icardssercurerty.ga Open in urlscan Pro
109.71.253.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.do/fRhHS
Effective URL:
https://icardssercurerty.ga/inloggen/
Submission: On July 07 via manual (July 7th 2021, 1:03:17 pm UTC) from PH

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 41 HTTP transactions. The main IP is 109.71.253.24, located in Germany and belongs to SYNLINQ synlinq.de, DE. The main domain is icardssercurerty.ga.
TLS certificate: Issued by R3 on July 7th 2021. Valid for: 3 months.

This is the only time icardssercurerty.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.83.52.76 54.83.52.76	14618 (AMAZON-AES) (AMAZON-AES)
1 1	94.130.191.239 94.130.191.239	24940 (HETZNER-AS) (HETZNER-AS)
1 1	213.164.205.116 213.164.205.116	8473 (BAHNHOF w...) (BAHNHOF www.bahnhof.net)
29	109.71.253.24 109.71.253.24	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
1	54.154.112.158 54.154.112.158	16509 (AMAZON-02) (AMAZON-02)
5	52.211.46.23 52.211.46.23	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
41	7

1 54.83.52.76 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-52-76.compute-1.amazonaws.com

bit.do	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.191.239 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: yerl.org

yerl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.164.205.116 (Tjoernarp, Sweden) 1 redirects

ASN8473 (BAHNHOF www.bahnhof.net, SE)
PTR: h-213-164-205-116.NA.cust.bahnhof.se

p.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 109.71.253.24 (Germany)

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: web07.bero-host.de

icardssercurerty.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

deploy.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.112.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-112-158.eu-west-1.compute.amazonaws.com

kpn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.211.46.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-46-23.eu-west-1.compute.amazonaws.com

collect.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kpn.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	icardssercurerty.ga icardssercurerty.ga	835 KB
7	mopinion.com deploy.mopinion.com collect.mopinion.com kpn.mopinion.com	158 KB
1	googleapis.com fonts.googleapis.com	653 B
1	blueconic.net kpn.blueconic.net Failed	695 B
1	adobedtm.com assets.adobedtm.com	13 KB
1	p.st 1 redirects p.st	702 B
1	yerl.org 1 redirects yerl.org	231 B
1	bit.do 1 redirects bit.do	217 B
0	Failed function sub() { [native code] }. Failed
41	9

	Domain	Requested by
29	icardssercurerty.ga	icardssercurerty.ga
4	kpn.mopinion.com	collect.mopinion.com
2	deploy.mopinion.com	icardssercurerty.ga
1	fonts.googleapis.com	collect.mopinion.com
1	collect.mopinion.com	icardssercurerty.ga
1	kpn.blueconic.net	icardssercurerty.ga
1	assets.adobedtm.com	icardssercurerty.ga
1	p.st	1 redirects
1	yerl.org	1 redirects
1	bit.do	1 redirects
0	mopinion Failed	icardssercurerty.ga
41	11

This site contains links to these domains. Also see Links.

Domain
www.kpn.com
www.microsoft.com

Subject Issuer	Validity	Valid
icardssercurerty.ga R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.mopinion.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-07-31` - `2021-08-01`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://icardssercurerty.ga/inloggen/
Frame ID: 24ACE374A9AAC697A695DA0A0D7CABD1
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.do/fRhHS HTTP 301
https://yerl.org/s1GHY HTTP 301
https://p.st/Tb7Mt HTTP 301
https://icardssercurerty.ga/inloggen/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

41
Requests

95 %
HTTPS

22 %
IPv6

9
Domains

11
Subdomains

7
IPs

4
Countries

1034 kB
Transfer

2785 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kpn.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/nl-nl/download/internet-explorer.aspx
Title: Klik hier om de nieuwste Internet Explorer te downloaden

Search URL Search Domain Scan URL

URL: https://www.kpn.com/prive/klantenservice.htm?s_tnt=69996:1:0
Title: Klantenservice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.do/fRhHS HTTP 301
https://yerl.org/s1GHY HTTP 301
https://p.st/Tb7Mt HTTP 301
https://icardssercurerty.ga/inloggen/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
icardssercurerty.ga/inloggen/
Redirect Chain

http://bit.do/fRhHS
https://yerl.org/s1GHY
https://p.st/Tb7Mt
https://icardssercurerty.ga/inloggen/

18 KB
5 KB

157ms
42ms

Document
text/html

109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PHP/7.4.20 PleskLin
Resource Hash: 797065f78ca3032a82134112c17efd571c19202469199689520eed173a1d63d8

Request headers

:method: GET
:authority: icardssercurerty.ga
:scheme: https
:path: /inloggen/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 07 Jul 2021 13:02:53 GMT
content-type: text/html; charset=UTF-8
content-length: 5330
x-powered-by: PHP/7.4.20 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm; path=/
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

content-security-policy: default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src 'self' 'nonce-ff7fDghfghj' 'nonce-mA7fDgQnThX' 'nonce-jhF7678dskjg' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'sha256-znTvaXc8azK9T8UHiFDfn+qUjtj/my1gSWkWymuPWLs=' 'sha256-m+CLOWTu5rfDay4iccFAKJ0JHZCeWh9Z9+fObnIIyZM=' 'sha256-YCKsnlyEhecmWP9ffZU3lberCEFYBpVEyuDz/6/BK5w=' 'sha256-m+CLOWTu5rfDay4iccFAKJ0JHZCeWh9Z9+fObnIIyZM='; style-src * 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Wed, 07 Jul 2021 13:02:53 GMT
location: https://icardssercurerty.ga/inloggen/
permissions-policy: geolocation=(), microphone=()
referrer-policy: strict-origin
server: Apache/2.4.41 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
x-xss-protection: 1; mode=block
content-length: 69

GET
H2 200 main_v4.css
icardssercurerty.ga/inloggen/XMO/ 266 KB
31 KB 55ms
54ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: d9a1a62b921dc0b8421a261c7379aadfa68b6912bbdd143fefdb44f64f005244

Request headers

:path: /inloggen/XMO/main_v4.css
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56490-42873"
last-modified: Wed, 07 Jul 2021 08:23:44 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 survey.js Show response
icardssercurerty.ga/inloggen/XMO/ 108 KB
26 KB 79ms
77ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/survey.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 2e0cc000213af7d7d59e58200660c859e941e7afdb2e5539bc33f79a18e5185d

Request headers

:path: /inloggen/XMO/survey.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56497-1ae13"
last-modified: Wed, 07 Jul 2021 08:23:51 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 plx.check.js Show response
icardssercurerty.ga/inloggen/XMO/ 360 B
418 B 41ms
39ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/plx.check.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: c55e91bc4645c22c9d4a0af4384791919cdd08266f7750b1166a4ab1bcd8c4e3

Request headers

:path: /inloggen/XMO/plx.check.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: gzip
etag: "168-5c68441e15fc1-gzip"
last-modified: Wed, 07 Jul 2021 08:23:46 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 201

GET
H2 200 launch-EN7116e05fcd714beb8bde5c6a11d8b7c5.js Show response
icardssercurerty.ga/inloggen/XMO/ 85 KB
23 KB 72ms
70ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/launch-EN7116e05fcd714beb8bde5c6a11d8b7c5.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: e37de5fb79d338800040db0f07a83b6bb8f69dab4a5a21d2f5bd3b0f0e917170

Request headers

:path: /inloggen/XMO/launch-EN7116e05fcd714beb8bde5c6a11d8b7c5.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e5648f-152e5"
last-modified: Wed, 07 Jul 2021 08:23:43 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 kpn.js Show response
icardssercurerty.ga/inloggen/XMO/ 131 KB
38 KB 78ms
76ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/kpn.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: a46bc38e9d3a43b68cb2fb070882f4e40fba75f9731513ad015aa4be08ba2365

Request headers

:path: /inloggen/XMO/kpn.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e5648e-20d7c"
last-modified: Wed, 07 Jul 2021 08:23:42 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 mopinion.js Show response
icardssercurerty.ga/inloggen/XMO/ 463 B
510 B 80ms
78ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/mopinion.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: dac4165a04ca908706e38cfd6b8e68ffbc451fbda9fbb28c54ef0a01a642b788

Request headers

:path: /inloggen/XMO/mopinion.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: gzip
etag: "1cf-5c68441c21fec-gzip"
last-modified: Wed, 07 Jul 2021 08:23:44 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 294

GET
H2 200 pastease.js Show response
icardssercurerty.ga/inloggen/XMO/ 29 KB
9 KB 80ms
77ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/pastease.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 707b6b0a3cc82ef2c2878174fe80f81c4b5ff76635dec78e13ed969b03e3a1e4

Request headers

:path: /inloggen/XMO/pastease.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56491-74f2"
last-modified: Wed, 07 Jul 2021 08:23:45 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 AppMeasurement.js Show response
icardssercurerty.ga/inloggen/XMO/ 36 KB
13 KB 90ms
88ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/AppMeasurement.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea

Request headers

:path: /inloggen/XMO/AppMeasurement.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56484-8e2a"
last-modified: Wed, 07 Jul 2021 08:23:32 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 mouseflow.js Show response
icardssercurerty.ga/inloggen/XMO/ 2 KB
787 B 86ms
83ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/mouseflow.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: d336d481a319618dde09bcd0d01e5b6435c71d180e9c78cb5b2de76a5e8c3cb7

Request headers

:path: /inloggen/XMO/mouseflow.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56491-836"
last-modified: Wed, 07 Jul 2021 08:23:45 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 598ed7d6-e2d5-470e-ad57-21a39dc791cd.js Show response
icardssercurerty.ga/inloggen/XMO/ 159 KB
43 KB 87ms
84ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/598ed7d6-e2d5-470e-ad57-21a39dc791cd.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: a4698174e021ef0a116602d9cab8db4e322af70e78fc2cf1124dde936cceaca3

Request headers

:path: /inloggen/XMO/598ed7d6-e2d5-470e-ad57-21a39dc791cd.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56483-27ac1"
last-modified: Wed, 07 Jul 2021 08:23:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 ping.js Show response
icardssercurerty.ga/inloggen/XMO/ 372 KB
96 KB 102ms
100ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/ping.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 5ae4c1036263812baba8c9d796f445e828fd331e9e80084c00f3584f61774771

Request headers

:path: /inloggen/XMO/ping.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56492-5cee4"
last-modified: Wed, 07 Jul 2021 08:23:46 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 stream Show response
icardssercurerty.ga/inloggen/XMO/ 3 KB
3 KB 95ms
93ms Script
application/octet-stream 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/stream
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: b14e4ba4ef825743a33c50f80b19ef20f1df08843babfd298fdba2489fd7939e

Request headers

:path: /inloggen/XMO/stream
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e56496-be3"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 3043

GET
H2 200 pingvp.css
icardssercurerty.ga/inloggen/XMO/ 9 KB
2 KB 84ms
83ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/pingvp.css
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 9787862fae716fafa03a911aa4a1d9ddac00ad3bcd5809e6cf27f6a6219cdf1a

Request headers

:path: /inloggen/XMO/pingvp.css
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56492-24b6"
last-modified: Wed, 07 Jul 2021 08:23:46 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 kpn.css
icardssercurerty.ga/inloggen/XMO/ 142 KB
22 KB 91ms
90ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/kpn.css
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 4376c1be03765c0ee6ba1596219b9b557674ada87ccadb0ec0165a68958eb01c

Request headers

:path: /inloggen/XMO/kpn.css
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e5648e-2397e"
last-modified: Wed, 07 Jul 2021 08:23:42 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 7fd4e6ba5a2a4b49b75ccdad15819c872a6f7ba0.css
icardssercurerty.ga/inloggen/XMO/ 17 KB
2 KB 94ms
93ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/7fd4e6ba5a2a4b49b75ccdad15819c872a6f7ba0.css
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 3449fbd65710fddb758727a69f80508a0718f13f220b3237b42c1440762952c5

Request headers

:path: /inloggen/XMO/7fd4e6ba5a2a4b49b75ccdad15819c872a6f7ba0.css
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56483-438e"
last-modified: Wed, 07 Jul 2021 08:23:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 service.bmp
icardssercurerty.ga/inloggen/XMO/ 279 KB
279 KB 95ms
92ms Image
image/x-ms-bmp 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icardssercurerty.ga/inloggen/XMO/service.bmp
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: c8df73e13b09cb756587e3fac46ab4440416f716811e977dc3ed9b150ced3be0

Request headers

:path: /inloggen/XMO/service.bmp
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:48 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e56494-45ae6"
content-type: image/x-ms-bmp
accept-ranges: bytes
content-length: 285414

GET
H2 200 pingvpembed.js Show response
icardssercurerty.ga/inloggen/XMO/ 3 KB
1 KB 39ms
39ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/pingvpembed.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 304d754b73b12f50b6f1bd36fc5204bed9c2fe740e2cd52d64d8176a1ec4a412

Request headers

:path: /inloggen/XMO/pingvpembed.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56492-bbc"
last-modified: Wed, 07 Jul 2021 08:23:46 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 configuration.js Show response
icardssercurerty.ga/inloggen/XMO/ 2 KB
865 B 40ms
39ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/configuration.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: a6a479ab251634c55e55bf4ed1905f3104cc45ba28e2019b87e0615f67d298b7

Request headers

:path: /inloggen/XMO/configuration.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56489-754"
last-modified: Wed, 07 Jul 2021 08:23:37 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 settings.js Show response
icardssercurerty.ga/inloggen/XMO/ 1 KB
701 B 46ms
44ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/settings.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 16ca89ddc3728451d0d22dd3afea1cdf72e8de50e16d4a4d80b916323a480f66

Request headers

:path: /inloggen/XMO/settings.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56494-540"
last-modified: Wed, 07 Jul 2021 08:23:48 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 app.js Show response
icardssercurerty.ga/inloggen/XMO/ 347 KB
83 KB 59ms
57ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/app.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: de3b3f019905832c6ea674b910b76350855993b292fc3a276d0853e620dafd67

Request headers

:path: /inloggen/XMO/app.js
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
etag: W/"60e56484-56cb0"
last-modified: Wed, 07 Jul 2021 08:23:32 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 404 frontendConfig Show response
icardssercurerty.ga/api/cigateway/v1/ 808 B
501 B 41ms
40ms XHR
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/api/cigateway/v1/frontendConfig
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

:path: /api/cigateway/v1/frontendConfig
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
content-encoding: br
last-modified: Wed, 07 Jul 2021 08:16:43 GMT
server: nginx
etag: W/"328-5c68428abc628"
content-type: text/html

GET
H2 200 KPN_Logo.png
icardssercurerty.ga/inloggen/XMO/ 36 KB
36 KB 80ms
77ms Image
image/png 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icardssercurerty.ga/inloggen/XMO/KPN_Logo.png
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 927482bbdc2ec85d0bc3a542f64bf59152ce314c668c89bf10f7060eb0bc2dd3

Request headers

:path: /inloggen/XMO/KPN_Logo.png
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:43 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e5648f-8e61"
content-type: image/png
accept-ranges: bytes
content-length: 36449

GET
H2 200 step1_green.png
icardssercurerty.ga/inloggen/XMO/ 5 KB
5 KB 81ms
80ms Image
image/png 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icardssercurerty.ga/inloggen/XMO/step1_green.png
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 4d489a541801678449b98d485fe27d232257ae7edd6f648b60acf92e95d20c26

Request headers

:path: /inloggen/XMO/step1_green.png
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:49 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e56495-120e"
content-type: image/png
accept-ranges: bytes
content-length: 4622

GET
H2 200 step3.png
icardssercurerty.ga/inloggen/XMO/ 5 KB
5 KB 89ms
87ms Image
image/png 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icardssercurerty.ga/inloggen/XMO/step3.png
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 3ebed0b4613a88832475127625aafb9a8aebb5b7f699112a81ad617a63c9ac51

Request headers

:path: /inloggen/XMO/step3.png
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e56496-1427"
content-type: image/png
accept-ranges: bytes
content-length: 5159

GET
H2 200 step2.png
icardssercurerty.ga/inloggen/XMO/ 4 KB
4 KB 65ms
63ms Image
image/png 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icardssercurerty.ga/inloggen/XMO/step2.png
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 641e1e8629a6359b91452217eb533e57f659ce633e10fcad27f3c6789b7c3526

Request headers

:path: /inloggen/XMO/step2.png
pragma: no-cache
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e56496-1169"
content-type: image/png
accept-ranges: bytes
content-length: 4457

GET
H2 200 KPN-Accent-Light.woff
icardssercurerty.ga/inloggen/XMO/ 38 KB
38 KB 89ms
88ms Font
font/woff 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/KPN-Accent-Light.woff
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: cbaa9de381d14882a91588bbc728211d3f7507b233abf7c4a9fa5cbcf1d6b6dd

Request headers

sec-fetch-mode: cors
origin: https://icardssercurerty.ga
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
:path: /inloggen/XMO/KPN-Accent-Light.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://icardssercurerty.ga
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:40 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e5648c-9628"
content-type: font/woff
accept-ranges: bytes
content-length: 38440

GET
H2 200 KPN-Sans-Bold.woff
icardssercurerty.ga/inloggen/XMO/ 34 KB
34 KB 109ms
108ms Font
font/woff 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/KPN-Sans-Bold.woff
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: b2bb956c3d2a6760769e3aba4123d4956a1815e599fbfa571e5cf680d1c88638

Request headers

sec-fetch-mode: cors
origin: https://icardssercurerty.ga
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
:path: /inloggen/XMO/KPN-Sans-Bold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://icardssercurerty.ga
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:41 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e5648d-86fc"
content-type: font/woff
accept-ranges: bytes
content-length: 34556

GET
H2 200 KPN-Sans-Normal.woff
icardssercurerty.ga/inloggen/XMO/ 34 KB
35 KB 82ms
81ms Font
font/woff 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://icardssercurerty.ga/inloggen/XMO/KPN-Sans-Normal.woff
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 3da8d27a948ec45c4bcf23fe41306d21ea474da3b147b92b117bd54ccc981b4d

Request headers

sec-fetch-mode: cors
origin: https://icardssercurerty.ga
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=fdfqffhufv14er50rclv446iqm
:path: /inloggen/XMO/KPN-Sans-Normal.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: icardssercurerty.ga
referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://icardssercurerty.ga
Referer: https://icardssercurerty.ga/inloggen/XMO/main_v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:53 GMT
last-modified: Wed, 07 Jul 2021 08:23:41 GMT
server: nginx
x-powered-by: PleskLin
etag: "60e5648d-896c"
content-type: font/woff
accept-ranges: bytes
content-length: 35180

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa4a23b2bca4342e0cc4764ca21b5f7c98d60132667613ada2d9b0582132be39

Request headers

Origin: https://icardssercurerty.ga
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ 36 KB
13 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/AppMeasurement.min.js
Requested by: Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/launch-EN7116e05fcd714beb8bde5c6a11d8b7c5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 22:19:26 GMT
server: AkamaiNetStorage
etag: "279821f231e2e055aa15fd6e6ae29d46:1568067566.281876"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://icardssercurerty.ga
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13336
expires: Wed, 07 Jul 2021 14:02:54 GMT

GET
H2 200 pastease.js Show response
deploy.mopinion.com/js/ 30 KB
11 KB 104ms
34ms Script
application/javascript 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/js/pastease.js

Requested by

Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/mopinion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-12.fra2.r.cloudfront.net

Software

nginx / Pastea.se

Resource Hash

2811cf943a6212da4ac37d3e85ddfb1cd520816d86ecb7e7e85e9356bc70ffc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 12200
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
date: Wed, 07 Jul 2021 09:39:37 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jun 2021 14:25:25 GMT
server: nginx
etag: W/"7849-179d76a1808"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: qxpkfs27IJcVD3XPBxS5BDbn4L9vp1nOWyKL1m7v64i-Nmlb1VTMdQ==

POST json
kpn.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H2 200 wb6aaiy2boc422neecdzpqh43zqmptiyfzx Show response
deploy.mopinion.com/config/ 66 KB
10 KB 94ms
33ms XHR
application/json 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/config/wb6aaiy2boc422neecdzpqh43zqmptiyfzx

Requested by

Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/pastease.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-12.fra2.r.cloudfront.net

Software

nginx / Pastea.se

Resource Hash

5fd9fb60dfc877b1580c15cb4c48fe215d361bc69883738b12b8eaded4754e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 12:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1539
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: chYJTcZAm-YuZlnMaBroAJjd7GkIrRWSxec3Ol8_-94-KGwGDYcYow==

GET
H2 200 / Show response
kpn.blueconic.net/DG/DEFAULT/rest/rpc/ 14 B
695 B 39ms
38ms Script
text/javascript 54.154.112.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kpn.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221625662974047%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Ficardssercurerty.ga%2Finloggen%2F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%7D%7D%22%2C%22id%22%3A%221625662974048%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221625662974050%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221625662974051%22%7D%5D&referer=https%3A%2F%2Ficardssercurerty.ga%2Finloggen%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-07-07T15%3A02%3A54%2B02%3A00&callback=bc_json769

Requested by

Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/XMO/kpn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.112.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-112-158.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

c0b259d2e5f779a3791ea92c890c6e987b9060e798fe7ad4fe2bc6e08535468b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 34
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 survey.min.js Show response
collect.mopinion.com/assets/surveys/1.3/js/ 108 KB
31 KB 156ms
62ms Script
application/javascript 52.211.46.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/assets/surveys/1.3/js/survey.min.js?d=30032020

Requested by

Host: icardssercurerty.ga
URL: https://icardssercurerty.ga/inloggen/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.46.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-46-23.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

db61b0072613ae85a75625641561fc713249364859029bae3fe11eac97674519

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
content-length: 28376
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1ae2f-5a843eec95380-gzip"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Wed, 14 Jul 2021 13:02:54 GMT

GET stream
mopinion/survey/public/ 0
0

GET
H2 200 stream Show response
kpn.mopinion.com/survey/public/ 8 KB
8 KB 112ms
104ms Script
application/javascript 52.211.46.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kpn.mopinion.com/survey/public/stream?key=cdbc4e702f848a5b000af6f8206325b4a5d6ad9f&domain=kpn.mopinion.com&version=1.3

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/1.3/js/survey.min.js?d=30032020

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.46.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-46-23.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

938dd23167f39fe6701ad4e189f27152d591efd2ac36edf4b178c2a674c8fde5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
content-length: 4812
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
653 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/1.3/js/survey.min.js?d=30032020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 11:12:31 GMT
server: ESF
date: Wed, 07 Jul 2021 13:02:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 13:02:54 GMT

GET
H2 200 survey-base.css
kpn.mopinion.com/assets/css/surveys/ 206 KB
67 KB 49ms
49ms Stylesheet
text/css 52.211.46.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kpn.mopinion.com/assets/css/surveys/survey-base.css?v=3

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/1.3/js/survey.min.js?d=30032020

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.46.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-46-23.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6776eaecf3894cfe36b03417da9ff1d917b247553b9eb68dc96041b336e88304

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3389b-5a843eeba1140-gzip"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Wed, 14 Jul 2021 13:02:54 GMT

GET
H2 200 survey-kpn-new.css
kpn.mopinion.com/assets/css/surveys/themes/ 138 KB
27 KB 55ms
54ms Stylesheet
text/css 52.211.46.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kpn.mopinion.com/assets/css/surveys/themes/survey-kpn-new.css

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/1.3/js/survey.min.js?d=30032020

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.46.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-46-23.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e21fb14e72ea679177187c0d111d5932a57033de2b38cb2a7a555d5ab3cee20a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
content-length: 24609
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "22891-5a843eeba1140-gzip"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Wed, 14 Jul 2021 13:02:54 GMT

GET
H2 200 cdbc4e702f848a5b000af6f8206325b4a5d6ad9f
kpn.mopinion.com/survey/public/custom-css/ 632 B
3 KB 86ms
86ms Stylesheet
text/css 52.211.46.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kpn.mopinion.com/survey/public/custom-css/cdbc4e702f848a5b000af6f8206325b4a5d6ad9f?version=1.3

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/assets/surveys/1.3/js/survey.min.js?d=30032020

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.46.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-46-23.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3bac6224d05b727c3f82b144b0bc7b4ba7c58703874f763434b53a97990e83c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icardssercurerty.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
content-length: 289
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net; frame-src 'self' www.youtube.com player.vimeo.com js.stripe.com
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Wed, 14 Jul 2021 13:02:54 GMT

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e702d953b48587aa04b67a108451883140dd0bf997f23df4b288bdbde856c73

Request headers

Origin: https://icardssercurerty.ga
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kpn.blueconic.net
URL: https://kpn.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Ficardssercurerty.ga%2Finloggen%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-07-07T15%3A02%3A54%2B02%3A00&ts=1625662974048

Domain: mopinion
URL: https://mopinion/survey/public/stream?key=cdbc4e702f848a5b000af6f8206325b4a5d6ad9f&domain=mopinion&version=1.3

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
icardssercurerty.ga/	1969-12-31 23:59:59	Name: BCRevision_1625662974050 Value: %7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1625662974050%22%7D
icardssercurerty.ga/	1969-12-31 23:59:59	Name: BCRevision_1625662974048 Value: %7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ficardssercurerty.ga%2Finloggen%2F%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1625662974048%22%7D
icardssercurerty.ga/	1969-12-31 23:59:59	Name: PHPSESSID Value: fdfqffhufv14er50rclv446iqm

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://icardssercurerty.ga/inloggen/(Line 4) Message: Page bottom
console-api	log	URL: https://icardssercurerty.ga/inloggen/XMO/kpn.js(Line 130) Message: [BC][WARNING] BlueConic request failed, please make sure 'icardssercurerty.ga' is added as a channel (or alias) in BlueConic.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bit.do
collect.mopinion.com
deploy.mopinion.com
fonts.googleapis.com
icardssercurerty.ga
kpn.blueconic.net
kpn.mopinion.com
mopinion
p.st
yerl.org
kpn.blueconic.net
mopinion
109.71.253.24
13.224.193.12
213.164.205.116
2a00:1450:4001:82f::200a
2a02:26f0:6c00:299::1e80
52.211.46.23
54.154.112.158
54.83.52.76
94.130.191.239
16ca89ddc3728451d0d22dd3afea1cdf72e8de50e16d4a4d80b916323a480f66
2811cf943a6212da4ac37d3e85ddfb1cd520816d86ecb7e7e85e9356bc70ffc8
2e0cc000213af7d7d59e58200660c859e941e7afdb2e5539bc33f79a18e5185d
304d754b73b12f50b6f1bd36fc5204bed9c2fe740e2cd52d64d8176a1ec4a412
3449fbd65710fddb758727a69f80508a0718f13f220b3237b42c1440762952c5
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3da8d27a948ec45c4bcf23fe41306d21ea474da3b147b92b117bd54ccc981b4d
3e702d953b48587aa04b67a108451883140dd0bf997f23df4b288bdbde856c73
3ebed0b4613a88832475127625aafb9a8aebb5b7f699112a81ad617a63c9ac51
4376c1be03765c0ee6ba1596219b9b557674ada87ccadb0ec0165a68958eb01c
4d489a541801678449b98d485fe27d232257ae7edd6f648b60acf92e95d20c26
5ae4c1036263812baba8c9d796f445e828fd331e9e80084c00f3584f61774771
5fd9fb60dfc877b1580c15cb4c48fe215d361bc69883738b12b8eaded4754e2c
641e1e8629a6359b91452217eb533e57f659ce633e10fcad27f3c6789b7c3526
6776eaecf3894cfe36b03417da9ff1d917b247553b9eb68dc96041b336e88304
707b6b0a3cc82ef2c2878174fe80f81c4b5ff76635dec78e13ed969b03e3a1e4
797065f78ca3032a82134112c17efd571c19202469199689520eed173a1d63d8
927482bbdc2ec85d0bc3a542f64bf59152ce314c668c89bf10f7060eb0bc2dd3
938dd23167f39fe6701ad4e189f27152d591efd2ac36edf4b178c2a674c8fde5
9787862fae716fafa03a911aa4a1d9ddac00ad3bcd5809e6cf27f6a6219cdf1a
a4698174e021ef0a116602d9cab8db4e322af70e78fc2cf1124dde936cceaca3
a46bc38e9d3a43b68cb2fb070882f4e40fba75f9731513ad015aa4be08ba2365
a6a479ab251634c55e55bf4ed1905f3104cc45ba28e2019b87e0615f67d298b7
aa4a23b2bca4342e0cc4764ca21b5f7c98d60132667613ada2d9b0582132be39
b14e4ba4ef825743a33c50f80b19ef20f1df08843babfd298fdba2489fd7939e
b2bb956c3d2a6760769e3aba4123d4956a1815e599fbfa571e5cf680d1c88638
b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c0b259d2e5f779a3791ea92c890c6e987b9060e798fe7ad4fe2bc6e08535468b
c55e91bc4645c22c9d4a0af4384791919cdd08266f7750b1166a4ab1bcd8c4e3
c8df73e13b09cb756587e3fac46ab4440416f716811e977dc3ed9b150ced3be0
cbaa9de381d14882a91588bbc728211d3f7507b233abf7c4a9fa5cbcf1d6b6dd
d336d481a319618dde09bcd0d01e5b6435c71d180e9c78cb5b2de76a5e8c3cb7
d9a1a62b921dc0b8421a261c7379aadfa68b6912bbdd143fefdb44f64f005244
dac4165a04ca908706e38cfd6b8e68ffbc451fbda9fbb28c54ef0a01a642b788
db61b0072613ae85a75625641561fc713249364859029bae3fe11eac97674519
de3b3f019905832c6ea674b910b76350855993b292fc3a276d0853e620dafd67
e21fb14e72ea679177187c0d111d5932a57033de2b38cb2a7a555d5ab3cee20a
e37de5fb79d338800040db0f07a83b6bb8f69dab4a5a21d2f5bd3b0f0e917170
e3bac6224d05b727c3f82b144b0bc7b4ba7c58703874f763434b53a97990e83c

icardssercurerty.ga Open in urlscan Pro 109.71.253.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

95 %HTTPS

22 %IPv6

9 Domains

11 Subdomains

7 IPs

4 Countries

1034 kBTransfer

2785 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

icardssercurerty.ga Open in urlscan Pro
109.71.253.24 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

95 %
HTTPS

22 %
IPv6

9
Domains

11
Subdomains

7
IPs

4
Countries

1034 kB
Transfer

2785 kB
Size

3
Cookies

41 HTTP transactions
2 data transactions