4D04 43 B
605 B 38ms
37ms Image
image/gif 3.71.168.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/bnc.php?iacbos=bnc&cl=6393536373136323131303&sid=0.2957638485252341&fct=1663627964&lct=1663627964&nsc=0&cls=0&evid=&rand=10276523532862&uid=XD:SGu7KJ5e6rBesDvZOHmLQD0jr4j/tEDgZOqzdAcgu5nUFFCHWYJ4FetfAlXo6hWkYjwnbi2Nqshv39tq4oi24ER4nk3XfT6pzzNtSDSmabM=
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.168.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-168-227.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
access-control-allow-origin: https://costaricaretireonss.com
cache-control: no-store, no-cache, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mct.php
t23.intelliad.de/ Frame 4D04 43 B
605 B 41ms
41ms Image
image/gif 3.71.168.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/mct.php?rand=5359743932511&iacbos=view&cl=6393536373136323131303&tc=&sc=&re=https%3A//costaricaretireonss.com/wp-content/themes/dir/&loc=https%3A//costaricaretireonss.com/wp-content/themes/dir/Telekom%2520Login_files/phoenix_login_tracking.htm&ia_u4pc=0&ia_c4dc=0&sft=0&ia_tld2u=&ia_bif=0&sk=15&uid=XD:SGu7KJ5e6rBesDvZOHmLQD0jr4j/tEDgZOqzdAcgu5nUFFCHWYJ4FetfAlXo6hWkYjwnbi2Nqshv39tq4oi24ER4nk3XfT6pzzNtSDSmabM=&isminifp=1
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.168.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-168-227.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
access-control-allow-origin: https://costaricaretireonss.com
cache-control: no-store, no-cache, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 1703416313287473 Show response
connect.facebook.net/signals/config/ Frame 4D04 293 KB
84 KB 556ms
510ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1703416313287473?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

484ea4f4d5ed51367f4e173e81b800343aed32334af8bd6df57a64f76f917162

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: rxNYBhSy1+nFC3GVP06/2RbYCFMQfH2xDTmhingLlG3p5cotkJwahQTu56nT2QbPSFZhhSL8uuNKjqoEoFaxTg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 22:52:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
xups.xplosion.de/ Frame 9A59 4 B
493 B 144ms
42ms Script
application/json 3.248.103.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xups.xplosion.de/?cus=2000243&xplsid=243&event_id=shop_visit&shop_id=www.telekom.de.privatkunden.&shop_trackingproducts=&sessionid=567597435515059&cookieEnabled=true&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&userLang=en-US&userTimezone=0&uuid=d73c40a0-e7a9-c450-bbd5-32e6e37eae23&scorex=undefined&hasFlash=false&tg=8&xpid=&xpidsignature=&timestamp=23229760524001&scriptversion=4.6.9-SNAPSHOT&px=jsonppgbs
Requested by: Host: ssl.xplosion.de
URL: https://ssl.xplosion.de/scripts/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.103.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-103-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssl.xplosion.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Sep 2022 22:52:44 GMT
content-type: application/json

GET
H2 200 cc Show response
pix.telekom.de/423493631852538/ Frame 4D04 160 B
308 B 35ms
35ms Script
application/javascript 185.54.150.52
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.telekom.de/423493631852538/cc?a=c&c=wteid_423493631852538&rn_wteid_423493631852538=wt3_eid&v=&cp=/&cd=180&ccl=180&w=3
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.54.150.52 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS: pix.telekom.com
Software: 1679091c /
Resource Hash: d6fb5146604cc07b9ba619fe4676bd960854b1154d0b2e9995fb886c7d7f6781

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
last-modified: Mon, 19 Sep 2022 22:52:44 GMT
server: 1679091c
x-robots-tag: noindex, nofollow, noarchive
x-wt-wcc: toclient
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
content-length: 160
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 usersync
uss.xplosion.de/ Frame 4D04 42 B
662 B 155ms
42ms Image
image/gif 54.78.90.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uss.xplosion.de/usersync?sid=92078&fpid=4166362796300390081
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.90.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-90-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Sep 2022 22:52:44 GMT
cache-control: must-revalidate,no-cache,no-store
content-type: image/gif
content-length: 42
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 4D04
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=120050&lid=3130201&ord=195726266944&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iL...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=195726266944&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5k...

42 KB
6 KB

42ms
42ms

Script
text/javascript

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=195726266944&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

905d2b3a1d589f9c58199ad5e1183399c62048a619d2278f274829aa54252613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 5598
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:44 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=120050&lid=3130201&ord=195726266944&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJ3d3cudGVsZWtvbS5kZSIsInN2MTAiOiJwcml2YXRrdW5kZW4iLCJzdjEyIjoiYXV0aGVudGljYXRpb24ubG9naW4iLCJzdjQwIjoibm9wcm9kdWN0cyIsInN2OTYiOiJwaG9lbml4Iiwic3YxIjoid3d3LnRlbGVrb20uZGUlN0Nwcml2YXRrdW5kZW4lN0MifQ&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 4D04 139 B
618 B 41ms
41ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=120004&ADFPageName=BLOCKED%20DOMAIN%7Ccostaricaretireonss.com&ADFdivider=%7C&ord=34451495919&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6d0d8621173b58a3431981207a529619a69b8ce1941cbb3dd0426fe13f668ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 212
expires: -1

GET
H2 200 cc Show response
geid.wbtrk.net/ Frame 4D04 34 B
161 B 35ms
35ms Script
application/javascript 185.54.150.79
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geid.wbtrk.net/cc?a=c&c=wt_geid&rn_wt_geid=wt_geid&v=&cp=/&cl=-1&ccd=1&w=2&x=1663627964462
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c81e728d /
Resource Hash: f9ded5934212189b61777ae3bc3fc776dab5f9e438f85d239d7b2ede571e21e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
last-modified: Mon, 19 Sep 2022 22:52:44 GMT
server: c81e728d
x-robots-tag: noindex, nofollow, noarchive
x-wt-wcc: toclient
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
content-length: 34
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cc Show response
geid.wbtrk.net/ Frame 4D04 34 B
149 B 35ms
35ms Script
application/javascript 185.54.150.79
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geid.wbtrk.net/cc?a=c&c=wt_geid&rn_wt_geid=wt_geid&v=&cp=/&cl=-1&ccd=1&w=2&x=1663627964482
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_004.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c81e728d /
Resource Hash: f9ded5934212189b61777ae3bc3fc776dab5f9e438f85d239d7b2ede571e21e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:43 GMT
last-modified: Mon, 19 Sep 2022 22:52:44 GMT
server: c81e728d
x-robots-tag: noindex, nofollow, noarchive
x-wt-wcc: toclient
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
content-length: 34
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 utag.v.js Show response
tags-eu.tiqcdn.com/utag/tiqapp/ Frame 4D04 2 B
221 B 43ms
42ms Script
application/x-javascript 23.7.192.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-eu.tiqcdn.com/utag/tiqapp/utag.v.js?a=telekom/phoenix/201902071354&cb=1663627964511
Requested by: Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/utag_002.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.7.192.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-192-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:44 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22

GET
H3

200

/
www.google.nl/pagead/1p-user-list/947828095/ Frame 4D04
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=...
https://www.google.com/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=21537...
https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=215378...

42 B
64 B

114ms
47ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2153780141&ipr=y

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 22:52:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.nl/pagead/1p-user-list/947828095/?value=0&guid=ON&script=0&data=pagetype=authentication.login;pageid=www.telekom.de.privatkunden.;prodid=;prodname=;status=&is_vtc=1&random=2153780141&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 254127818673288 Show response
connect.facebook.net/signals/config/ Frame 4D04 293 KB
84 KB 494ms
494ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/254127818673288?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d5d8a9b9ce584cb9e1e57b010a3d8239ea33b748e66fd3f42d2079d9578d8a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dxzzrMrNbPcvvT8Hkdq6au61USCrB7jqV3GJwMtUzd0VNxiooVFDtHKVGl8bl2eSMl4cDXbOnnFRM7MZTRAZbw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 22:52:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4D04 44 B
297 B 131ms
44ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1703416313287473&ev=PageView&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663627964566&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1663627964565.466885311&it=1663627963904&coo=false&rqm=GET

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 19 Sep 2022 22:52:44 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4D04 44 B
91 B 88ms
43ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=254127818673288&ev=PageView&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663627965082&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%223961094147318048%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22299505258411378%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1663627964565.466885311&it=1663627963904&coo=false&rqm=GET

Requested by

Host: costaricaretireonss.com
URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 19 Sep 2022 22:52:45 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4D04 44 B
88 B 42ms
42ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1703416313287473&ev=Microdata&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663627966068&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1663627964565.466885311&it=1663627963904&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 19 Sep 2022 22:52:46 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4D04 44 B
88 B 42ms
42ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=254127818673288&ev=Microdata&dl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2FTelekom%2520Login_files%2Fphoenix_login_tracking.htm&rl=https%3A%2F%2Fcostaricaretireonss.com%2Fwp-content%2Fthemes%2Fdir%2F&if=true&ts=1663627966583&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1663627964565.466885311&it=1663627963904&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://costaricaretireonss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:52:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 19 Sep 2022 22:52:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telekom (Telecommunication)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pix.telekom.de/423493631852538	1970-01-20 10:26:19	Name: wteid_423493631852538 Value: 4166362796300390081
pix.telekom.de/423493631852538	1969-12-31 23:59:59	Name: wtsid_423493631852538 Value: 1
pix.telekom.de/865234457892410	1970-01-20 10:26:19	Name: wteid_865234457892410 Value: 4166362796300073758
pix.telekom.de/865234457892410	1969-12-31 23:59:59	Name: wtsid_865234457892410 Value: 1
.costaricaretireonss.com/	1970-01-20 08:16:43	Name: CONSENTMGR Value: c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1663627963200%7Cconsent:true
.costaricaretireonss.com/	1970-01-20 14:52:43	Name: utag_main Value: v_id:018357f42b4100001e93144d479003074006606c00b08$_sn:1$_ss:1$_st:1663629763203$ses_id:1663627963203%3Bexp-session$_pn:1%3Bexp-session
.costaricaretireonss.com/	1969-12-31 23:59:59	Name: first_encounter Value: 1
.costaricaretireonss.com/	1970-01-20 06:07:08	Name: wt_cdbeid Value: 1
.costaricaretireonss.com/	1970-01-20 08:16:43	Name: _gcl_au Value: 1.1.1586439315.1663627963
pix.telekom.de/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !wLM78UUesXoyPv+7MOh2eXQWYSomxk9rTJhXkIPKp6Jj2vxX9O/dDQ78Sa4zOlPaIXkAPronQoQgwA==
geid.wbtrk.net/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !MZaKYWV0yVTrk1vpjGYh4zwSUbWZoIQYQcn3Ch3+dxG5FlnlZh33Y5hcOKBNjYWptzpC21QZJRYXZQ==
.t23.intelliad.de/	1970-01-20 08:31:07	Name: iact Value: 0001EC70BBA505FB571E283AF13A97D718BE
costaricaretireonss.com/	1970-01-20 06:50:19	Name: ia-6393536373136323131303 Value: XD:SGu7KJ5e6rBesDvZOHmLQD0jr4j/tEDgZOqzdAcgu5nUFFCHWYJ4FetfAlXo6hWkYjwnbi2Nqshv39tq4oi24ER4nk3XfT6pzzNtSDSmabM=
costaricaretireonss.com/	1970-01-20 06:07:08	Name: ia_bncl_6393536373136323131303 Value: 0.2957638485252341%201663627964%201663627964%200%200
.t23.intelliad.de/	1970-01-20 08:31:07	Name: iactxd_42882 Value: 0001EC70BBA505FB571E283AF13A97D718BE
.wcfbc.net/	1970-01-20 10:26:19	Name: wt_cdbeid Value: cb0ff4f2a90defc636c7e9c8d9627aaf
.costaricaretireonss.com/	1970-01-20 10:26:19	Name: wt3_eid Value: %3B423493631852538%7C4166362796300390081
.costaricaretireonss.com/	1970-01-20 10:26:19	Name: wt_cookiecontrol Value: 1
.costaricaretireonss.com/	1970-01-20 07:33:31	Name: wt_rla Value: 865234457892410%2C1%2C1663627963260%3B423493631852538%2C3%2C1663627963482
.xplosion.de/	1970-01-20 14:52:43	Name: pid Value: BSwCBswkWsbCWiUFWifFES_sWsR8BDw3Bi70BifABifABfrr
.xplosion.de/	1970-01-20 14:52:43	Name: pid_short Value: 5qcwcDWeHUWsqVtma8y_c8IM__rr
.xplosion.de/	1970-01-20 14:52:43	Name: pid_signature Value: BsJ-wsU0ESwZHDyIWqaFWSw3BsclHQw0WqB-WQHjwsjjBDbFWDtbwJrr
.xplosion.de/	1970-01-20 14:52:43	Name: ep Value: YyjyvKc2m4mHqystIs5L
.adform.net/	1970-01-20 06:50:19	Name: C Value: 1
.adform.net/	1970-01-20 07:33:35	Name: uid Value: 5644184503070781751
.costaricaretireonss.com/	1970-01-20 08:16:43	Name: _fbp Value: fb.1.1663627964565.466885311
.doubleclick.net/	1970-01-20 15:28:43	Name: IDE Value: AHWqTUmarecuQZtTmAH7p5BCN773X4lx_ZPILr6LLXf72zslh52kt1vJ82-SSjTL
.costaricaretireonss.com/	1969-12-31 23:59:59	Name: wt_geid Value: 68934a3e9455fa72420237eb

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.ibb.co/DfzDgmX/Screenshot-8.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/images/data_protection.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.woff Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm Message: Refused to execute script from 'https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/196380495960676' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/teleicon-ui.ttf Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm Message: Refused to execute script from 'https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a_002' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/a Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/fonts/telegroteskscreen-thin.ttf Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking.htm Message: Refused to execute script from 'https://costaricaretireonss.com/wp-content/themes/dir/Telekom%20Login_files/phoenix_login_tracking_data/js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.css Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.css Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://www.telekom.de/is-bin/INTERSHOP.static/WFS/EKI-TELEKOM-Site/EKI-TELEKOM/-/functions/sidebar-dev/sidebar_min.js Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wbtrk.net
connect.facebook.net
costaricaretireonss.com
fbc.wcfbc.net
geid.wbtrk.net
googleads.g.doubleclick.net
i.ibb.co
pix.telekom.de
responder.wt-safetag.com
s2.adform.net
ssl.xplosion.de
t13.intelliad.de
t23.intelliad.de
tags-eu.tiqcdn.com
track.adform.net
uss.xplosion.de
www.facebook.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.telekom.de
xups.xplosion.de
142.250.186.34
185.54.150.115
185.54.150.123
185.54.150.22
185.54.150.52
185.54.150.79
23.7.192.80
2600:9000:2251:3e00:7:2732:be80:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2008
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a06:98c1:3121::3
3.248.103.16
3.71.168.227
37.157.2.237
37.157.2.247
51.210.32.132
52.58.27.30
54.78.90.85
80.158.67.40
0160833250f888a24fda0fc62b1a091dcd975c910f84b8754b5cc1bde644e149
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12dd26d92febfda94104e8e6e1fae56a700dde48ee46d557538497d15de1e6cb
14382ccce783715cd78910b3b74ca0863367c01b6923b137d598e3c7a1f5900f
1a96d30a100b47d5e1e1aa27005d349a1138871aafbd0c7f615741007e8473ce
2780be4293bd393b54fb765c8ec205363800aa0daa2e8f75e8fe6dc3ccbe8ccc
29a0146cd582489b149595e14b33fbbf41cf2ddb761b2f2ef60d0bd3d3e7517d
306f2ebde2a8145229dd48225e00d99fecb7dc729b4cfc0b4fa15c21ddcede29
40f12df8ac1275dc47e45c4286652edad140acdcf82db35c82840134b53d80df
42cd8c654da6bc525e0af88cf50384e1dc44e9ed97962f20a652c3c191a1eb26
42d274b3c3f7c6565c2f3cc9b009770f143ceca121b91bc25f844f7040f18c94
43d5062c71b15a64799eb2428ac313f92af2be89a905469946aa45192407b038
484ea4f4d5ed51367f4e173e81b800343aed32334af8bd6df57a64f76f917162
4ab3e6719513e071caf669acd89fb8b819a0e9aead9bffb8ce340224f5c6ed54
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a46ae9b04fdb63d5a7132ebb1678c262d5470f74ec18d3a7e4f96de96c5b805
5bb09b27436ec99c084d4a7c1a555fc0f302081704b1e2eb20617dc522bda1cb
5c2b63b6a04bea042f33716a5ec7692e1cf3154f660b7e4423e5d185211810d6
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5e0a336c4dd2f591c67eb9067c1b90d93d70a091b0723f3728be497db48664b6
5ef468e6b28f8232ff6dc2b54f48a016be6b2776a27b7e5191ab71393637dc57
62610c7225cf2c75c8c2c9e0a6ac9145a33b557f08da9429995d2b414ab933f3
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
666d09a53182342e10e393f81ed946523090dd4cc35940ebe1492895196a3b23
6a81c9296d219a081f0f7f2ee5e2a890682b2c70e49d7a3af62967e34857ed32
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
6d0d8621173b58a3431981207a529619a69b8ce1941cbb3dd0426fe13f668ed9
727b32f43d49e5518a4801e83cee84a7c74a605f65d8fa70428c2b3646e9d314
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c38bcebdeb39314df096a73d8d898029c59993071e4b8a1650d1dd9fd4466b2
8d5d8a9b9ce584cb9e1e57b010a3d8239ea33b748e66fd3f42d2079d9578d8a6
8e7dd30fa424475486000787392372f06cf8ec1882c749a5a818fd6624b1dc37
905d2b3a1d589f9c58199ad5e1183399c62048a619d2278f274829aa54252613
96abded29d7f33d0939bd257815ad1828604f9d5d0d3057c489f1afff0612b06
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7fb7ea7ac5d4073f1505391c735942e45e6be306696bd3572e9e53dc291848b
ab2c778685ffddd1e0933e57fc864729fa8cb7921a3783d6546285c3e357aabc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b928e4bff00195d50132fbd2eb4e09aed0b5d3e4ae50f58d1d48f78ad80f72d4
b95aa3f47aa13e07f6874689ff02c2a7757bd71dd61177c9ebbb55508fc7bb7d
b9f56a894575e0ee1b3c6ecd875724806f9090a86dc38a62b600f7e1a8e6b3ea
c1a69853198ae592f980806d6d489f43d03ee49f60df58b32ad375c03127703a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6fb5146604cc07b9ba619fe4676bd960854b1154d0b2e9995fb886c7d7f6781
d7cc3389c6e9b2eacd26e9bd8c0ce27e8cb1f665ee620f9c13500f6eb812585e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
eefcfc1305138f6f58526af6d51a1a8ff86658dc09b93caef33a382017dd0adf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f410c489fe29c824fb79a74cdd9981740d0167b0dd4c3d392561d27c043e259e
f7c9a6a063bebf358281210d89deab95b3664efdaa7221d33003e76bb819481a
f88e6b79e5cbd5c5bd0fc64b7747e35ab0f9d28d737482dcebec962e241bf43e
f9ded5934212189b61777ae3bc3fc776dab5f9e438f85d239d7b2ede571e21e5
fc76360c70e8389fdd38e99d5c153c9d88b86569b3f42c40062f1c51ed85b336

costaricaretireonss.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

95 %HTTPS

35 %IPv6

17 Domains

23 Subdomains

23 IPs

6 Countries

722 kBTransfer

2020 kBSize

28 Cookies

0 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

costaricaretireonss.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

95 %
HTTPS

35 %
IPv6

17
Domains

23
Subdomains

23
IPs

6
Countries

722 kB
Transfer

2020 kB
Size

28
Cookies

79 HTTP transactions
0 data transactions