r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16752
Expires: Sun, 06 Nov 2022 18:58:02 GMT
Date: Sun, 06 Nov 2022 14:18:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5891
Cache-Control: max-age=165024
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:50 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:09:14 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5891
Cache-Control: max-age=165024
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:50 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:09:14 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9378
Expires: Sun, 06 Nov 2022 16:55:08 GMT
Date: Sun, 06 Nov 2022 14:18:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 06 Nov 2022 13:43:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LNoiVt6bX1UxMLp1eoDx5b5gqAzjT4/2r5AM3Y0/LD78jxewykGyGZm1JP2gODJ1xx6SaTy8goc=
x-amz-request-id: R61BR73K5MDPAJER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 14:10:28 GMT
age: 502
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82af89be5b34cf6882b2fac0233a8b32
9ad0b138f55f77306cec05b01889cba614de5023
209d636b085aa94408e2db229698de4cd3c98fc14eb49789deaa48d14ed0ea63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209D636B085AA94408E2DB229698DE4CD3C98FC14EB49789DEAA48D14ED0EA63"
Last-Modified: Sun, 06 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Sun, 06 Nov 2022 20:18:42 GMT
Date: Sun, 06 Nov 2022 14:18:51 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/
91.218.65.6200 OK 16 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/
IP 91.218.65.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19360)
Hash d10f066c6c6361e2f0bb6818ba281e76
6d2da89cf22a29dc9bcd00439e6575610948705f
ff39b33af90ebf4fe8ea2861b1f8941574ec59496eb76986298ab7642aa6cd24
Analyzer Verdict Alert openphish International Card Services B.V
GET /icsics/ HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: text/html; charset=UTF-8
content-length: 16174
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.32, PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/plx.check.js
91.218.65.6200 OK 209 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/plx.check.js
IP 91.218.65.6:0
Hash 65a7d1a66a5b6f665f49900274e318e8
ed2a23b7c7bd5ec1e42127e381cd5089b88bc2a7
61b441852598829f84cc6605312cf152c2b5f74c05721f0e689daac188a4b929
GET /icsics/SCI/plx.check.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
content-length: 209
x-accel-version: 0.01
last-modified: Thu, 03 Nov 2022 15:13:30 GMT
etag: "195-5ec9266619b8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/proxyid.js
91.218.65.6200 OK 170 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/proxyid.js
IP 91.218.65.6:0
File type ASCII text, with no line terminators
Hash df12345b39e09a10716a3d123eed0456
0eaa13a8a6acb765c1ef90b80827244ae1ec2453
c64bd5b1de5bb032bb18fe298f50ab7678848b765b9a81b250444f8506e95f10
GET /icsics/SCI/proxyid.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
content-length: 170
x-accel-version: 0.01
last-modified: Thu, 03 Nov 2022 15:13:38 GMT
etag: "a4-5ec9266e1a98e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/js
91.218.65.6200 OK 111 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/js
IP 91.218.65.6:0
File type ASCII text, with very long lines (1571)
Size 111 kB (110845 bytes)
Hash a6de53e4b3f6fda18ee2a9883ada2f2f
4c403c12f363f02a46db9bbafa72d527011e1777
358c3a6c47b288112cef0f6d932d8b7ce82ef30da914bd9bb25611d033a22d22
GET /icsics/SCI/js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/octet-stream
content-length: 110845
last-modified: Thu, 03 Nov 2022 15:13:23 GMT
etag: "6363da93-1b0fd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/extra-veilig-inloggen.png
91.218.65.6200 OK 2.6 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/extra-veilig-inloggen.png
IP 91.218.65.6:0
File type PNG image data, 193 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash d92d46789bd26332413f749c9049025f
bd82a9f760c742e15c609555753f25b7cb24b0a0
23b6fb0108b94d2d81693c51c160e6be5d60855078f0a042a13334e81b79dec9
GET /icsics/SCI/extra-veilig-inloggen.png HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: image/png
content-length: 2604
last-modified: Thu, 03 Nov 2022 15:13:20 GMT
etag: "6363da90-a2c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/zero.png
91.218.65.6200 OK 68 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/zero.png
IP 91.218.65.6:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /icsics/SCI/zero.png HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Thu, 03 Nov 2022 15:13:42 GMT
etag: "44-5ec92671db8e9"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/8574.js
91.218.65.6200 OK 8.6 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/8574.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (16427)
Hash 86e3949a771e1496812c2734cee3d4f3
28eb4b79969680dc5c1f5517f6b5158315667813
edbf00844b29b9751d466fa00f8c23551ff7ab7ee185128fc56650e4eaa82e28
GET /icsics/SCI/8574.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:15 GMT
etag: W/"6363da8b-402c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/fbevents.js
91.218.65.6200 OK 18 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/fbevents.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (34629)
Hash f69031781e0cb1f85aadc6a81b64fe34
584f427a8d6f399ece11dbe8b9d15e7935765d7d
d54d11b5bd7ce35bc4f5700657f5e6fe0b3b3441e37b4530968ce88e6199258e
GET /icsics/SCI/fbevents.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:21 GMT
etag: W/"6363da91-1e5e9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PVW329
142.250.74.168200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PVW329
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash d5978360193d4f0661a2aa624678fc29
c40238d305b6e46a7abb75bf6b2bf75b8deda07e
b58845319b7a7084d9fb9c54268d5ae51987ef4837a32065d15113a4d1043943
GET /gtm.js?id=GTM-PVW329 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:18:51 GMT
expires: Sun, 06 Nov 2022 14:18:51 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/collectddna.js
91.218.65.6200 OK 12 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/collectddna.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (2697), with no line terminators
Hash 279769698b013f61088ce2a7e19c37b2
33085aafd6b8933804de3f4f85dd1ff83c92bf4a
bcac375be990bfa9d5c00562f8a14aadb3a8a59b8bd2f389e7d8bf94c9a11325
GET /icsics/SCI/collectddna.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:16 GMT
etag: W/"6363da8c-a89"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/arcotfpcollect.js
91.218.65.6200 OK 10 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/arcotfpcollect.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (33621), with no line terminators
Hash c24f7f219a5a39a88f73f1cc21a34a0c
df76738af45700506534921f9fb8e18cd863753f
9e26aef595e60abc6c25bb7157a504d51979ee7cac07b9d09337724385c184e7
GET /icsics/SCI/arcotfpcollect.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:16 GMT
etag: W/"6363da8c-8355"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/gtm.js
91.218.65.6200 OK 122 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/gtm.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (1538)
Size 122 kB (121599 bytes)
Hash 7b35dbdd7258bbb05f4a1fc41411f81b
c5ee823b86be80c2326381c4fff6b192ad7988d9
c3b8c9564d31b1be11650a15c580881e9b9b05f03037443a2ae4b9b0cac2b9af
GET /icsics/SCI/gtm.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:21 GMT
etag: W/"6363da91-1d455"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
142.250.74.168200 OK 121 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (65321)
Size 121 kB (120826 bytes)
Hash 00451a91dbb3bf83582195874814daaa
47eeb3d051431a1a33eeb3981dce572b9033dfbd
52ca89e62098c318e1a26297644aa7b4a7327dbf4bc0718b0011e047ab4a844f
GET /gtm.js?id=GTM-MHW4QGN&l=global_layer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:18:51 GMT
expires: Sun, 06 Nov 2022 14:18:51 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 120826
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/main.js
91.218.65.6200 OK 139 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/main.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (32099)
Size 139 kB (138789 bytes)
Hash 60b1c00182a0ecc40ac8f3271a440a13
d00b7013f50d24e1e2c0c3360751dce7ac62cc40
57ed8a0130b8c9bcadda427cc54464cd85d4c6d66536d144bc4397d1ba485426
GET /icsics/SCI/main.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:28 GMT
etag: W/"6363da98-2e4c2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/jquery-1.js
91.218.65.6200 OK 39 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/jquery-1.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (32060)
Hash bc594030d19bc5800c0507c38d299e2a
cefd32bdea108a3a3b7f064a59212a6ce23a119e
65d60077db6c102c89fe9d7871b0b0c67a878484f2f2d52de599056c8ec60657
GET /icsics/SCI/jquery-1.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:23 GMT
etag: W/"6363da93-17c52"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/sunot-bold-webfont.woff2
91.218.65.6200 OK 25 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/sunot-bold-webfont.woff2
IP 91.218.65.6:0
File type Web Open Font Format (Version 2), TrueType, length 24800, version 4.66\012- data
Hash 819f042f2484072228ad1cb32902ffd8
22955f1851a789580b5c6136886ff2ceea0726ac
265235296a58d38174ac7198a96e108c4e9c7ceceb0ccb700d352c8b99a7c99d
GET /icsics/SCI/sunot-bold-webfont.woff2 HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/SCI/main-ics.css
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k; _ga=GA1.4.1036002706.1667744329; _gid=GA1.4.3313181.1667744329; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: font/woff2
content-length: 24800
last-modified: Thu, 03 Nov 2022 15:13:40 GMT
etag: "6363daa4-60e0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/runtime.js
91.218.65.6200 OK 1.1 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/runtime.js
IP 91.218.65.6:0
File type ASCII text, with very long lines (1451), with no line terminators
Hash 218c32542382c7408b7a0fba80ed6075
a1f315c8c8c753bfbea3700c3b9bbb335e26ef41
90337a0c8a0a1dfa33bfb91c2c810fc13176834b9e48c97f6f4056420f26ff61
GET /icsics/SCI/runtime.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:39 GMT
etag: W/"6363daa3-5ab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3049
Cache-Control: max-age=136596
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 04:15:28 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 12:41:09 GMT
expires: Sun, 06 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5863
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.126.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.126.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zn0rCSz2bba2cCJmKuz6cA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QfifmEfJE320KrN/55OP6jVzS/0=
8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
142.250.74.70200 OK 279 B URL HTTP/2 8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (567), with no line terminators
Hash 129cfbac6483c422c1542e050d9db92b
a4951b9f6d4e765fe7c234d267c865dc1d2fb6c0
0dc9ea0d0d91c5534783d6c5f18a7784b9d744e3c1e21bd3a88a2791818c5347
GET /activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore? HTTP/1.1
Host: 8602056.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 279
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 14:33:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1476346360&t=pageview&_s=1&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=445173334&gjid=1186271629&cid=1036002706.1667744329&tid=UA-63549881-7&_gid=3313181.1667744329&_r=1>m=2wg9i1PVW329&z=1427844950
142.250.74.174302 Found 416 B URL HTTP/2 www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1476346360&t=pageview&_s=1&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=445173334&gjid=1186271629&cid=1036002706.1667744329&tid=UA-63549881-7&_gid=3313181.1667744329&_r=1>m=2wg9i1PVW329&z=1427844950
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ebb549b8d35ce1e16222fabbdd086721
76e6450a4b120d32057c7fc3f395226e500c4a34
8d1e375b849efa1417bd6203adc59c2abeb8c3db546ab94430226b76850a40a3
GET /r/collect?v=1&_v=j79&aip=1&a=1476346360&t=pageview&_s=1&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=445173334&gjid=1186271629&cid=1036002706.1667744329&tid=UA-63549881-7&_gid=3313181.1667744329&_r=1>m=2wg9i1PVW329&z=1427844950 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=1036002706.1667744329&jid=445173334&_gid=3313181.1667744329&gjid=1186271629&_v=j79&z=1427844950
access-control-allow-origin: *
date: Sun, 06 Nov 2022 14:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd18f82baf167da783ce3b21d9a78ac4
abe5076482b388cc799e94baac0212fbcf8ef822
674fbff3d78c948fe9bc962f906ee9458a8aac2e443003ddf3a70420a42dcd09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5848
Cache-Control: max-age=128278
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Etag: "6366fd8a-1d7"
Expires: Tue, 08 Nov 2022 01:56:50 GMT
Last-Modified: Sun, 06 Nov 2022 00:19:22 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: WT1TiIiKmjAlIh1ZizZN3toXBlB6fY3uqcJA2uXG0tkNJkeCqe7G3sdCeYEJ45vuC0TkFpI7CwNHgscRBo9yTQ==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 2074150462
date: Sun, 06 Nov 2022 14:18:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=9101445758821;gtm=2wg9i1;auiddc=1930346111.1667744330;u1=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F;u2=icscards_nl;u3=1;u4=undefined;u8=consumer;u10=pageview;~oref=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F?
142.250.74.70200 OK 291 B URL HTTP/2 8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=9101445758821;gtm=2wg9i1;auiddc=1930346111.1667744330;u1=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F;u2=icscards_nl;u3=1;u4=undefined;u8=consumer;u10=pageview;~oref=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (577), with no line terminators
Hash 18e4514daaf105f0b86238f19230b277
d3924073527623ee19baa4cb1c09233854941a00
47ed33b04cbc5ada21749d4d32e497c40a834f1f0525314e36feafd3abbb068a
GET /activityi;src=8602056;type=count;cat=ics_r0;ord=9101445758821;gtm=2wg9i1;auiddc=1930346111.1667744330;u1=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F;u2=icscards_nl;u3=1;u4=undefined;u8=consumer;u10=pageview;~oref=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F? HTTP/1.1
Host: 8602056.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 291
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 14:33:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1476346360&t=pageview&_s=1&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAUABE~&jid=1097206209&gjid=305489176&cid=1036002706.1667744329&tid=UA-136243982-2&_gid=3313181.1667744329&_r=1>m=2wg9i1MHW4QGN&cg1=consumer&cg2=icscards_nl&cd1=2022-11-06T14%3A18%3A50.75%2B00%3A00&cd3=1667744330076.s3ojxmy&cd4=consumer&cd5=icscards_nl&cd6=FULL_OPT_IN&cd8=FULL_OPT_IN&cd12=1580357904717&cd13=GTM-MHW4QGN%20-%2052&cd2=1036002706.1667744329&z=1567801469
142.250.74.174302 Found 417 B URL HTTP/2 www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1476346360&t=pageview&_s=1&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAUABE~&jid=1097206209&gjid=305489176&cid=1036002706.1667744329&tid=UA-136243982-2&_gid=3313181.1667744329&_r=1>m=2wg9i1MHW4QGN&cg1=consumer&cg2=icscards_nl&cd1=2022-11-06T14%3A18%3A50.75%2B00%3A00&cd3=1667744330076.s3ojxmy&cd4=consumer&cd5=icscards_nl&cd6=FULL_OPT_IN&cd8=FULL_OPT_IN&cd12=1580357904717&cd13=GTM-MHW4QGN%20-%2052&cd2=1036002706.1667744329&z=1567801469
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8ffb92f898ed2276e26e970d20fcf3b9
ea3610b5e74b7803e75008bc07f2d585ca93de25
95adf14dcb964a4a556192e8d6659269fd0a3ab6beda10ff036a5a923c526274
GET /r/collect?v=1&_v=j79&aip=1&a=1476346360&t=pageview&_s=1&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAUABE~&jid=1097206209&gjid=305489176&cid=1036002706.1667744329&tid=UA-136243982-2&_gid=3313181.1667744329&_r=1>m=2wg9i1MHW4QGN&cg1=consumer&cg2=icscards_nl&cd1=2022-11-06T14%3A18%3A50.75%2B00%3A00&cd3=1667744330076.s3ojxmy&cd4=consumer&cd5=icscards_nl&cd6=FULL_OPT_IN&cd8=FULL_OPT_IN&cd12=1580357904717&cd13=GTM-MHW4QGN%20-%2052&cd2=1036002706.1667744329&z=1567801469 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_gid=3313181.1667744329&gjid=305489176&_v=j79&z=1567801469
access-control-allow-origin: *
date: Sun, 06 Nov 2022 14:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3041
Cache-Control: max-age=136588
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 04:15:20 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 430ce1e23ac30ac8d2e1d85344205050
443f5d5480cec7ba6583498d0fa9acd5ed763cc3
0ce195f1a708da75b22d0f4f40abcfc3a9ac324fb6b04fd8401645fda22b524a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=1036002706.1667744329&jid=445173334&_gid=3313181.1667744329&gjid=1186271629&_v=j79&z=1427844950
64.233.162.154200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=1036002706.1667744329&jid=445173334&_gid=3313181.1667744329&gjid=1186271629&_v=j79&z=1427844950
IP 64.233.162.154:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=1036002706.1667744329&jid=445173334&_gid=3313181.1667744329&gjid=1186271629&_v=j79&z=1427844950 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion_async.js
216.58.207.194200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (1654)
Hash 24445a92ec3d06e4ffc3ee59e78f43ef
a61c814ecde7380e678242ad9afd1f9665c0a51e
86a0020adfe5219406c1de6eecda1ea5553debe0ab0cddc1e925105bd40c8ff7
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:18:52 GMT
expires: Sun, 06 Nov 2022 14:18:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17492700971443886010
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_gid=3313181.1667744329&gjid=305489176&_v=j79&z=1567801469
64.233.162.154302 Found 368 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_gid=3313181.1667744329&gjid=305489176&_v=j79&z=1567801469
IP 64.233.162.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash cd8db0168c92aae68a4f50d6adcd0b72
6a90e9cc2ac2e3009a614101a0a874ab375bf5a6
7fe0215227d3f4ed3e8288d87bc0263c274b18ae5be2c15a44c99a559a6c2b3c
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_gid=3313181.1667744329&gjid=305489176&_v=j79&z=1567801469 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=9101445758821;gtm=2wg9i1;auiddc=1930346111.1667744330;u1=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F;u2=icscards_nl;u3=1;u4=undefined;u8=consumer;u10=pageview;~oref=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F
142.250.74.34200 OK 294 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=9101445758821;gtm=2wg9i1;auiddc=1930346111.1667744330;u1=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F;u2=icscards_nl;u3=1;u4=undefined;u8=consumer;u10=pageview;~oref=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (576), with no line terminators
Hash 8dea591431c84021b36e4c53fe2da990
6e7fa0789f730211c74beabcd2614fe93d5fe9a6
ea67c487d19216f200539e7d76f7728cdd133b495b42100be4bb4007625c88a2
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=9101445758821;gtm=2wg9i1;auiddc=1930346111.1667744330;u1=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F;u2=icscards_nl;u3=1;u4=undefined;u8=consumer;u10=pageview;~oref=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8602056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&rl=&if=false&ts=1667744330239&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22timeOnSiteCurrentSession%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1667744330238.1516747748&it=1667744330207&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&rl=&if=false&ts=1667744330239&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22timeOnSiteCurrentSession%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1667744330238.1516747748&it=1667744330207&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&rl=&if=false&ts=1667744330239&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22timeOnSiteCurrentSession%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1667744330238.1516747748&it=1667744330207&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 14:18:52 GMT
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
142.250.74.34200 OK 280 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566), with no line terminators
Hash c421c4f1ba15b7070c2b2b076b1157c1
0e483628815ce32b4a1ef3c0635096f271353ee1
31c6acbe626aa7bd8b2a5f6be3d611db552df7deb622ef3ef5f33a3503f733b3
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8602056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b82d4dc411e05b18ff9e08b17f189a11
361781e2a33effc1fe3be222616b79e7edf76e0c
4e89cd9847ada63d8bf26c748540580aebf563295589134b4895352cf85b713e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec2dadc5c45cbc63373d6bf3b5402322
47782ebec63dcc6115e5d4b80bbc85b61231eb2e
6fcc527773eb6929a689fac8a50ce577465e462072ec9f0eaa9f4de9b5d2fa20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=136773
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Etag: "63673591-1d7"
Expires: Tue, 08 Nov 2022 04:18:25 GMT
Last-Modified: Sun, 06 Nov 2022 04:18:25 GMT
Server: nginx
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
185.195.93.72302 Moved Temporarily 0 B URL HTTP/1.0 icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP 185.195.93.72:0
ASN #42649 Baffin Bay Networks AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: icscards.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 302 Moved Temporarily
Location: https://www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
Connection: Keep-Alive
Content-Length: 0
Set-Cookie: _tpc_persistance_cookie=!BoGoFZHyFvyzkyi8EOda6AVGp4P79WDrIY330t8ZVIUjLTpLmdD5axlSIKaKuEm7H2GiixmeYEAZxPo=; path=/; Httponly; Secure
BBN01c5658b=0135ab579a7c3f46ef1f6ffe91793e030d5cf66f8e1baa88f38a017aabc2c573f144007609e885e9d7fbaef1cfe120cc411e637ae2a586d3ca530727531c255c7b6f588509; Path=/; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469&slf_rd=1&random=4148677718
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 4a774101f2e2afadafe84744fc6e8af8
46cf597b2d52de3bf2985226e62a952ed06fc22a
1883d9a11404c3a56dff05dbeab7fb203237fa6b57cfba27bc1305c76584d502
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120448
Date: Sun, 06 Nov 2022 14:18:52 GMT
Etag: "6366de7a-1d7"
Expires: Mon, 07 Nov 2022 23:46:20 GMT
Last-Modified: Sat, 05 Nov 2022 22:06:50 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2g-fV0TydyAnigX68FWMXl12BSlJrXjhMSbfICR4YQfaPpA3wluE9Q==
Age: 5970
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dwin1.com/8574.js
143.204.55.32200 OK 11 kB IP 143.204.55.32:0
Hash 9b38db173e5b131abddc62ff118f0a15
4e27230a212edc9279b8b992f4ccc030aad9bbc7
8f80a311399d9edeaf9c0a7a0bb15e261eba3f1eb79d9b09c8f3ec6c59dfbf36
GET /8574.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Nov 2022 12:47:15 GMT
x-amz-version-id: C._I17GWd6lMj.O.Ci8vBRSs9M9hlBgj
server: AmazonS3
content-encoding: gzip
date: Sun, 06 Nov 2022 14:10:30 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"b2e7cfecbb7127ef2a52d147101fa989"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uMfYqy_ewCFs97-dAzZDJrlzyt2NNvu9S8dGyDE0O5NkwrimWqQruw==
age: 503
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
expires: Sun, 06 Nov 2022 14:18:52 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
185.195.93.72200 5.5 kB URL HTTP/1.1 www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP 185.195.93.72:0
ASN #42649 Baffin Bay Networks AB
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 75d0a29d4d1a08405f39799bcb986e63
da64454d7277c531786146796026f49f89e9d4db
1a99f7b02b4517fa7e085315d99cdc0b9e13b0b1c904c683679a05de7a7d1a63
GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: www.icscards.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
content-length: 5528
content-type: image/png;charset=UTF-8
date: Sun, 06 Nov 2022 14:18:52 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 14:18:52 GMT
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors www.anwb.nl www.worldcard.nl www.yourmastercard.nl www.icscards.nl *.icscards.nl.cipe.local icscards.nl
strict-transport-security: max-age=31536000; includeSubDomains
Set-Cookie: BIGipServer~ICSDLB02~pool_www.icscards.nl_8016=rd11o00000000000000000000ffff0af4d3d0o8016; path=/; Httponly; Secure
_tpc_persistance_cookie=!+hb5N3Zzj6sXwZG8EOda6AVGp4P79YQGmcL8UqcV9CVw2QuPTZiePhLzhvw1ASK1h8AmPEh97WP+M/o=; path=/; Httponly; Secure
BBN01677320=0135ab579a337c2f0c2a0fce7874c9fd60383c13d5249ba94bce01e260aacbcfb597809f78dd043150a01c303f8812780bcda13287c18e929fc17ee3d57539d8294a805103; Path=/; Domain=.www.icscards.nl; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469&slf_rd=1&random=4148677718
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469&slf_rd=1&random=4148677718
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-136243982-2&cid=1036002706.1667744329&jid=1097206209&_v=j79&z=1567801469&slf_rd=1&random=4148677718 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:18:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
w.usabilla.com/a1d53d1e874a.js?lv=1
52.215.83.17200 OK 13 kB URL HTTP/2 w.usabilla.com/a1d53d1e874a.js?lv=1
IP 52.215.83.17:0
File type ASCII text, with very long lines (12521)
Hash fe3eda77ff08db9261731fbfaa31c4b9
29f7b0da3a1b4da578ef692bedbca0aefe61f159
d1604e15bed3bc6b5d6b42fb088b4d6afec36da446ffee408e31642c342adf1a
GET /a1d53d1e874a.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:18:52 GMT
content-type: text/javascript
content-length: 13143
cache-control: public,max-age=0
content-encoding: gzip
etag: "a689436660801ecec0f4f1e7aceb50f4"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:18:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
54.230.245.25200 OK 1.8 kB URL HTTP/1.1 d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
IP 54.230.245.25:0
File type PNG image data, 80 x 260, 8-bit colormap, non-interlaced\012- data
Hash 7ef629548db47bacfbb18b3383223f61
c92146d1f74c6f79b3bf2c5bfe01ac69392bd998
62aa47ada132a4fb2551ef3ab9b39a28fc285e187905d744c8ec52ed83007ef8
GET /themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1809
Connection: keep-alive
Date: Mon, 10 Jan 2022 07:30:24 GMT
Last-Modified: Tue, 13 Mar 2018 16:10:27 GMT
ETag: "7ef629548db47bacfbb18b3383223f61"
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: uUADb9XCpewO7QYDlgT5DnwG20pU0rFi
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B2N3O0mGD6j679CcBh5dyjagSnS4INB2Q8pArK2CL_y4VtUhPLrLJg==
Age: 25944509
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9288
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9288
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9288
Expires: Sun, 06 Nov 2022 16:53:41 GMT
Date: Sun, 06 Nov 2022 14:18:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 57693
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 39239
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 18439
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 59673
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 58196
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 57855
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/analytics.js
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/analytics.js
IP 91.218.65.6:0
GET /icsics/SCI/analytics.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:15 GMT
etag: W/"6363da8b-adb6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/modernizr.js
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/modernizr.js
IP 91.218.65.6:0
GET /icsics/SCI/modernizr.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:28 GMT
etag: W/"6363da98-5f1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/a
91.218.65.6404 Not Found 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/a
IP 91.218.65.6:0
GET /icsics/SCI/a HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 14:36:41 GMT
etag: W/"328-5ec91e2b8da3a"
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/main_002.js
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/main_002.js
IP 91.218.65.6:0
GET /icsics/SCI/main_002.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:37 GMT
etag: W/"6363daa1-254a40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/main-ics.css
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/main-ics.css
IP 91.218.65.6:0
GET /icsics/SCI/main-ics.css HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 15:13:26 GMT
etag: W/"6363da96-3b0c7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/conversion_async.js
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/conversion_async.js
IP 91.218.65.6:0
GET /icsics/SCI/conversion_async.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:17 GMT
etag: W/"6363da8d-5f4d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/SunOT-Regular.ttf
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/SunOT-Regular.ttf
IP 91.218.65.6:0
Analyzer Verdict Alert fortinet Phishing
GET /icsics/SCI/SunOT-Regular.ttf HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/SCI/styles.css
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k; _ga=GA1.4.1036002706.1667744329; _gid=GA1.4.3313181.1667744329; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: font/ttf
content-length: 86304
last-modified: Thu, 03 Nov 2022 15:13:42 GMT
etag: "6363daa6-15120"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/polyfills.js
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/polyfills.js
IP 91.218.65.6:0
GET /icsics/SCI/polyfills.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:38 GMT
etag: W/"6363daa2-1aa67"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/styles.css
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/styles.css
IP 91.218.65.6:0
GET /icsics/SCI/styles.css HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 15:13:41 GMT
etag: W/"6363daa5-7226b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/gtm_002.js
91.218.65.6200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/gtm_002.js
IP 91.218.65.6:0
GET /icsics/SCI/gtm_002.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:22 GMT
etag: W/"6363da92-21ab3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js
91.218.65.6404 Not Found 0 B URL HTTP/2 21931-4380.s3.webspace.re/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js
IP 91.218.65.6:0
Analyzer Verdict Alert fortinet Phishing
GET /webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=tvot4ebqfkab05olrfjrs4r40k; _ga=GA1.4.1036002706.1667744329; _gid=GA1.4.3313181.1667744329; _gat_UA-63549881-7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 06 Nov 2022 14:18:51 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 14:36:41 GMT
etag: W/"328-5ec91e2b8da3a"
content-encoding: br
X-Firefox-Spdy: h2