r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16694
Expires: Sun, 06 Nov 2022 18:58:44 GMT
Date: Sun, 06 Nov 2022 14:20:30 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: max-age=165546
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:30 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:19:36 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sun, 06 Nov 2022 16:58:09 GMT
Date: Sun, 06 Nov 2022 14:20:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8igobRsGN+FfwDCYeT2i33WTCfU0k9RlybjX97FA2ANhLPRgx5wQPOrQNOwALhTIhh8VkIZSRnc=
x-amz-request-id: PHBXFP1C9BMYX8E9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 13:47:39 GMT
age: 1971
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 147
Cache-Control: max-age=154127
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:31 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 09:09:18 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 82af89be5b34cf6882b2fac0233a8b32
9ad0b138f55f77306cec05b01889cba614de5023
209d636b085aa94408e2db229698de4cd3c98fc14eb49789deaa48d14ed0ea63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209D636B085AA94408E2DB229698DE4CD3C98FC14EB49789DEAA48D14ED0EA63"
Last-Modified: Sun, 06 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21464
Expires: Sun, 06 Nov 2022 20:18:15 GMT
Date: Sun, 06 Nov 2022 14:20:31 GMT
Connection: keep-alive
21931-4380.s3.webspace.re/icsics
301 Moved Permanently 325 B URL HTTP/2 21931-4380.s3.webspace.re/icsics
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 71533f088db8f974b0d6ef0ea489af87
3b08c8707d894371da5921a8940dd3fa0d537716
246888df2c9acf2865f8eba303b9aaac6880c86a9cec137c39a9013ffc14abac
Analyzer Verdict Alert fortinet Phishing
GET /icsics HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/html; charset=iso-8859-1
content-length: 325
location: https://21931-4380.s3.webspace.re/icsics/
x-powered-by: PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/
200 OK 16 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19360)
Hash d10f066c6c6361e2f0bb6818ba281e76
6d2da89cf22a29dc9bcd00439e6575610948705f
ff39b33af90ebf4fe8ea2861b1f8941574ec59496eb76986298ab7642aa6cd24
Analyzer Verdict Alert openphish International Card Services B.V
GET /icsics/ HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/html; charset=UTF-8
content-length: 16174
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.32, PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/plx.check.js
200 OK 209 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/plx.check.js
IP
Hash 65a7d1a66a5b6f665f49900274e318e8
ed2a23b7c7bd5ec1e42127e381cd5089b88bc2a7
61b441852598829f84cc6605312cf152c2b5f74c05721f0e689daac188a4b929
GET /icsics/SCI/plx.check.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
content-length: 209
x-accel-version: 0.01
last-modified: Thu, 03 Nov 2022 15:13:30 GMT
etag: "195-5ec9266619b8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/proxyid.js
200 OK 170 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/proxyid.js
IP
File type ASCII text, with no line terminators
Hash df12345b39e09a10716a3d123eed0456
0eaa13a8a6acb765c1ef90b80827244ae1ec2453
c64bd5b1de5bb032bb18fe298f50ab7678848b765b9a81b250444f8506e95f10
GET /icsics/SCI/proxyid.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
content-length: 170
x-accel-version: 0.01
last-modified: Thu, 03 Nov 2022 15:13:38 GMT
etag: "a4-5ec9266e1a98e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/js
200 OK 111 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/js
IP
File type ASCII text, with very long lines (1571)
Size 111 kB (110845 bytes)
Hash a6de53e4b3f6fda18ee2a9883ada2f2f
4c403c12f363f02a46db9bbafa72d527011e1777
358c3a6c47b288112cef0f6d932d8b7ce82ef30da914bd9bb25611d033a22d22
GET /icsics/SCI/js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/octet-stream
content-length: 110845
last-modified: Thu, 03 Nov 2022 15:13:23 GMT
etag: "6363da93-1b0fd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/extra-veilig-inloggen.png
200 OK 2.6 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/extra-veilig-inloggen.png
IP
File type PNG image data, 193 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash d92d46789bd26332413f749c9049025f
bd82a9f760c742e15c609555753f25b7cb24b0a0
23b6fb0108b94d2d81693c51c160e6be5d60855078f0a042a13334e81b79dec9
GET /icsics/SCI/extra-veilig-inloggen.png HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: image/png
content-length: 2604
last-modified: Thu, 03 Nov 2022 15:13:20 GMT
etag: "6363da90-a2c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/zero.png
200 OK 68 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/zero.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /icsics/SCI/zero.png HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Thu, 03 Nov 2022 15:13:42 GMT
etag: "44-5ec92671db8e9"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
21931-4380.s3.webspace.re/icsics/SCI/a
404 Not Found 842 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0e13ed8e360b5f1cec49b3da57d99d8c
f2715ba7af4235eb049d85cdb78d52da3f19c819
fc01f709de5362c05fd6920bbf9a9cab7072e8c7675289791ffe34a0c35515d5
GET /icsics/SCI/a HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg; _ga=GA1.4.508175199.1667744430; _gid=GA1.4.611974328.1667744430; _gat_UA-63549881-7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 14:36:41 GMT
etag: W/"328-5ec91e2b8da3a"
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
200 OK 121 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
IP
File type Unicode text, UTF-8 text, with very long lines (65321)
Size 121 kB (120826 bytes)
Hash 00451a91dbb3bf83582195874814daaa
47eeb3d051431a1a33eeb3981dce572b9033dfbd
52ca89e62098c318e1a26297644aa7b4a7327dbf4bc0718b0011e047ab4a844f
GET /gtm.js?id=GTM-MHW4QGN&l=global_layer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:20:31 GMT
expires: Sun, 06 Nov 2022 14:20:31 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 120826
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/main.js
200 OK 89 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/main.js
IP
File type ASCII text, with very long lines (32099)
Hash 0de792eb854544a3dd86e43efd412531
4fdb02c19588b3073fb9c0fa0ccafaf5966b1f03
4be034fdfd10651210e7758e09d672a08b7cc6529247602aa8331bdfc3c9f67d
GET /icsics/SCI/main.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:28 GMT
etag: W/"6363da98-2e4c2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/8574.js
200 OK 19 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/8574.js
IP
File type ASCII text, with very long lines (16427)
Hash 5de391cea40280397aca5825c5433380
f0dad6274a7d564b16efe7124c2a366060e311fd
6166ac4a63a8426d9e5de2234767f8f74311739e3eb64ba62a2a7e1c6262bf51
GET /icsics/SCI/8574.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:15 GMT
etag: W/"6363da8b-402c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/main_002.js
200 OK 532 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/main_002.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 532 kB (531980 bytes)
Hash 9de6dd0799e672ca4410b9346d44e5ea
250062a0848e22d7cdeec0f318cee877db5bc0ef
eee234d611cc8bb0fe87225ef161d2ceb251dbe08a0f76ce262c0f8bde6105ac
GET /icsics/SCI/main_002.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:37 GMT
etag: W/"6363daa1-254a40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/a
404 Not Found 87 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a808e2e2c8e4b13d00af1a52c525875f
82cbaafa21ab6ebb228370d79cbea2d7733bcc8a
bde1471ba7eeeeca302c103d7cdc04901473af9f40a58efd7a440106a433829e
GET /icsics/SCI/a HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 14:36:41 GMT
etag: W/"328-5ec91e2b8da3a"
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
21931-4380.s3.webspace.re/icsics/SCI/sunot-bold-webfont.woff2
200 OK 25 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/sunot-bold-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24800, version 4.66\012- data
Hash 819f042f2484072228ad1cb32902ffd8
22955f1851a789580b5c6136886ff2ceea0726ac
265235296a58d38174ac7198a96e108c4e9c7ceceb0ccb700d352c8b99a7c99d
GET /icsics/SCI/sunot-bold-webfont.woff2 HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/SCI/main-ics.css
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg; _ga=GA1.4.508175199.1667744430; _gid=GA1.4.611974328.1667744430; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:32 GMT
content-type: font/woff2
content-length: 24800
last-modified: Thu, 03 Nov 2022 15:13:40 GMT
etag: "6363daa4-60e0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/collectddna.js
200 OK 7.5 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/collectddna.js
IP
File type ASCII text, with very long lines (2697), with no line terminators
Hash 1ce76e3f1b0769cc31f50a173fb4b5ca
b8743b945bce29ec66601444d398abc7d439c81a
905cd58131b75bc9ba2444116c30ec1cd340a4cf4b1cc91589f0d25610106b3f
GET /icsics/SCI/collectddna.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:16 GMT
etag: W/"6363da8c-a89"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: max-age=139745
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 05:09:37 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 12:41:09 GMT
expires: Sun, 06 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5963
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd18f82baf167da783ce3b21d9a78ac4
abe5076482b388cc799e94baac0212fbcf8ef822
674fbff3d78c948fe9bc962f906ee9458a8aac2e443003ddf3a70420a42dcd09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4356
Cache-Control: max-age=126686
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Etag: "6366fd8a-1d7"
Expires: Tue, 08 Nov 2022 01:31:58 GMT
Last-Modified: Sun, 06 Nov 2022 00:19:22 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: WT1TiIiKmjAlIh1ZizZN3toXBlB6fY3uqcJA2uXG0tkNJkeCqe7G3sdCeYEJ45vuC0TkFpI7CwNHgscRBo9yTQ==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Sun, 06 Nov 2022 14:20:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
200 OK 279 B URL HTTP/2 8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (567), with no line terminators
Hash 129cfbac6483c422c1542e050d9db92b
a4951b9f6d4e765fe7c234d267c865dc1d2fb6c0
0dc9ea0d0d91c5534783d6c5f18a7784b9d744e3c1e21bd3a88a2791818c5347
GET /activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore? HTTP/1.1
Host: 8602056.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:20:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 279
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 14:35:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ec2dadc5c45cbc63373d6bf3b5402322
47782ebec63dcc6115e5d4b80bbc85b61231eb2e
6fcc527773eb6929a689fac8a50ce577465e462072ec9f0eaa9f4de9b5d2fa20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2659
Cache-Control: max-age=139331
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Etag: "63673591-1d7"
Expires: Tue, 08 Nov 2022 05:02:43 GMT
Last-Modified: Sun, 06 Nov 2022 04:18:25 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: max-age=139745
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 05:09:37 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
21931-4380.s3.webspace.re/icsics/SCI/gtm.js
200 OK 42 kB URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/gtm.js
IP
File type ASCII text, with very long lines (1538)
Hash 4eeaa8850c0d0467ec96200dbda2923f
e055b2fe55e4f7523625d4f0917c9a9b2b1d1967
dd18a6b5932fca97d789c3e8238592a1465438f79d3e5564d16c8f9c577bee64
GET /icsics/SCI/gtm.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:21 GMT
etag: W/"6363da91-1d455"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/modernizr.js
200 OK 705 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/modernizr.js
IP
File type ASCII text, with very long lines (1428)
Hash 8323745a910bf5ac4d42590c3c55399e
b92e807da98e9b5176ebdf054395cec728fc24a4
5fc3130905e02f6dccd2be9e61123413d9203f4d2222716a9095cd27ee2e9949
GET /icsics/SCI/modernizr.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:28 GMT
etag: W/"6363da98-5f1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=508175199.1667744430&jid=1907440378&_gid=611974328.1667744430&gjid=1502396168&_v=j79&z=560939652
200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=508175199.1667744430&jid=1907440378&_gid=611974328.1667744430&gjid=1502396168&_v=j79&z=560939652
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=508175199.1667744430&jid=1907440378&_gid=611974328.1667744430&gjid=1502396168&_v=j79&z=560939652 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 14:20:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&rl=&if=false&ts=1667744430429&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22timeOnSiteCurrentSession%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1667744430428.2093111654&it=1667744430386&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&rl=&if=false&ts=1667744430429&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22timeOnSiteCurrentSession%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1667744430428.2093111654&it=1667744430386&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2F21931-4380.s3.webspace.re%2Ficsics%2F&rl=&if=false&ts=1667744430429&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22timeOnSiteCurrentSession%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1667744430428.2093111654&it=1667744430386&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 14:20:32 GMT
X-Firefox-Spdy: h2
www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
200 5.5 kB URL HTTP/1.1 www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
ASN #42649 Baffin Bay Networks AB
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 75d0a29d4d1a08405f39799bcb986e63
da64454d7277c531786146796026f49f89e9d4db
1a99f7b02b4517fa7e085315d99cdc0b9e13b0b1c904c683679a05de7a7d1a63
GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: www.icscards.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21931-4380.s3.webspace.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
content-length: 5528
content-type: image/png;charset=UTF-8
date: Sun, 06 Nov 2022 14:20:31 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 14:20:32 GMT
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors www.anwb.nl www.worldcard.nl www.yourmastercard.nl www.icscards.nl *.icscards.nl.cipe.local icscards.nl
strict-transport-security: max-age=31536000; includeSubDomains
Set-Cookie: BIGipServer~ICSDLB02~pool_www.icscards.nl_8016=rd11o00000000000000000000ffff0af4d3d1o8016; path=/; Httponly; Secure
_tpc_persistance_cookie=!hVt+S762T5WVkoW8EOda6AVGp4P79TGRkZOCPVF5jy8hIoy8hkHI1XHHF0JQ50DJqg2CePUiVXJW7Gs=; path=/; Httponly; Secure
BBN01677320=0135ab579a19a8436d43978b04e764aad74956146797946678432a076517c2252ffc46971ba7b06ea8152fbeb759e6c9f05aebb9290236191802f554969f657f5ce7bdd737; Path=/; Domain=.www.icscards.nl; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br
adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
200 OK 280 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566), with no line terminators
Hash c421c4f1ba15b7070c2b2b076b1157c1
0e483628815ce32b4a1ef3c0635096f271353ee1
31c6acbe626aa7bd8b2a5f6be3d611db552df7deb622ef3ef5f33a3503f733b3
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8602056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:20:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:20:32 GMT
expires: Sun, 06 Nov 2022 14:20:32 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4a774101f2e2afadafe84744fc6e8af8
46cf597b2d52de3bf2985226e62a952ed06fc22a
1883d9a11404c3a56dff05dbeab7fb203237fa6b57cfba27bc1305c76584d502
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119722
Date: Sun, 06 Nov 2022 14:20:32 GMT
Etag: "6366de7a-1d7"
Expires: Mon, 07 Nov 2022 23:35:54 GMT
Last-Modified: Sat, 05 Nov 2022 22:06:50 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BMA6Itco1x8mjvszWehPePKOdwtfqzwCJyKLvgVggweqfgvNbSchXA==
Age: 5344
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
w.usabilla.com/a1d53d1e874a.js?lv=1
200 OK 13 kB URL HTTP/2 w.usabilla.com/a1d53d1e874a.js?lv=1
IP
File type ASCII text, with very long lines (12521)
Hash 12b20a7deee1863776cb6674b02bf90c
12fe991af99729195fb2266c305dd3400de3aa69
4e36e7685df2abda65786e8059e52bae4339cce3371f1ce27d69dcb31171f7c4
GET /a1d53d1e874a.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:20:32 GMT
content-type: text/javascript
content-length: 13145
cache-control: public,max-age=0
content-encoding: gzip
etag: "a689436660801ecec0f4f1e7aceb50f4"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:20:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:20:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:20:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 18538
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 59772
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 57792
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 39338
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 58295
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d394a65-12f0-45e6-af37-57a983997faa.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d394a65-12f0-45e6-af37-57a983997faa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 886f94a2b6bfa041d40943e14fee4a18
deba663d6b38f0c151032b2d5b5b5d54f7dd78b0
620c1c5ae68bbbddf31b43bf51161b06d1a3da6b6872643637c057f05cceec6b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d394a65-12f0-45e6-af37-57a983997faa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9787
x-amzn-requestid: fbeabde7-9e76-468d-b945-a3ee931e5f74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabbHUPoAMFg_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-1c372f9206e5923d360e9ed6;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KF8Kw_R3RPDzYaBUCDBBaipWLSvXcY_G72FF0ruDQczPPuhk-R94Bg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:59:18 GMT
age: 58874
etag: "deba663d6b38f0c151032b2d5b5b5d54f7dd78b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
200 OK 1.8 kB URL HTTP/1.1 d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
IP
File type PNG image data, 80 x 260, 8-bit colormap, non-interlaced\012- data
Hash 7ef629548db47bacfbb18b3383223f61
c92146d1f74c6f79b3bf2c5bfe01ac69392bd998
62aa47ada132a4fb2551ef3ab9b39a28fc285e187905d744c8ec52ed83007ef8
GET /themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1809
Connection: keep-alive
Date: Mon, 10 Jan 2022 07:30:24 GMT
Last-Modified: Tue, 13 Mar 2018 16:10:27 GMT
ETag: "7ef629548db47bacfbb18b3383223f61"
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: uUADb9XCpewO7QYDlgT5DnwG20pU0rFi
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L8CjIx7qyQRhosEtVzchG_hVt5e4Bry1VBlhdCqBnIoYHZBZEFcqJg==
Age: 25944609
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 57961
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/styles.css
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/styles.css
IP
GET /icsics/SCI/styles.css HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 15:13:41 GMT
etag: W/"6363daa5-7226b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/analytics.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/analytics.js
IP
GET /icsics/SCI/analytics.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:15 GMT
etag: W/"6363da8b-adb6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/runtime.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/runtime.js
IP
GET /icsics/SCI/runtime.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:39 GMT
etag: W/"6363daa3-5ab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/arcotfpcollect.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/arcotfpcollect.js
IP
GET /icsics/SCI/arcotfpcollect.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:16 GMT
etag: W/"6363da8c-8355"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/main-ics.css
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/main-ics.css
IP
GET /icsics/SCI/main-ics.css HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 15:13:26 GMT
etag: W/"6363da96-3b0c7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/conversion_async.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/conversion_async.js
IP
GET /icsics/SCI/conversion_async.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:17 GMT
etag: W/"6363da8d-5f4d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/gtm_002.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/gtm_002.js
IP
GET /icsics/SCI/gtm_002.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:22 GMT
etag: W/"6363da92-21ab3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/fbevents.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/fbevents.js
IP
GET /icsics/SCI/fbevents.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:21 GMT
etag: W/"6363da91-1e5e9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
tinyurl.com/8v9ezs7t
301 Moved Permanently 0 B IP
Analyzer Verdict Alert openphish International Card Services B.V
fortinet Phishing
GET /8v9ezs7t HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: text/html; charset=UTF-8
location: https://21931-4380.s3.webspace.re/icsics
x-powered-by: PHP/8.1.8
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765e78632d1eb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/jquery-1.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/jquery-1.js
IP
GET /icsics/SCI/jquery-1.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:23 GMT
etag: W/"6363da93-17c52"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
21931-4380.s3.webspace.re/icsics/SCI/polyfills.js
200 OK 0 B URL HTTP/2 21931-4380.s3.webspace.re/icsics/SCI/polyfills.js
IP
GET /icsics/SCI/polyfills.js HTTP/1.1
Host: 21931-4380.s3.webspace.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21931-4380.s3.webspace.re/icsics/
Cookie: PHPSESSID=dvia8vhuuotmeqhvcma4l4skqg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:20:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 15:13:38 GMT
etag: W/"6363daa2-1aa67"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
172.67.1.225
23.36.77.32
91.218.65.6
31.13.72.12
93.184.220.29
54.77.60.185
104.20.139.65