r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3587
Expires: Fri, 25 Nov 2022 13:16:52 GMT
Date: Fri, 25 Nov 2022 12:17:05 GMT
Connection: keep-alive
rtff.nl/
50.87.170.207301 Moved Permanently 224 B IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6e6a2c2f03774b4c7250f613c284d5f4
b246ba1e812971a1d803180a8870853eceb8d305
97dc337cc1ab86a734f1c60bf85aeb2a5ff223bac4c7c25d39145731a80a7029
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 12:17:05 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 224
Location: https://rtff.nl/
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6247
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:05 GMT
Last-Modified: Fri, 25 Nov 2022 10:32:58 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 11:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3579
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5445
Expires: Fri, 25 Nov 2022 13:47:50 GMT
Date: Fri, 25 Nov 2022 12:17:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: larp3dxMV6MzEiRKlZ4eHNw3BHMI44a+svBhZJPogZgP1atigAHq6/Cxr/CFyRKdkRLbA92b5iY=
x-amz-request-id: 36XJTH7YFCFD5TYP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 11:43:49 GMT
age: 1996
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:17:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 87289a93fbd6cf71b8c5b01fadf7f0ec
2df327fa43e249b94c8c51a5176a117a999796c8
b581de12d3ca471f0e6fa9d29fa93de87f1d82b0017e3846c7b492b272698a2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B581DE12D3CA471F0E6FA9D29FA93DE87F1D82B0017E3846C7B492B272698A2B"
Last-Modified: Wed, 23 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 18:17:05 GMT
Date: Fri, 25 Nov 2022 12:17:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 12:11:11 GMT
cache-control: public,max-age=3600
age: 354
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:05 GMT
Last-Modified: Fri, 25 Nov 2022 11:44:41 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MD8ZJiNotx6HIKRBIdDKgQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aWyaCHY/+HOlBmVKaSp56ZAQDFk=
rtff.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.3
50.87.170.207200 OK 3.0 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10435), with no line terminators
Hash a6099ee677b6d930b6b878cf0cb08422
a2eb69454196d4250d624d25aaec587e97686642
755acd6dc98e63baff6d8b105b1bcaf63b79f935381fb3f32a79dace7faae0ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2985
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/css/classic-themes.min.css?ver=1
50.87.170.207200 OK 189 B URL HTTP/2 rtff.nl/wp-includes/css/classic-themes.min.css?ver=1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:45:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 189
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/oek3jfu.css?ver=1.1.3
23.36.76.122200 OK 2.1 kB URL HTTP/2 use.typekit.net/oek3jfu.css?ver=1.1.3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 05f98e57c8bf69811b2a45b11487ce62
16e3522d985248f21bfd428c603e646dd662de0f
ec9d8863407c4efeff3817cca31303db5caf45c51cba7cc748915093a89db954
GET /oek3jfu.css?ver=1.1.3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 2057
date: Fri, 25 Nov 2022 12:17:06 GMT
X-Firefox-Spdy: h2
use.typekit.net/oek3jfu.css?ver=1.0.0
23.36.76.122200 OK 2.1 kB URL HTTP/2 use.typekit.net/oek3jfu.css?ver=1.0.0
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 05f98e57c8bf69811b2a45b11487ce62
16e3522d985248f21bfd428c603e646dd662de0f
ec9d8863407c4efeff3817cca31303db5caf45c51cba7cc748915093a89db954
GET /oek3jfu.css?ver=1.0.0 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 2057
date: Fri, 25 Nov 2022 12:17:06 GMT
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.7
50.87.170.207200 OK 4.5 kB URL HTTP/2 rtff.nl/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.7
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21597)
Hash 7f01d3c2dd8fdc231241f6a3b10def8c
76646b14e9ce97d384b9adb20c622f09c7ecd140
999c4a983cd4b5a1a7652aa436630a18c1a6dbf91de090c903ab507b07df536a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.7 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 19:12:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4487
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/fancybox.min.css?ver=6.1.1
50.87.170.207200 OK 4.1 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/fancybox.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12795), with no line terminators
Hash cf0785cf0ed0e61ff719545fa3895446
41d23fc8b5755e0d9d72a174d0cfaf781df5f2b3
159db16a04f99391f3a89816a0b7955f3accf86fafb9c0c07dcdebe222a41c5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/fancybox.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4130
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=oek3jfu&ht=tk&f=27897.27906.27923.27989.27992.27998.28000.28016.28022.28024.28028.28037.28053.28056.27899.28031.28038.27901.27995.28002.28003.27914.27929.27938.27940.27941.27947.27962.27968.27977.27996.28020.28029.28048.28054&a=9106962&app=typekit&e=css
23.36.76.122200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=oek3jfu&ht=tk&f=27897.27906.27923.27989.27992.27998.28000.28016.28022.28024.28028.28037.28053.28056.27899.28031.28038.27901.27995.28002.28003.27914.27929.27938.27940.27941.27947.27962.27968.27977.27996.28020.28029.28048.28054&a=9106962&app=typekit&e=css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=oek3jfu&ht=tk&f=27897.27906.27923.27989.27992.27998.28000.28016.28022.28024.28028.28037.28053.28056.27899.28031.28038.27901.27995.28002.28003.27914.27929.27938.27940.27941.27947.27962.27968.27977.27996.28020.28029.28048.28054&a=9106962&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Fri, 25 Nov 2022 12:17:06 GMT
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/gt-woocommerce.min.css?ver=6.1.1
50.87.170.207200 OK 8.0 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/gt-woocommerce.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (38270), with no line terminators
Hash 2423e05c8ab06c787964eca47c44e3b8
a8aca0b56e9efbc9c1ff07fdb6f786cfb869c417
73308008a468287a4c93ca8a6090dad8a4785febf6e5db602ad6c11eb8197c23
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/gt-woocommerce.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8041
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.4
50.87.170.207200 OK 3.1 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17809), with no line terminators
Hash 97f3e7860b3e0d99f3c0327b0045363a
885af5049143e765b7fd0f3a0a860613b05d12d1
ff05d291dd422f8bee80e816eb1480c67fb3e0d6071bebd8f04c86de87a70080
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3086
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBf9cjaICj3aW_MIDlUivzkogghDavdEjg&libraries=places&ver=6.1.1
142.250.74.74200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBf9cjaICj3aW_MIDlUivzkogghDavdEjg&libraries=places&ver=6.1.1
IP 142.250.74.74:0
File type ASCII text, with very long lines (2464)
Hash d4bae339b395d501a1979910ec5869f6
86363420d2aa4974d3e142cad5d8e3f53bc5e2fe
ac0fed317756eb64cba47b3671a9ab35332e4c1354578c3680236867bdd53e46
GET /maps/api/js?v=3&key=AIzaSyBf9cjaICj3aW_MIDlUivzkogghDavdEjg&libraries=places&ver=6.1.1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 25 Nov 2022 12:17:06 GMT
expires: Fri, 25 Nov 2022 12:47:06 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55540
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.4
50.87.170.207200 OK 13 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash ebad0134e03078f66fa63f2a89d17d81
bccc743a9a5d015e06c7f622b4687142b2cd2fe5
42e7dbb97a0b72fa2bc44035d713982a7ff653cb63c0a7ef09e1fd4fe69c4d14
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13255
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
50.87.170.207409 Conflict 83 B URL HTTP/2 rtff.nl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/swiper.min.css?ver=6.1.1
50.87.170.207200 OK 4.8 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/swiper.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13411), with CRLF line terminators
Hash af2c04715c11693ed7b1edb815afc64b
61c29d4b1457ff7e88461369206c2c43fe93d934
9fcb02889369fd2a7c864e0690dc6f98ed55c9d5d731aad3262b6d9c0f682967
GET /wp-content/themes/noxe/includes/assets/css/swiper.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4787
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/simplebar.min.css?ver=6.1.1
50.87.170.207200 OK 898 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/simplebar.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2904), with CRLF line terminators
Hash af461de56be5e493ae76cdc1383a9607
5c5866add552dc473c7ea00f593e84e7839e41e3
08f7249ebc409b8d0228242edcd1784a629230d08cb585ef82063617f68646be
GET /wp-content/themes/noxe/includes/assets/css/simplebar.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 898
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/selectize.min.css?ver=6.1.1
50.87.170.207200 OK 2.1 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/selectize.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6911), with no line terminators
Hash 5787c0d60ca225cbc68cfe4b27e818f1
41559b72a9a6f57391936c806c4f4a65763b057c
cbae06c75ee507020240e5a078fba43890d8c43072b86fd6f50200a808a8f4bd
GET /wp-content/themes/noxe/includes/assets/css/selectize.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2062
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/
50.87.170.207200 OK 31 kB IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0c5cd356bf8a311f55cce0f58369e040
d562c11bb206d1de82ba3f97fa773d532cfea571
4950c1d4e779264e2f023ad8cdcdd7f90418a9f8ef70b9373a8b5182412ebec4
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:05 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://rtff.nl/wp-json/>; rel="https://api.w.org/", <https://rtff.nl/wp-json/wp/v2/pages/601>; rel="alternate"; type="application/json", <https://rtff.nl/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: true
x-proxy-cache: EXPIRED
set-cookie: pll_language=nl; expires=Sat, 25-Nov-2023 12:17:06 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/justifiedGallery.min.css?ver=6.1.1
50.87.170.207200 OK 779 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/justifiedGallery.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d53c9cd5dbb988f65454f3f43614bd37
95e460bbd2fadd480c7858c7b60e09a0706ee0d6
1aad53c54d12fc82a228214816c1103f987d221fb8cdd557f5931e867705715b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/justifiedGallery.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 779
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
50.87.170.207409 Conflict 83 B URL HTTP/2 rtff.nl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-favorite-system.min.js?ver=6.1.1
50.87.170.207200 OK 506 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-favorite-system.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1459), with no line terminators
Hash 6354b75e6b940ef3deb9d59168ffdba9
abeea8ad477cc96822d7d4d8f970853eb5357d06
695c5080ff3dd09b7df0d4208ce08d1d2d749a8bffe2afb52e41dc4dea13d88b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/gt-favorite-system.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 506
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4
50.87.170.207200 OK 1.1 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1093
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/counterup.min.js?ver=6.1.1
50.87.170.207200 OK 889 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/counterup.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2181), with CRLF line terminators
Hash 797133e7d7b3f494c12008655733bc9e
d1263f2e7d76c2a5187d0c09bf29e28153a660ab
e739c0f6ac391399a7d1ae2a6ba9b09567ade0c7dcf510c9e8a32a79b62c50e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/counterup.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 889
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
50.87.170.207200 OK 372 B URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0507d06596355ea2efd09bb9c5b0e46c
9ae0e8f7847222b09264ada703c182fd89011126
fefb5c10a704ffcb6c905a785ec2af387ff7169dbe548fa4784cc5782797d4c2
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 372
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4
50.87.170.207200 OK 1.0 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1000
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.10
50.87.170.207200 OK 2.5 kB URL HTTP/2 rtff.nl/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.10
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6021), with no line terminators
Hash 551e7026086fdcb28d300175aa8c7693
24eceb9f59705dfeb90fe92cb59c1dd370de56ff
1562188078829f3f5d710b46ec8ad9cd17b895d1f7b598c5906fa4d26fc15e3c
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.10 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:53:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2462
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4
50.87.170.207200 OK 4.0 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9115)
Hash 30e4855ccd2fde73cd01838d073b8d4b
aa39e03ffb6e39bf82b6a04d72e3f7cf7509f778
cbcfd79d48b4735b59e17b77cb3930f8a51fcdcb3d4675718a45af6077469636
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3955
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0
50.87.170.207200 OK 4.8 kB URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (51719)
Hash bbb73736be32eb084dfece7d92f79b8b
edfda1062d1abe6f9762c3cfa658586aa363554e
eabef9d2d86c3d7204a06468e84e036e6772af3ed222ab0bebb4a224baf1ede8
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4776
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/gt-social-media.min.css?ver=6.1.1
50.87.170.207200 OK 7.7 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/gt-social-media.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9cc96954367d6bc2dc336dcd919819ae
71973515a64542b4219516eb84d74620fc3fc1f6
cb456926bc7292a24e5c75ecb0761f8085abc4db7fe7775f119bf9cda7c9a1c4
GET /wp-content/themes/noxe/includes/assets/css/gt-social-media.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7687
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/sifter.min.js?ver=6.1.1
50.87.170.207200 OK 3.3 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/sifter.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7370), with CRLF line terminators
Hash 63b9a7383005abf16fd6d666dcb7e9fc
9f8375b8b747fa1da80e643eb5401b55347cc84c
beff9e62de6a2831a8e536def11e89c0066a4a360db3b8a5097cdc3f507b4961
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/sifter.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3341
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.10
50.87.170.207200 OK 3.2 kB URL HTTP/2 rtff.nl/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.10
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8029), with no line terminators
Hash 3869ce537714e83b37c997801651d389
76a99ced82576cbc7c9c671a2d982aafc7c2b3ec
5904864fb36b5d949dd95c46dc7248b9c6205a7859af0cad5b3a99378b7fb98b
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.10 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:53:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3164
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/custom.css?ver=1.0.0
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/custom.css?ver=1.0.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/custom.css?ver=1.0.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
content-length: 0
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4
50.87.170.207200 OK 1.2 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 267e8958dbad03e5b8e684648aa15aa2
fb81c3ab32d537817004715e011c33f2f7efaa81
8d2937738bf3b55c9ec65b0f2429361d4a2b0679f52ef2b9700192ae20acb03e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1202
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/style.css?ver=6.1.1
50.87.170.207200 OK 455 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/style.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5c99e31dff7c490b27353a5226cdc3b2
903ddcc7d99a4dc9417d5e156a33d33e922de9d0
faba4cb0eabfd436c6ee9d039a73a409e0756855b111e1198c11061bb7f465e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/style.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 455
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-watchlist-system.min.js?ver=6.1.1
50.87.170.207200 OK 508 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-watchlist-system.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1491), with no line terminators
Hash 8f27d18da624f2c224cb43341209f0a2
b36158bf654f07b8fef75aef0edb77afc52c8ca7
d12c8a7738590cce77074823071e21dcbdd1b0efa3c5c68acd0cb9887f0aefe4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/gt-watchlist-system.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 508
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4
50.87.170.207200 OK 792 B URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 792
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.87.170.207200 OK 4.6 kB URL HTTP/2 rtff.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 08:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/microplugin.min.js?ver=6.1.1
50.87.170.207200 OK 671 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/microplugin.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1247), with CRLF line terminators
Hash 24faf1344af1aa8525a9c953699f103b
aaebb6315b6863813b5bf0663debc236efce0cd2
0a9af3f8e52a8f2f2efe507498dc54e3b5f172a2bdd3b77be023f609379da41c
GET /wp-content/themes/noxe/includes/assets/js/microplugin.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 671
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-timeline.min.js?ver=6.1.1
50.87.170.207200 OK 1.8 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-timeline.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4811), with no line terminators
Hash 74f8b7d1f223bc152aeb19c368464e30
218b2b81169a9e7b2b425aa58a24e1efa83c70e3
102fb06cdbbd5fda22df5cbd49e46f719528d469ab599a036049e949cf2ab0da
GET /wp-content/themes/noxe/includes/assets/js/gt-timeline.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1770
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/js/imagesloaded.min.js?ver=4.1.4
50.87.170.207200 OK 2.1 kB URL HTTP/2 rtff.nl/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 08:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2103
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-script.min.js?ver=6.1.1
50.87.170.207200 OK 1.9 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-script.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5318), with no line terminators
Hash 851035689ed392ea8649a291a73d01d3
f2fd150b3333e71e0337699788414e17d267cefa
ed1ac74c19c884d3c3b6009702909e1a2b844feb9d78ecb00793e0f608e67298
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/gt-script.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1888
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
50.87.170.207200 OK 5.3 kB URL HTTP/2 rtff.nl/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 08:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/waypoints.min.js?ver=6.1.1
50.87.170.207200 OK 3.2 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/waypoints.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8863), with CRLF line terminators
Hash 6a8279042b7d712510fff0388915366d
223032dc933b23b7abd852729afff2927ac4dca4
ea806d1a3f056d855a6b55b5300563cfee0c8b5f8dfdcb06caf11ba392c30439
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/waypoints.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3225
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/what-input.js?ver=6.1.1
50.87.170.207200 OK 4.7 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/what-input.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6ab4a661996a1db22332cbd67c31eba8
cf830b26e0fcd49252b60b958e758edd94f45858
9465af7e52eb395aebcdc58fa1388e18a0aad34d64a78604992023e738a85b29
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/what-input.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4678
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/justifiedGallery.min.js?ver=6.1.1
50.87.170.207200 OK 6.4 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/justifiedGallery.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18351), with CRLF line terminators
Hash 98fba7dda8670467f12643d2f1c980fa
bdcfd11814b5ac18446ef67c9f21bc636b972b32
d21749ec1434cfa81e0aa6ec330f2b47d2223777c0ba124a8ea49b5e5700010d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/justifiedGallery.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6360
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
50.87.170.207200 OK 8.3 kB URL HTTP/2 rtff.nl/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:45:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8344
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9277
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 12:17:07 GMT
Connection: keep-alive
rtff.nl/wp-content/themes/noxe/includes/assets/js/selectize.min.js?ver=6.1.1
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/selectize.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash 5ea5d3886593f5b1db8b4957841e652c
01ddbd2a584162c9b04496b0f59a4fbccff8aa19
333bf9414b8721d7979db5fcee71e15bf621018f6eaea3ef10d236d379f4dfff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/selectize.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16175
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-user-box.min.js?ver=6.1.1
50.87.170.207200 OK 272 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-user-box.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (614), with no line terminators
Hash 4b2663b4bf56a626f8220e49c948006b
1eaa0064c80e655e2363571097e17d13163713c7
2536eb8cf7baf7767158230364a51cae36137a3f2525df0c2f4ec39ceb6de883
GET /wp-content/themes/noxe/includes/assets/js/gt-user-box.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 272
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9277
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 12:17:07 GMT
Connection: keep-alive
rtff.nl/wp-includes/js/comment-reply.min.js?ver=6.1.1
50.87.170.207200 OK 1.5 kB URL HTTP/2 rtff.nl/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2946)
Hash 92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 08:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1477
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9277
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 12:17:07 GMT
Connection: keep-alive
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-google-maps-infobox.min.js?ver=6.1.1
50.87.170.207200 OK 2.9 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-google-maps-infobox.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8882), with no line terminators
Hash 43162ca66cc9e94ffb2c227544d3852e
72d05b16103340bedaeabebcddc15bde17b74adf
e8dbc66fcff4f7251bb7ed06527a80106fde408b691d884594595c0d98991c9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/gt-google-maps-infobox.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2924
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/instantclick.min.js?ver=6.1.1
50.87.170.207200 OK 2.9 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/instantclick.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5800), with no line terminators
Hash d2671ae6e34f7c1e18b5375325490583
e284ac06bf09a250815595facfb978155f9a3306
9d820659e521ce9c9facbbf651699c4d20f1850faa910f3b165c5593d7a5d514
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/instantclick.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2861
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-google-maps.min.js?ver=6.1.1
50.87.170.207200 OK 3.5 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/gt-google-maps.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17801), with no line terminators
Hash 9f71570b28d90274daa7b825ca8d6a13
729729c57dbd44e337f9ffebd66a75d5d6e1492b
734a0c173a81e06090c3b8f730d82d48192858805e35a4b11324087f7ca3fe4f
GET /wp-content/themes/noxe/includes/assets/js/gt-google-maps.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3540
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0
50.87.170.207200 OK 3.3 kB URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8853)
Hash 5e64f5fd6495dfc1fc6e4e09633ce3c6
f25ab01843b551a17392b49e62de0ee55b3b42b2
9a1fa9a504e2329245fe415f0ac5642579a9a745c854f6e9a1ff6cd01f5b604a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3306
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 51742
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
50.87.170.207200 OK 7.2 kB URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20096)
Hash 0d6847600aac71ee1e060272e8795d90
efcad83a912cd1d9fc5ccb901169769ad268e378
8c105b6acc26cfa2d4cf910c10044bd1e39fec92333adc9fc43681ede25ce103
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7183
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9277
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 12:17:07 GMT
Connection: keep-alive
rtff.nl/wp-content/uploads/2022/07/picc-150x150.jpeg
50.87.170.207200 OK 5.1 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/07/picc-150x150.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 8a2cafc14d5ca870148339c6ade2c48d
fd6612fedb31d13defee982e068646c7835d14dc
d2fbb30b5c153af4cc2a93695b8357bef2e6cdd6ea901edd6128987478cbb7f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/picc-150x150.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-type: image/jpeg
content-length: 5106
last-modified: Tue, 26 Jul 2022 17:51:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Calligraffitti%3Aregular&ver=6.9.0
142.250.74.10200 OK 4.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Calligraffitti%3Aregular&ver=6.9.0
IP 142.250.74.10:0
Hash f6fddedab4a3a048739f0aa8cf4ec535
27e974b3d0c13cb6bca1690674f3816cac649220
43f41636787a8d79aa643b1edfccac1d7510a799bfb322f507aa42d795398323
GET /css?family=Calligraffitti%3Aregular&ver=6.9.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 12:17:06 GMT
date: Fri, 25 Nov 2022 12:17:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9277
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 12:17:07 GMT
Connection: keep-alive
rtff.nl/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
50.87.170.207200 OK 14 kB URL HTTP/2 rtff.nl/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36548)
Hash fd78079b5bb7ba132ca4ff2b9a1d7a01
685463955947d5c2bd18ed2fa84bccb2e42eb381
0889031ef8e7431839189876b3f1ce668972c05db3fbc5b63f0d067d520f1bb8
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:45:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13813
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/07/logo3_without-back-288x300.png
50.87.170.207200 OK 30 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/07/logo3_without-back-288x300.png
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 288 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 55c52fb9b21ff4bbd514ca387aebfecb
257986684abc2d263a3bba7a910a526a0e4111ad
b15b217a1a4d5d7c2ab1c774d1894e07746ce46511072ae50ec34938fd1fefd7
GET /wp-content/uploads/2022/07/logo3_without-back-288x300.png HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 16:52:05 GMT
accept-ranges: bytes
content-length: 30027
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:00:34 GMT
age: 51393
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/07/logo3_without-back.png
50.87.170.207200 OK 76 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/07/logo3_without-back.png
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 490 x 510, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f5b65bb570c56f98e8c39835eabf4ad
dde7985d4520671025e0a69d423c3b58707c3dee
0fb9ed6ccae1891d68657a1588918fabf34f039a06e4a1287ecde383df33cd64
GET /wp-content/uploads/2022/07/logo3_without-back.png HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 16:52:05 GMT
accept-ranges: bytes
content-length: 76036
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Arizonia%3Aregular&ver=6.9.0
142.250.74.10200 OK 8.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Arizonia%3Aregular&ver=6.9.0
IP 142.250.74.10:0
Hash 604fb720a84bf792c5d5af04711f3518
5aafbd7777b89a85124ee64e1ca8c6b1b0f1ad3e
cac5647a806e2d5c4ea282756991ea06162ca88fa14b91bb939615a70b144b54
GET /css?family=Arizonia%3Aregular&ver=6.9.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 12:17:06 GMT
date: Fri, 25 Nov 2022 12:17:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 51748
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
use.typekit.net/af/ed2089/00000000000000003b9ad9e8/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n6&v=3
23.36.76.122200 OK 13 kB URL HTTP/2 use.typekit.net/af/ed2089/00000000000000003b9ad9e8/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 12848, version 1.0\012- data
Hash 6327cfd00a85792754cbbab12a4f1599
188353c6b1034ded707d6bb542a99d2c5a9c5dc0
ec062780ab5a1ab0c8d9f2adee89684786f0be13ce017232a0932c2a5686da7a
GET /af/ed2089/00000000000000003b9ad9e8/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 12848
etag: "aa28f6850869607c236cd169f2bda147bcce6564"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 25 Nov 2022 12:17:07 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/26af32/00000000000000003b9ada10/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n4&v=3
23.36.76.122200 OK 13 kB URL HTTP/2 use.typekit.net/af/26af32/00000000000000003b9ada10/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 13228, version 1.0\012- data
Hash 5d0355bc080c11a06e22e27b1e452048
96873fc9bd8db57238b82d8149c43db1de673c2e
386dd0620ecb4c59dad74faaa45cb7fb710c311062676a6164f76223a0e476ae
GET /af/26af32/00000000000000003b9ada10/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 13228
etag: "7896f5fc706091dcf6239c70f0f27f75eaeb5046"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 25 Nov 2022 12:17:07 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/e3be10/00000000000000003b9ad973/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n5&v=3
23.36.76.122200 OK 13 kB URL HTTP/2 use.typekit.net/af/e3be10/00000000000000003b9ad973/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n5&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 13088, version 1.0\012- data
Hash 92bcf03c5f78f50e740b2e95675d1fed
faf0c7a55451dc849bdeaf0da39ef7ee49d1b8b0
265b9fcf435cfdc7ecf88a108d541e50fb8b33831e1a68c2cf28e7004c5a4e9e
GET /af/e3be10/00000000000000003b9ad973/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 13088
etag: "a9a20b261232abd293b70783bf4af3da9ea00970"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 25 Nov 2022 12:17:07 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/747436/00000000000000003b9ad9d0/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n7&v=3
23.36.76.122200 OK 13 kB URL HTTP/2 use.typekit.net/af/747436/00000000000000003b9ad9d0/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 12796, version 1.0\012- data
Hash 8b002d5b4d8d1e66c2fda4ddf71003eb
4fa1cf19dc000d85b3b6e73d9878a2aedb20bd1f
3e18dcfbac33ddb3a5081ad6a68d8691aa1b8a25f5d44087fa278443732c140f
GET /af/747436/00000000000000003b9ad9d0/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 12796
etag: "1e85d1f854aa89211249577ba77bafdfc95928e5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 25 Nov 2022 12:17:07 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/854e12/00000000000000003b9ad9d8/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n3&v=3
23.36.76.122200 OK 13 kB URL HTTP/2 use.typekit.net/af/854e12/00000000000000003b9ad9d8/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 13020, version 1.0\012- data
Hash ad060ee3fe58b98e30a7a3de49ca278e
cdf79653db41c606e1e062e11015a5fc613850d3
73ecd7bb0d71e9e125e533b18f6e91dfc4b2a3c566e3a0703abd6083ed29b523
GET /af/854e12/00000000000000003b9ad9d8/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 13020
etag: "29c48a7c4516faad4a3c377b4158dd8863d64604"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 25 Nov 2022 12:17:07 GMT
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.4
50.87.170.207200 OK 1.3 kB URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.4
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7043), with no line terminators
Hash 23030da399d26bb36e2effda3c58d488
2480e4b14c65a29b6013515cea8a55a6646aa85a
026d41f0bbec9c4116e05c06d43d3bbae4e9ec0975f84140565760431eaa88d7
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.4 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1294
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/tweenmax.min.js?ver=6.1.1
50.87.170.207200 OK 51 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/tweenmax.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7db5c87bd7432ae59559adb0148c0815
525a387a9dd9f50a648909013e4c42d82ec183c1
f13607f849bed8885417b2210e3a32604a0f5525b8e202286b963c2e94c2c05a
GET /wp-content/themes/noxe/includes/assets/js/tweenmax.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtff.nl/wp-content/themes/noxe/includes/assets/js/swiper.min.js?ver=6.1.1
50.87.170.207200 OK 47 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/swiper.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 44344c00d3e7cd0cffc0d5c623833c47
5246307b1c5bb1925c0c7a5c227182d694852946
b3482b4ef3d2a02cd2da4426cd5a60687c296c9f498e251ee4f25540376d3e89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/swiper.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29868, version 1.0\012- data
Hash 8b26cc331e323dda95ea6d0dcf4d7542
1f6b0e5440044f6aa75b1f73d2f9c63a2f75bba9
2d5059c07b957f989ee2ed276e1f6d20428f4d3ed2523e7c305bd3e3ebc092ec
GET /s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 07:10:56 GMT
expires: Thu, 23 Nov 2023 07:10:56 GMT
cache-control: public, max-age=31536000
age: 191171
last-modified: Tue, 19 Apr 2022 19:09:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
50.87.170.207409 Conflict 83 B URL HTTP/2 rtff.nl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
fonts.gstatic.com/s/arizonia/v19/neIIzCemt4A5qa7mv5WBFqw.woff2
216.58.207.195200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/arizonia/v19/neIIzCemt4A5qa7mv5WBFqw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31680, version 1.0\012- data
Hash 04dc2f067de38a3e51fa2e6b5e2f576d
e0eebe8e93aca04b1c6adadd5351e59da8aa25e5
4d99cf069da9edb529bd4172551f70e539b15f5490091dcd77513e93e34b3d54
GET /s/arizonia/v19/neIIzCemt4A5qa7mv5WBFqw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 21:14:28 GMT
expires: Sun, 19 Nov 2023 21:14:28 GMT
cache-control: public, max-age=31536000
age: 486159
last-modified: Thu, 21 Apr 2022 16:39:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/main-page-head.jpg
50.87.170.207200 OK 223 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/main-page-head.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 840x360, components 3\012- data
Size 223 kB (223436 bytes)
Hash 484984150635706e1f1bcd698d27dd7f
a4a55c9c1ddf547eda6883c49941e08ff73c0afc
8f2d06e08b4fedffa9d13fa081770c3436e83af0cb0e16e0762841fcd7208b76
GET /wp-content/uploads/2022/09/main-page-head.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 17:10:20 GMT
accept-ranges: bytes
content-length: 223436
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/07/back1.jpg?id=4693
50.87.170.207200 OK 1.4 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/07/back1.jpg?id=4693
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 26x600, components 3\012- data
Hash 808958a3e7f682249b54a55d3e56a040
377851a9d26f5636bbee9ccb07cee9a706347c57
ba4c1c1e8dc9106bd749ec990b50b9fa9db5f9a9fc650f33a48253388f513795
GET /wp-content/uploads/2022/07/back1.jpg?id=4693 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Jul 2022 18:06:26 GMT
accept-ranges: bytes
content-length: 1370
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/07/now-bg.jpg?id=4622
50.87.170.207200 OK 294 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/07/now-bg.jpg?id=4622
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, baseline, precision 8, 1920x867, components 3\012- data
Size 294 kB (294515 bytes)
Hash 2a4fa5b81d46791d56688d74b9047ae8
2df13f1a05c0d76a3563afc2feea995d79e1b337
25a0e6319e23bdc2b790260f1606543bbc42ecb9c2ed3051bc5cbde008ec681f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/now-bg.jpg?id=4622 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Jul 2022 14:07:22 GMT
accept-ranges: bytes
content-length: 294515
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtff.nl/wp-content/themes/noxe/includes/assets/webfonts/fa-brands-400.woff2
50.87.170.207200 OK 106 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/webfonts/fa-brands-400.woff2
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 105536, version 769.768\012- data
Size 106 kB (105536 bytes)
Hash cd2b4095e9ce66cde642c3502a4022d9
a280ecdddd14695fad22599301ab03adfe5224c0
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rtff.nl/wp-content/themes/noxe/includes/assets/css/fontawesome.min.css?ver=6.1.1
Cookie: pll_language=nl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
content-length: 105536
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: font/woff2
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/webfonts/fa-solid-900.woff2
50.87.170.207200 OK 154 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/webfonts/fa-solid-900.woff2
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 154228, version 769.768\012- data
Size 154 kB (154228 bytes)
Hash 55b416a8df21f9f987aa352f10d1343b
2717f3f58271f2f2e6120d9937c7227002656d34
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rtff.nl/wp-content/themes/noxe/includes/assets/css/fontawesome.min.css?ver=6.1.1
Cookie: pll_language=nl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
content-length: 154228
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: font/woff2
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/omar-7.jpg
50.87.170.207200 OK 158 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/omar-7.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 420x600, components 3\012- data
Size 158 kB (157802 bytes)
Hash 7fc5024fb558d18da17e5b3043bb061f
8e02733f9c27bf85d055de29eb8c511c96baa617
8b21134d5907158fc032141e8e447ecc849cf396c846f61892fd5681f70fbd36
GET /wp-content/uploads/2022/09/omar-7.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Oct 2022 18:37:55 GMT
accept-ranges: bytes
content-length: 157802
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/2989778-1.jpg-r_1280_720-f_jpg-q_x-xxyxx-1.jpg
50.87.170.207200 OK 65 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/2989778-1.jpg-r_1280_720-f_jpg-q_x-xxyxx-1.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 504x720, components 3\012- data
Hash 72b4f76030fa4aa73ecf3597ec27bee6
a733f0acaad3d5ef17303452283bf5887393e5fe
ed1c1407b77a01f0d4cb8bce206e15a2c813c6c28031c97b4adb0da7870abb7e
GET /wp-content/uploads/2022/09/2989778-1.jpg-r_1280_720-f_jpg-q_x-xxyxx-1.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:10:38 GMT
accept-ranges: bytes
content-length: 64938
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/fontawesome.min.css?ver=6.1.1
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/fontawesome.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9b3c30b18de3434ef5ca724e767f128a
641f0102aafb538c968077a4dd2823f73e1a6483
1b5c76e2f76fe396c68aa0a9ef69f79a2d596dca5972a0343249219475b6649b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/fontawesome.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/4977282-600x885.jpeg
50.87.170.207200 OK 72 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/4977282-600x885.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x885, components 3\012- data
Hash 0587dec8d9c581a2896a975c874414eb
118edf9b387f631bff3548bdfb4f8c31b1f3733f
59a3e8dfdf20b176e06dd82078138dd43bf394d45c7fdf2b6adefdbe832af53d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/4977282-600x885.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-type: image/jpeg
content-length: 72530
last-modified: Fri, 16 Sep 2022 08:30:56 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/AF_TR_POSTER_M-717x1024-1-600x885.jpeg
50.87.170.207200 OK 128 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/AF_TR_POSTER_M-717x1024-1-600x885.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type gzip compressed data, from Unix\012- data
Size 128 kB (127865 bytes)
Hash 4db4868e19ae519166b6a533be399d6c
10ce052dfb1af1e98bccc621b8abdecb22ae1497
4ec2478da5bb78db8610c0d54ffebc6433bb3012c02c93fd57504c76f5f56b98
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/AF_TR_POSTER_M-717x1024-1-600x885.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-type: image/jpeg
content-length: 61419
last-modified: Fri, 16 Sep 2022 09:19:38 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/BAGLILIK-HASAN-600x885.jpeg
50.87.170.207200 OK 101 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/BAGLILIK-HASAN-600x885.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x885, components 3\012- data
Size 101 kB (101048 bytes)
Hash 858a77097a186822fff127cac52e0b35
06f355cb606e05b693cd8c8161b1bd6097ced8a9
83c3d1d3a601a4fcc83eaa4a1d9e164bd0791c9fed479205da9cd990de8a40c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/BAGLILIK-HASAN-600x885.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-type: image/jpeg
content-length: 101048
last-modified: Fri, 16 Sep 2022 08:39:48 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/SADAN-600x885.jpeg
50.87.170.207200 OK 65 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/SADAN-600x885.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x885, components 3\012- data
Hash 11e05b8877ff34606843798cc0363de9
f411b01e7c0b186f589b115d693620dafd7b5b16
dadf370566b77d06a64e55970ff769a627381a82f14d38d7a16ed3ff4d7a86ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/SADAN-600x885.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
content-type: image/jpeg
content-length: 65167
last-modified: Thu, 08 Sep 2022 08:44:38 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/top-line2.jpg?id=8212
50.87.170.207404 Not Found 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/top-line2.jpg?id=8212
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 98ec05d721c2be3edc43dfaf50125007
0bfc73e66c304b6e4cbac5338488858ef6dfae3d
319c38e04b83753a777219d42079eef20f5284ea23f645feeea3cf99f8c03f1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/top-line2.jpg?id=8212 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://rtff.nl/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16521
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.74200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.74:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 25 Nov 2022 12:17:08 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://rtff.nl
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo.gloriathemes.com/noxe/demo/wp-content/uploads/2020/01/off-canvas-background.jpg
104.21.62.247200 OK 51 kB URL HTTP/2 demo.gloriathemes.com/noxe/demo/wp-content/uploads/2020/01/off-canvas-background.jpg
IP 104.21.62.247:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1810x1200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7dce84e863d2a237b34866aa2302cbe6
712d63376fdfc4edbd8aa5f419a2d277348e37ad
13bbde48ecec0b270ba9a2bf4f46c2a5678070a545f584d3836378a39674eb85
GET /noxe/demo/wp-content/uploads/2020/01/off-canvas-background.jpg HTTP/1.1
Host: demo.gloriathemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:08 GMT
content-type: image/webp
content-length: 50854
cache-control: public, max-age=2592000
expires: max-age=2592000, public
last-modified: Fri, 26 Feb 2021 00:53:15 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uflrrLDYyolMtjMuRu6hDRqDgGY4Azv78p9Rt8C8UZl95aVbCazG0vcAu9ciSweQ8E94XYj1nwMFHZZ6iufcVE%2FmzYoT77E2s2LyNY8GAXg5rixW2wRvV7zQF6sq6nHije4Hrs4PnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fa51c7ecd6b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 065b4d897673d47248830beebdd079ba
27aaf0ceddedd3d47b5528e6d80afcf6c4645e8e
7d9fe8337eb3131f0642372176370b56ed156c85aced0d32fbb97c608dff8d8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:08 GMT
Last-Modified: Fri, 25 Nov 2022 11:55:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
rtff.nl/wp-content/uploads/2022/09/cropped-icon-192x192.jpg
50.87.170.207200 OK 6.9 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/cropped-icon-192x192.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Hash e0cec0c527decc5addde176ee99ecf95
ff9c88e8185bf8f01bf88c8ee3208e1f2c3bf27f
9c8870447176a5955cb679cc2112a13ac7882a1f1904840ff677d26d91745f72
GET /wp-content/uploads/2022/09/cropped-icon-192x192.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 19:24:07 GMT
accept-ranges: bytes
content-length: 6895
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:08 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/09/cropped-icon-32x32.jpg
50.87.170.207200 OK 1.8 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/09/cropped-icon-32x32.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Hash eff9e5058239eaf45b4c11c6a0121e8f
a8b57f32485487f30b3e0ba4f5dded7ed203d957
71236fd5e6f32bae4892582c541b7c5034f38dd222bc532fe13c205df4aeb652
GET /wp-content/uploads/2022/09/cropped-icon-32x32.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 19:24:07 GMT
accept-ranges: bytes
content-length: 1834
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:08 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/?wc-ajax=get_refreshed_fragments
50.87.170.207200 OK 197 B URL HTTP/2 rtff.nl/?wc-ajax=get_refreshed_fragments
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (430), with no line terminators
Hash 6b1f7a97537e57855d14f90c9aee9167
2ef1d26dfb7f1addb2b4d589eae6b983726c8598
80b5dbbdb9082a209cb668e2016a02f3757ae8a1eb06c3ce6bb9ddffe44360e0
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://rtff.nl
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 197
content-type: application/json; charset=UTF-8
date: Fri, 25 Nov 2022 12:17:08 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/du-home
50.87.170.207301 Moved Permanently 0 B IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /du-home HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: pll_language=nl
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 25 Nov 2022 12:17:09 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
x-redirect-by: Polylang
location: https://rtff.nl/du-home/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
50.87.170.207409 Conflict 83 B URL HTTP/2 rtff.nl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp13-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp13-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 274c332590ec9c9a97f2cc2246a47865
051e9964a04bf7a855807db7bbb51b37e96c447b
2c3866aa3f756cb8e1512e02aa1954e00f94c63fa2d0f6c18e4a302b11bcd98c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp13-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19237
last-modified: Sun, 09 Oct 2022 13:17:08 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp0-300x300.jpeg
50.87.170.207200 OK 11 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp0-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7f1119fdd62c93aeb859d60286235032
a3423fcdf34587c1014b540c2094974b8f023278
8903b8642912a238cb74bde02c5f75efe9617f7576a244841b54e25663da7c4e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp0-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 10631
last-modified: Sun, 09 Oct 2022 13:17:10 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp11-300x300.jpeg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp11-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 257e6ac6cc8b5a2689afaf1ac2f4bd64
3088d6568f550e633c953fbe11c2f16673bef5e3
ebc2c94f11efb28171750b61f9dc9f13586ef4c12562d8df09f7271f8a05a942
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp11-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 16433
last-modified: Sun, 09 Oct 2022 13:17:08 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp9-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp9-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7c9e48864778d2844e81541bfb15d899
5891dde7cd7d6aca8956e3d11c34da00eb4e0b54
3f56415a686a829aad8f90a1f277e0e68f7401412f3c73ac0d7a39d2080a1b43
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp9-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18161
last-modified: Sun, 09 Oct 2022 13:17:08 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp7-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp7-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c9d0e671432111bcff91302a1c9bb5ca
c89968695c607f2025e7e392f9974418e0e83782
95e84d3205573c6c5d44f1c7c0198e7f45305369b3a72172c8ea4e046d8873ab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp7-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 20271
last-modified: Sun, 09 Oct 2022 13:17:09 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp8-300x300.jpeg
50.87.170.207200 OK 15 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp8-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 4bd068a2bae3a977d43e69fc81cc329e
086730be8177cad0d97ed7c56bc3c4eedadc1fdb
41af89cd7995bb4b3f21d7b2e1207c11c6489c5851d3d9bfac4f7b4edca7a27c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp8-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 15097
last-modified: Sun, 09 Oct 2022 13:17:09 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp1-300x300.jpeg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp1-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a6189b628d9f9378708182e16e21536e
45c0e3cd2ed564447c208b9441cc56099f52fec8
c63310619f65743e2be429ec075575f01a451e78004de4074476e5b26869faea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp1-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 17085
last-modified: Sun, 09 Oct 2022 13:17:10 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/gt-style.min.css?ver=6.1.1
50.87.170.207200 OK 79 kB URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/gt-style.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a8670cfc5bc6027f19997ae8cc1afa52
d79d8658df0abc13626058f249a9e87e78085bce
011a63466b3bae7f9115d7fd7d0a9e99ffcf7bc8c37e9ec8bdfdb0bbc21e6b2e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/gt-style.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp10-300x300.jpeg
50.87.170.207200 OK 9.0 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp10-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash ff52bdf88fc252bdb5bfda0e7a1fb36b
fe25183e809a2e6f733eb6877e3a460d388df783
9e7c944a303e32678ba021346915acbcd5dbd4bc235ff4923a92d955a74c0f48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp10-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 8986
last-modified: Sun, 09 Oct 2022 13:17:08 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic1-300x300.jpg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic1-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e406605068a0cdfb4b43e85a9b8bd7ad
1aa434c05255a5d634858774ba4773bd7e4f74c6
0b690d9198a39eb182c7c4e94fa00ccf3cce88cd7f5ab92fc83faa25eff63b42
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic1-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 25044
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic6-300x300.jpg
50.87.170.207200 OK 26 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic6-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash acb17f52c29234012a1ad3b97d545376
cb506f4c34c18b3d487a145feedb08edf059fc75
0a3ef3e4e7c0b54af90604b350325a21202bff94c66cee8395723cba15338d6b
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic6-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 25841
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic2-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic2-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 94aad5b5aa254e274e8c5fe6fb42a580
032e6f76dd0bd53c41567470aa4770588be44a1a
393b4514b3068ccef17623301a0521c0054cb83b6fd1d5fbc0796b5b474decff
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic2-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 20273
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic14-300x300.jpeg
50.87.170.207200 OK 11 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic14-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash b61f8dff6d2323f4c093af9be5a20a6e
753231496f7738c9e71f1eac15e3fda8b757191b
c1bac3993dcfc158173280bf79acc468956bff98bc7d8f5a7eab939a5e2f46b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic14-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 10950
last-modified: Sun, 09 Oct 2022 13:17:10 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic4-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic4-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 7717ba2980f881c23b1543db8882912f
44849d70ffce49f78871d9949a3d500f1200f06e
393c3cd08a6970237a8889ddeda5bdf305a63e447c0040a0e5f304b2e4bd7ed0
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic4-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 20947
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic2p-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic2p-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 8b279266fc5974c124bdd4771458ac24
6bbe9813f0d66010ea7c4e89bfcf582d1025313f
2da64fe38142203e40213b3086ebc7fa7646749e914d8bd0c294782a87cba5ed
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic2p-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 22743
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic1-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic1-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f7f1fe3e39af5080805d87e97e1aea86
fa3381f6d630bc67e542daef25abf8a63ace4267
c581954ca60c789f5d01b1ff769d3c7373525078bceff24c132b4ada0f33dddb
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic1-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:53 GMT
accept-ranges: bytes
content-length: 20374
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic10-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic10-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash dc84f847d4707671a042e0718aebf728
bdaa83d61705a4bb92ce0c9e1a47448c6b8b233f
ce683c64af23a18e56ba86d0981872ad4dc5193d16e05cd23a1e4e53af8e3085
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic10-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 22269
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic9-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic9-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 98c05c4eadcd2fe234144521849aa1e4
04df42bf33139ba1a8aca761a1fef563ed0b092f
79547abe122a772d1d4b8f7e33db7ddc7485d0263645512645cec5c3896e169c
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic9-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 27036
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic8-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic8-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 531ac4dc492b578c7488ab781efcd939
2ad30edd0ede9a02baeffd8bae344f8ec6be2d3d
b6583d17ab9efaff3cf2605e8f5f20966e356216f1196927ec3470107aa46d00
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic8-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 20516
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic15-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic15-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f712eb3caf8d67ed49cae6e2eb49ee45
e503cdce68836aaca9704afa094702d80e8bb684
936414092168763ea77a449d24c98140015655d5c8c24af5c50e676b738ca2b2
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic15-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 24522
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic21-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic21-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 27d8db02da324ba64819d087a9144561
dda55c70f92c17055c7174dc7d4dc5a932968207
675a91ff99da0d6bd2de3b18e4aba0b43e94c6ac62afe90c84838d37b938b6c1
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic21-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 24056
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic13-300x300.jpg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic13-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 0e41fc155333d7ce1bdc4ec2af7d10c7
24e6822af294482ee481e29a79d000c2b02df61d
10fabafa7eb916624fb2bbd9e59663915141c0373335f8e6c1847e89c2174e51
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic13-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 24761
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic3-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic3-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 28bce04cd759f022dd907fec8df7d503
96c211c3b1a02840c5d6c11c1498f05b4d34e025
17e1121278a1b248b8c5799b7aa2f3ac19b8b84e151644931090fa059d7cc714
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic3-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 18103
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp2-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp2-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 6d795ce3b68ae924602adc2a6c70bff2
c1e60608399a12a61f7674ad284f6f3284fc2df7
52115eadd438ace7b739366d7eaf3526ce15b231c8c810e7a97794f14c8dd741
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp2-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18790
last-modified: Sun, 09 Oct 2022 13:17:10 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic18-300x300.jpg
50.87.170.207200 OK 28 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic18-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 871d4e34e5d78a8396266f00aaed1a0e
64471039458ce371c6ccf7fc9155d87567b339e5
66b3e3be0f0378fba88cf0a6dcde966cea014606121504561d44b9b5a714f989
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic18-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 27478
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic12-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic12-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 8a68ae6c953662dada3140f5ecdfbaf6
282d5170a39fbfddf94792feccaa3e94ee971154
fe94542b5c9f2dc7665bd2b378ee286afec4768ea6983187fcacfb66ce5eabee
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic12-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 20878
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic17-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic17-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e282f1af76e397682d96de708f945191
75ed4782f0fc6a7a5ea0367bafd5dec994ad43d8
ae8db8eea6cd587c881cd579ecc5f80146be5530ac3fa6204af7d2f426010dc3
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic17-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 26758
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic16-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic16-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 10de851bc808fd55fd252ac1616409db
63bb5d8b249ed55a8b8527e6cd0065cebb33db2d
254e07638b35f3c88e6b24891b267d05173f5b5c22ca9148f90a36a72b003324
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic16-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 23634
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp3-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp3-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7aca49057e65ebcfc97f09df05edee50
499edaf08aaa823bfea42a395ca718f42ace514a
8071104cd95144d2820b26070eb13644b6246c6496bfa0306a8299f8d7d58064
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp3-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18509
last-modified: Sun, 09 Oct 2022 13:17:09 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic6-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic6-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 960804ab66da23ef7b715f3e92bcd1c9
4b949e9031f62b7c5b5758a452dfe593238c10f5
7c24a8ee37699d90a6c8c9f9e4ed9f89907bb3a1f0a32cd334a49659ec5b74ad
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic6-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:53 GMT
accept-ranges: bytes
content-length: 20210
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic32-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic32-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 4f46e675b36d75b6da1ebc08a61aa64a
8f6f11e73b6f197c74abe02eb409b7971485258b
c16d9089f76dfa7f59ef164e8a9ba2b259dce142414270cab1fc73758d1556b3
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic32-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:24 GMT
accept-ranges: bytes
content-length: 21864
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic5-300x300.jpg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic5-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash cbcfd51001b2d02f6eefb46341a41ae3
b2441197a233ed04979eda0440b4136e0f73948b
95333015ab0ebf7099e6470d26b52909a282b16a30d8d3544189751cb8bba5b2
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic5-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:53 GMT
accept-ranges: bytes
content-length: 16585
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic5-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic5-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 3a85c711d76969cbd73837e37ede5b9b
9cc3d5609b41549217385d9675b4806500110d1d
8992c68984d4ed2d2c0e420bdfbd1d9c8dbf7628569d527d72fc8a11923a2a8f
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic5-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 22148
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic24-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic24-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash ff9c5b7233796737aab93c8e1bf1851b
fb22b92287d87a0835d8565c81fed7d58e629378
bb482ab6539a5d8cb7898ca1ec20f1e1968fb6e8eb1264d4bf71c8670115561c
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic24-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 26598
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic29-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic29-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 38a584998cab307e5a7730deeec402ae
411d36076c3b20152ab538446b92922e1e83b079
7092b4474a91a8f3aa35b544df40d0182168f717130c8cc86099b52513da5050
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic29-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:24 GMT
accept-ranges: bytes
content-length: 22721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp5-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp5-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 125669a47f3b39c9a01db397415fb699
366cdf508152e786e6800cafd9a2e307e7ccea6c
9dcd133fc91fb7738eb69093a71fcf0868a3a9130c658099acb43ae0dfcc8db5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp5-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 17698
last-modified: Sun, 09 Oct 2022 13:17:09 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic31-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic31-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 68e6146441de0d5915573ff59a7adfce
24b38288b6f468fa77c483a872847e7cf174e90a
ac59a3bdaad862868f77146ea4a759893e0a0d8384a3def5a1b230f25ff787b1
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic31-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:24 GMT
accept-ranges: bytes
content-length: 22252
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic30-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic30-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 5f44b3411b5ddcc16e0470bcbe05d245
84f1bd905056c4e3adb64d81afd0bf0413e858d7
bb483a2a2d423717fdff4d8d1fc4462bb85b41166eeb9da78095b0df522df395
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic30-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:24 GMT
accept-ranges: bytes
content-length: 22483
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic13-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic13-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 799daf11d3f89fe621aca8e255bbd766
ebd8b1d74e9864538c863aa8e4c38542052c331a
1172b1a12309b88637c81ac15ba592d5af939f287c42e48dc65e5152b165257e
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic13-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:53 GMT
accept-ranges: bytes
content-length: 20516
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic2-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic2-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash ab4311e8757f1109d77010e3d681f45f
6306b9650f8b27800fcd2f39ded26aa40968cf38
3ff3820952d9ee040aee48d6c76ca44059c302c99f975b493fe9d3288fbf92ec
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic2-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:53 GMT
accept-ranges: bytes
content-length: 19981
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic27-300x300.jpg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic27-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash ddef6bcd9a5588aab0d06490252aee40
497ef092b03330ae2fb7bafdda4693f6f25d28a2
ce86b7814a9753be3d789dfc4df7023176d849d9796538cb07f2baa6b002adf3
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic27-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 16381
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic25-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic25-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 1825b15321bf0414cf11994274b220ed
d37eb1b8d14f4596b9ba1d1d08dd0431c1dddd77
e7236cfa57ef693624b90f357cd1475a0d494513d20ba63d5db15db1cbdd9fb2
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic25-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 27254
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic11-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic11-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash cf76d05cd43ece1e6b0db10e76874aa3
9f52fed0690951db3165ab3678e7e8256feb5279
6ac607b7e0887c1fdbc6cbcbb8ff36617e9f818c391d305ae3abfabe3273d7ec
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic11-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 26561
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic18-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic18-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 608d1206b3cb1dc90e8af44f98ec7ab4
6211c0ee269956fb9ce5266b324d12309d2d8834
00dde8cd6819f4e3634fc72b6822f3401a9dbc085abb6f8d8772fba0a9e3062e
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic18-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 19520
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic9-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic9-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash fcb0254e37aea154467de8ef13d6d139
59e31718c991e9dc06922e70e653e321c6d884fe
ccf71272540ea4107e445ae937277280b1075817a22d98a8dd314230d453f09a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic9-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 19928
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic11-300x300.jpeg
50.87.170.207200 OK 14 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic11-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 533beaa0ffb22abed0c800ddbdb90431
4be7e6d438296569397a1c93d7e607adbf6c3593
6cc5095d96818d97c88758c66e228a25ff33101c9eaad586d23013dec9117283
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic11-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 13476
last-modified: Sun, 09 Oct 2022 13:17:11 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic12-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic12-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e63b71fc63de36b758505df5bcd7610e
0426f8fa34b5015ad22bb99166cdbb7f57396f1a
f2c24aca99e3a037f5649e7bc125c4f5c1352fe09073f7e1a41956aedf33859d
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic12-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 23111
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic15-300x300.jpg
50.87.170.207200 OK 26 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic15-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e457dca41a853282bcf51a14ed2fa4e0
1ee9538aea8ed4b95edfdd239c45b2e2d6e86acc
9161726862e7beebe27133dadc224ddf8b51d407571cd2b51d419d9e7886431a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic15-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 26384
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic14-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic14-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 2717795d8faaa95e62eb70f58add5ce5
4f41300b10c03ac368d469d7a3f18bc25f67d626
ddbd20ddb4baedb289af54f434471de11904e9e0ff07a5703a7e435ffeec80b9
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic14-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 21265
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic11-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic11-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 3b8e39a412a563c8ddf25c4a7e256719
c0571afb91ce58fa610943467b12bdfd33d662b7
2b894700fa857501b72fc904dda56ea95c6f6024ec417a2572c9f8f5cc3a34ea
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic11-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 22668
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic20-300x300.jpg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic20-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 1f1692f3a4aad05fde0cf65f34b1d7d1
1fb21edcbec555c3e88ff65a178f1c775e01ba10
4d24f73b3c961939cb5066073f892bfda70b751c8c72af4f9d68d6df7b87f6fb
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic20-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 25394
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic23-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic23-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 40f774c59025d14ebc2683673876502a
32b012cccf691baba9fa69c4476ccfe8963e6eb4
d9d62ce48f851282ecb221de9752ea0642beac8473997277b3113c1d9ef160f5
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic23-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 24545
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic14-300x300.jpg
50.87.170.207200 OK 26 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic14-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 745a06e7dc3a09dc1244e49696e663c8
786591266cae19226d62f5b96f954ff47545d497
f0693419b0acf709c608a78d9a71f8e4aeb6bf733155a681625ebcacd41f024e
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic14-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 25551
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic7-300x300.jpg
50.87.170.207200 OK 28 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic7-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash bcf416b7ae94c7b80b650ab74b99a7ad
e384683ec001c6267b253b4f205e0c0629cbd0b0
d21b10bb8c187c96647fe76297ca4dc2acaa731f7ddf55da44738a45611a3c43
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic7-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 28524
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic1p-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic1p-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash d0c0ddd78e3a811cbb94be3dfa53f1f8
6baad0255c6433d2b52025d06a14d33804084313
f904a835c3f8e4958e8a430802eee1696ef0be64bf7c97d87e571a4d568a3359
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic1p-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:22 GMT
accept-ranges: bytes
content-length: 20282
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic28-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic28-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash c66d6810b606f6e3933121b905d27581
ff383bb546f813d52d4df7e3658f21af3677c049
92f2eb5b1ff9db04ac234263b7d59cd0b6d002ad75cc19dabc6fe93871bcd793
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic28-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:24 GMT
accept-ranges: bytes
content-length: 21289
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic22-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic22-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 26f242e3af17655694abd79504b2339a
410dc51b363063c2b2de636bd578976aad6c46a2
03364c4cffffb257ccaffbb6eaba920346f51b93c749d7b8e27e37d39dd79ab0
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic22-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 23769
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
use.typekit.net/af/357d2a/00000000000000003b9ad9d6/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=i4&v=3
23.36.76.122200 OK 13 kB URL HTTP/2 use.typekit.net/af/357d2a/00000000000000003b9ad9d6/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 13172, version 1.0\012- data
Hash 1aebb59001d0c9fb18fced78f34f0a9d
e998bda57bc45260a64350c8ebbeefd7ae2899e6
dbd96c11e0c6f51a850de243da419027ce2c943a76e6b2582441b486f2f2ac76
GET /af/357d2a/00000000000000003b9ad9d6/27/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 13172
etag: "1a16c0abe710d1eac6feafa73156cb736b0d252b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 25 Nov 2022 12:17:12 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arizonia/v19/neIIzCemt4A5qa7mv5WPFqwKUQ.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/arizonia/v19/neIIzCemt4A5qa7mv5WPFqwKUQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24456, version 1.0\012- data
Hash 7d2b8d9ec9bbc445c8511d96eb46206b
336be05af1c72a85cd8c99685a765cebd5cffb53
1eb2f829258e4e1bd2f9a45f3b81459957638e3cb0eb77d93e934898931575a3
GET /s/arizonia/v19/neIIzCemt4A5qa7mv5WPFqwKUQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 23:04:47 GMT
expires: Sun, 19 Nov 2023 23:04:47 GMT
cache-control: public, max-age=31536000
age: 479545
last-modified: Thu, 21 Apr 2022 16:33:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic21-300x300.jpg
50.87.170.207200 OK 472 B URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic21-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic21-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 16121
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic19-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic19-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 29f3f5089843dd58ae4fdb0092795540
eeffc1811efc23ab39c1b9c9563691b6b3d7bca1
a2b87f9641456d273d4c1155082a1b48aa85b508e64d301404efedc986960072
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic19-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 23060
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic8-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic8-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 1058969bfd135216b7705c9adb8b4263
0a8a6d4fac551c79fcc366d399446ca839ee70c7
ea25056646aca78c6a55ef508afb68b9fcf6b6bb592ac962485032703d9b40b9
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic8-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 20467
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic26-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic26-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 26dac9df7adbdebbda69e4701f1c3f02
cfddf20543b98a848357e1d59bfb5aa0b811ce8c
b5f065d517c3e8090182129e0d5bf367f4457287a2b09acf805c764996366164
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic26-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 19349
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic25-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic25-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash fcac33eedf13391825c9e36b6f7eb411
1ad482324981cfeab1331bd6687aba0ac1721209
6c97b68418f23b5971c403376d920a6016c2ef861a6e79a1d04e06f514dd373b
GET /wp-content/uploads/2022/10/07-10-2022-Rotterdam-pic25-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 07:45:23 GMT
accept-ranges: bytes
content-length: 18708
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic7-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic7-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 92a5c59690e7f02ac065ca1dbe5bfe28
2a21f5de763b9476f79ecfeca1cc9038ce8d93aa
72a79f8d73cfeb0e2e455166c961b868b8130bb8c7e23e4e96f28eabf38fcbbf
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic7-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 27379
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic3-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic3-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f025729a117efcf7bc37dfeebcd04a30
a2f699dfef03c50327a1a15a1b70f20a398cb332
56a0fb9bb622bf9be3b2a7a28d7e651f59b9692e7a11d7e2da3cee0cb723b49a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic3-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:53 GMT
accept-ranges: bytes
content-length: 19616
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic8-300x300.jpeg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic8-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 5b57ab73b902a3058cb15ea68baa092f
cdda8e5f319caaf8a3d89573b8705bf8da9a299d
6c9923acaddf0ee45fe17fc5cc70e6fea279bbaeb2462fb229ae45eddc98a43d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic8-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 17386
last-modified: Sun, 09 Oct 2022 13:17:11 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic10-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic10-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e9f11ffec6f01de7107f133549e917c7
989f93d3775fdd1bfc416fd042a4f61aaa7f194e
111659eb04732b4ba2aebb2f7359fae9e0cbb726802dc8fc2087b67d54702e82
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic10-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 24255
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic10-300x300.jpeg
50.87.170.207200 OK 13 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic10-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 847e9d493294ee61ba961b378d32a70d
5bd65b48ed0615adcd3e65d8dc8a365c3cb950ea
3e4ecf24d6232f45da80c43939fef5ae9c62feb49d7ef905fede90740e7d06e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic10-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 12937
last-modified: Sun, 09 Oct 2022 13:17:11 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic15-300x300.jpeg
50.87.170.207200 OK 12 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic15-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash dbfe9eba651ccf940cfa1abfbd353476
96d6070f9af8d81628b308a99a91b5309334c977
430673290acd93892be484dddb53a5766f232ce23fe4604410f074f9a30cc068
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic15-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 12436
last-modified: Sun, 09 Oct 2022 13:17:10 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic9-300x300.jpeg
50.87.170.207200 OK 14 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic9-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash de4ce3eda389c4efe2ea1829a127db67
4365f38af2d3fb8244c1ee602eeabba342a25edc
c38adc8f98398bf10c976abea479ee233e246fcc97afef33012dc84783f62469
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic9-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 14133
last-modified: Sun, 09 Oct 2022 13:17:11 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic6-300x300.jpeg
50.87.170.207200 OK 13 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic6-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 68191982cbdd56206cb51329b7fa5c1d
1f27b99b7e59181f752cefcb777991f790cb8a4f
587096fd32637ab32c67540ca447c4f652b88bf74851f609745f0f6d926a87e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic6-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 12617
last-modified: Sun, 09 Oct 2022 13:17:11 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic12-300x300.jpeg
50.87.170.207200 OK 8.2 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic12-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 4b8117bf97b3ec9f4bc80dd60e912eea
ac400e9c7c26baedac3cda839905c06fbf64adae
b1a3d59b74cd996ebb84381a233eceedb9f2b9b8e6a56a412e34fb5f9d47caba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic12-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 8204
last-modified: Sun, 09 Oct 2022 13:17:10 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic7-300x300.jpeg
50.87.170.207200 OK 15 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic7-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash e5ecc466f81551acbfa34c7405ae638e
cebb959f7e1a66c5c0c206c02617b6d114184dc1
d49475a3180cb353a5a2b1c163fe4688920ba366f6c009f82ad6aab01fada007
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic7-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 14895
last-modified: Sun, 09 Oct 2022 13:17:11 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic19-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic19-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 415d5c1a3f69abfd636a0fb0f0003ccb
dd6db4bcd4d1c06ef9aab056573fb0a041f1e103
906a626832c84a00720ca16e5aed20afc7f4506fca06a208c86450e69761611f
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic19-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 22561
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic23-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic23-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 1effd97f4ab40cd3b198894231710961
7db7d79fec4f5a0fcd2491a92d927c55d5d6e816
8784c517a39e1082130aa6c33b31119b29528a814bccc90187ed04673d6dee9c
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic23-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 19029
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic22-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic22-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 4598c436d64d64a46b6dd55812e174be
c0705f2c70a09a4347e5dc44e616cbd10ec3b1b6
afbaed4fdd8e1c1f279f3e47abda52749f6d374dab2cc102d483d98e1346c54d
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic22-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 21248
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic29-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic29-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 755ccd8351dc0d7f4100d7ae6fa3c7f1
0c1fd100bca088bb1a4560d3d6d63d0a32cbd388
1ff654ea5d6038bdda35ec0cef67ff5aa161081814fbe6b67a3a6602c810de9a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic29-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 24214
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic28-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic28-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 712a7284e268c393e9cdf34e5b37a5a6
b0f254142dd044c18cdbed4bb876eb4d04384cf1
8a79fed28f14907554bda9e48edfe2eee164e41ef49f5e0ca06cb9673454e22d
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic28-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 20540
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic13-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic13-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 734d8eb1d29e7f1559783adb1169d8ce
2827cc65145047ef22d1a7486c68fd515da6b3f1
0f065ce8d1ab84a2ed86b4deb7e82c71780d0588a8c9ff67e5a9e05e40cdbfd9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic13-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18233
last-modified: Sun, 09 Oct 2022 13:29:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic4-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic4-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash da952d74ab68ae68fe7b94220f3a407e
0ed45ecccc6a0d4e0c90ecc5218585fd8cfccc9e
a2f58e60cec99233da9f10ac13838ad913cde42d7b922f827dba2e409ebfc2cf
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic4-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 17919
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic27-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic27-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 6a6b1b3147ddcb1ef91192943afb0421
bb7def581017e6c99a440d8e3cc1c50caa831c48
d631f4560ad0653301a458b59948e15c4ba0e3d9eb97abafd8b73e7b02c22e3a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic27-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 24381
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic20-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic20-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash b1b5fedff55c0a945d4365dfc283f97f
12f7517407fe6df9dab0b2c17a7e8c83e7481984
32bd6f82789b09bb5d7db3c51e247c706f5087df9e91337d3467d62fe09c1009
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic20-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 23305
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp6-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-picp6-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash dff77ac6f153a492d251836e5edc6992
1a1abf831c030a249a358b96d3b26beeac6fe812
8f39f0965bf147de12fdde30e43be94a434ac57b0fb43e7397445c759f22c171
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-picp6-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18220
last-modified: Sun, 09 Oct 2022 13:17:09 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic2-300x300.jpeg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic2-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a10e20521a903c5e1873609ad11f880e
ea0b7392a5cd1ab300e37cca94a50d8e8f726693
6443fe0fa5849b1ca0b6fd2f141890a414b165bcb9ad7536eea0eb406b1ddbf5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic2-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 24705
last-modified: Sun, 09 Oct 2022 13:17:12 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic3-300x300.jpeg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic3-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash d093ddd061fc80980983505511c33896
db6b6087eab960fd818d9c316ca43a2caf012833
076bc1362d5df1b6a0e486b4dfc456d9e7f419307340a2ebe3a55eac3425247d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic3-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 24767
last-modified: Sun, 09 Oct 2022 13:17:12 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic24-300x300.jpg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic24-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 6024ec6cf9e5d0f746444350bc335905
d010edd9a32d7c6bc10e1416f1bbb6db13e379b5
ae0b9b4b67d92457fc4ccbe374227556d1cd5dac3873fe93b8ed44adbd5f82eb
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic24-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 16621
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic16-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic16-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash d0ed63241484aff4ffe7c9f34d32a973
4994968ddb86069b7c5e40722efa980e71db351e
7730c94a8b71702ef016cd1105c83b820cff14cff814f47c071932f383052cb6
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic16-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 18163
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic17-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic17-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f98cade2f6fbbe890a9e38d50e31d522
de42d109d10760017391dac5e05b8e9dc5539be9
ba36febf23bb9d30ef2211531e5f8bde13ad5448f9d4fcfd342eee994dfb15ba
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic17-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 19700
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic26-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic26-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 4bf1ddf607d3b9511421fe829ebaa5e2
4e71c6094d5ea2527521d1ca8a31957207e7a523
c334b5e1d11ce265ab44ce4577ab2f01de4fad73a6613288a3a0a4cdc3f61a1d
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic26-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 18875
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic4-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic4-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 86493774d9c685b394c0740cdb9066e9
760a71bb807a50f75f3a592c19e3faaecfaa3959
af02cfa64cb1506ae50d2b0738e7e5540854487d34972705e9a2236b0f94d185
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic4-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18479
last-modified: Sun, 09 Oct 2022 13:17:12 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic1-300x300.jpeg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/07-10-2022-deventer-pic1-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 00a9a632419754ca0fe357f2a974b37c
d1330959489db3784bf2b7500d9ba8bf4802d81f
fea97df9f5d1e7227ed81e0926edc339400f49fa9d5e767fc0d072e7e9f8108c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/07-10-2022-deventer-pic1-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 24749
last-modified: Sun, 09 Oct 2022 13:17:12 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/08-10-deventer-300x300.jpeg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/08-10-deventer-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7071a9af5ce7d8e028a4bd35a21f88fd
55a9820b03f04ef5bb578f24399bf5c9992704e4
e66a3584cca60bbde720057eec5ee4a9dfa34badf48219ebf0a973a5ea472095
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/08-10-deventer-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 22038
last-modified: Tue, 11 Oct 2022 14:03:56 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/du-home/
50.87.170.207200 OK 76 kB IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b08ca7277ca956d27e6839181b138c54
8d6bf5f3e621c923b5918a4d6509014baa040da8
dc3939ceab92ec5f9745e9c2e22c72e8f3953f5f5e0703472df922e71b73f8d1
Analyzer Verdict Alert fortinet Phishing
GET /du-home/ HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: pll_language=nl
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:10 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://rtff.nl/wp-json/>; rel="https://api.w.org/", <https://rtff.nl/wp-json/wp/v2/pages/8446>; rel="alternate"; type="application/json", <https://rtff.nl/?p=8446>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic42-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic42-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 1040380f2a2a69ab71e926bea9675a88
20c0e705225abecc46d818603a879fa5b6d17a7a
c218fe2203aa7b82377b652e55742439e301e0f3c009455b83a6b7bb4978308a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic42-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 21205
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic35-300x300.jpg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic35-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash aa1bccca0783e6b334b2d46bd697de0e
6d93f8c55662ee795f423bece22018006a81a59b
9b7ee449e6a6605a49f38816cd815d7837d22c5e6e7829cef4db8a21b8f563a7
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic35-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 23762
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic33-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic33-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 7d5da5a60f3a401366a5f485e5b16f55
f78f50907be2c0e712b0f2021b449481b15a3a96
85408786340c650dbbbb7ed11191c95b18d9559482647ee6efcd1f0f306e183e
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic33-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 22062
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic36-300x300.jpg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic36-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 9a38295750b870f9e0492cff5d6155c4
8ec5a0867c60f7e4b366c7c18a698aee84af7e7d
237a21a8de2917a23b8d205675e616dd9c6ced1580b45d37dabce1d0ed4e6d67
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic36-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 17384
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic39-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic39-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 682a105e5005fd231f5b05416376d0a9
8d30e792f8ff18aa001e4e54572314e98a36bb91
acc8069e12b0befa232a817895b193453f6bdb8f1e3f5f0875a8a6baa325d850
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic39-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 23158
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic34-300x300.jpg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic34-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 64f8cd3d2931f470a33e1feecda89af4
d816c6275d11d24da3f21bc3ad8c49694dc43b68
b8d3a7a82ebfe84c39a4eaecdb252f431ce2320142946ce3c937cb16f8cd2da4
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic34-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 16503
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic32-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic32-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash c1d9cea8f8b9810400539d118c49b13d
ef4e16f3c7f69fc70bb4d2bca11f61801aba4fe4
13072ebb21d942469b23525d91353a8dc10096cc407dc8d838fd61406a69d2c1
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic32-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 17974
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic30-300x300.jpg
50.87.170.207200 OK 26 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic30-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash bcc2e64ab3269bb9b2edf10e56f17bbc
b4de6d750481fd467fd0b28089b73b66d2274700
d7499ad35ffdb4a9260989b3b981cc3675044e39c86bd426b58385779fa77a9e
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic30-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 26511
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic31-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic31-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 8cd3a5a95ccceca63a13a5cdf635dfd7
db36a06a44305c9f7097c4ca0cd1183a0cd399a4
7953413e1953658201c0e6dd9edb28b9a587a7ba895d05b2b3edfdfcf798f7b4
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic31-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:54 GMT
accept-ranges: bytes
content-length: 21744
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic45-300x300.jpg
50.87.170.207200 OK 14 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic45-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 53c325e418061cb2f2f0f60e6976d0e9
6eb02012a284a0a66a5f4e11d7ec10f082ee1959
72186f5ea66355102c5ce822e3f13f3773e94016f838e5df6f3c5bf5c5c40ea0
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic45-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 13948
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic38-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic38-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 52c34cc70314b49ca4fb6318924cae24
aee3bdb7fb9cd726d793876d3a85eafd17acb0fc
862b554b2ad843e9fa7ab56c122e70e34dcbc6db0f1d11d9baf09621ba5ca926
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic38-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 17542
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic41-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic41-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 80593ca83ab150cb299dbe1574819a17
3142bdae164723c8fdac653506f96ae955f3c3c8
5747a76e13ccd6713a11c7abfa5a6f72430289618a6fd05a04fd8df3007bc90a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic41-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 19885
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic40-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic40-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 33582f048e8d64e1a92947a187692524
93e1e1539b67ec508957e09f89dcb1c3831f1081
b2006154db8086bc7b1ca2605ab3fbead89c6d10f40a9f336d1bbb7607daf226
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic40-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 20820
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic43-300x300.jpg
50.87.170.207200 OK 27 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic43-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 5bc8215252d157f2a6a357fd8fb86523
516ae1ba45571ebb828f00baf57a1e86b22f0e1a
4d6979164d04bfcc9fc1c78e71f7f039fa07f965f0722f5aa3e894e0819dab1a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic43-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 26992
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic44-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic44-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 8c09dc38fc7108e03e9042bb19b776ea
cb4d8891968357fb00e6db6830482aea08156815
3eb1528c50a8d98b607141bb11f2ada6760a50c05dc7b2f9811ccdc3d7b8ab3a
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic44-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 18071
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic37-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic37-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e077f4e87f666a1d64ce40e28a30db2e
1463a8947711d0e2d7c02da5a32ccb292d44d3ca
108373b4d43d02b452f2ef610c45a9fefa198cd81008dcc71f10020f324bc392
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic37-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 19008
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic46-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic46-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 35f26c8c80825a193d6e2472f37f19de
a53d9beee8373814912e277dff15071d8ebbe236
886625047e21dadb6c1fdff080157e048771aaaa0806dd277998d5b4422261c9
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic46-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 19503
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic47-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic47-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 3be2785ce97e1d02a8e40181c4023fcc
8d11b47d85d56f53f82e2aa8041534a71f78e9ee
a4c6830fa9a878c54a990c3a12c2bb744f835605ff34ade6ee7be443ac246b18
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic47-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 17552
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic51-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic51-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash aa37f04f22febdb6dcabb1037d2ba938
aba367da7a8cb6f471a2a018a539c651e802f044
5f02987a82ea63a4f80ce9ad9d935a8cd5a51ec51e566b73af531d6a4fe4eb6c
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic51-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 19554
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic50-300x300.jpg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic50-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash d971c5f55a0accac5210c09d1276ebdb
a29876fab4c860692ad20ad3427c2a0b1bb319aa
7aa2653e1d6d4c698ee9317f2f34083c364695a3dc396cb7834418f4aa6928d0
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic50-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 15537
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic48-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic48-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 8fb3fdd8f18f60a5253f327d0e926d68
f14efd8f0c3ed8935c55eb3abdfe6db79f949855
c61e6e13019d29b864e4d0a2f48c7ae7e1f8fbcb697d5a581405fd4ee05487c1
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic48-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 18456
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic49-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic49-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 0bd88c74b1669301e633b7d81416a924
8de0fafd09d4cb84cce3e539c75d6af483b370bd
38e5e4e3b7950c7a7c63b9b672512bd95a300f1d0b570fd23f9dc21e8657ba5e
GET /wp-content/uploads/2022/10/09-10-2022-Rotterdam-pic49-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 12:39:55 GMT
accept-ranges: bytes
content-length: 20302
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp19-300x300.jpeg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp19-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9b8e392a0e8cb010d859afefdc10d53f
644b8131d22da902d68bf740c798697e1d169f95
99c1909403c94e4cb4e4d5a0682ab22ba0807db9d1388d9bf7a7285c91e3d6b0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp19-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 22326
last-modified: Mon, 10 Oct 2022 10:36:02 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp12-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp12-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 6b22c837c38511f085e5b1f3ba657c65
3db8e59a69b562044f068795d1903ed626d47f99
10296c6eaf481b4f72310d7c64aeb26c86233b04681a06c97f985855be17ac43
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp12-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 20321
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp14-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp14-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 36e5a33f246f737abec4dd404e7fd804
6662aeb64373a8ef9e5580e50b24b0fb7774af58
c70efd09144b512cf42e29a174f5657f4001799e074e1aafa2c731d964fc38c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp14-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18561
last-modified: Mon, 10 Oct 2022 10:36:03 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp16-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp16-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 89309a83ef9eae41861e573b24cd16e0
6ca449d9f6a477301d1410da174e2bf26b145931
e9a6f0b805af351f26bdc75b97be88a9119f9657aa6e9bae8dd4ae97b2b79d5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp16-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 17550
last-modified: Mon, 10 Oct 2022 10:36:03 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp17-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp17-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash d029a027659ca6fd0800bec9d6928b0c
70966869d27ecb6c6b64914ad7b5c5b60923fe3f
b3e7273ee8ffef4fef4d7c545d08f39ee90d366555101aacf5e7c11d9c214453
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp17-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 20463
last-modified: Mon, 10 Oct 2022 10:36:03 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp18-300x300.jpeg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp18-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 5227d83e30ca161e225bf79dadca53c7
76f4ac72e3609dda8c3655e02336010099f02cf3
d19257062127ac42eebcf994d46fb12502876c1b3071760942d1488a83a84bc0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp18-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 21122
last-modified: Mon, 10 Oct 2022 10:36:03 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp10-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp10-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash f68e6d479f60cd52d6be9180d237f9d9
e3a99f536f20d95b3a51506a674f593f9e240d19
87dbb8087a43d4e49b673ad8ec9352beedda485a126035aa4f89b3a1c0b7ec14
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp10-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19729
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp13-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp13-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash af9f510013a3cb684b611e08d610f227
04cdb3c9dc47ab08314fe0a322f06b4c56360328
4425df5f56e7cd9431874fd7467b87cb6ae56f49014dc556eb4d333e1f984134
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp13-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19522
last-modified: Mon, 10 Oct 2022 10:36:03 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp11-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp11-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash b6d76f4d02a4a0fd7cc9227d52eafcfb
d925966b41022ef890d261fbe02860f162d5567d
f7049748da2a19db3a99e571a3a47212c5bc6f1339c881b15795f94f63c7a54b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp11-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19013
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp15-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp15-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 43e897d5952b36f17a75e6869ed2d79e
dc19ade0690d2efc67e09d922d276581d9dcae4f
a38668a634804b85c7b488a775df9cd1575363571ef0a14af59109222636ddc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp15-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19625
last-modified: Mon, 10 Oct 2022 10:36:03 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp8-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp8-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash f214ff68a039e68c33f63d314bb4bf6c
da3aef9828761a900f9a618c6a35f384bcdb3e35
9badca0dbea429c79cb85d65bc77c07b854e7680ef4e76983a358e7d95ca23b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp8-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 20438
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp20-300x300.jpeg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp20-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 3287890af9d0aa173609720cb9272bc6
e25639d6d1183b890e4e0f4e93019f1cb07d1e4f
3591fbb2393bc4d50daa0f38dd51cbf090c99069024c7ffc9389bc22f40a04df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp20-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 22881
last-modified: Mon, 10 Oct 2022 10:36:02 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp4-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp4-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7ac1cda3f5393e1f8770a6a1d023b713
6698e0230e63f29fc4c87a497540b99e6ffeccfb
ea2980972f09d54d94c1146c200da279e24baf05a0723068900cd76f09da431a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp4-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19750
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp9-300x300.jpeg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp9-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash e02e798cf1b8149a8b02b73527fa22a6
9b7a941b85cae98db8d439568cac516348502e29
684c0d9e17bba45d3b1c5844b58b75353607e7e899533704a8b939f024712af8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp9-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 17117
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp7-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp7-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 31a5b71e3ad37a40d234268e59c96cc8
bcb5a92b82b83a1e3229d8e84bc487dd2a9b88c3
8c9d5538470f8379b28cde4a13f2e21f02551553724dae3d5a6706142cd33fe4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp7-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19681
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-5-300x300.jpg
50.87.170.207200 OK 11 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-5-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 7bb1935e6a4cebd0d53ef654bb4c8550
7abe0a5d439c07307f89dd01bf0f65dfd82ef700
60b5ca855a5f03b57f1f3a57d64312495acd0379ad9f116357da1f466c31ab86
GET /wp-content/uploads/2022/10/13-10-2022-pic-5-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 19:30:29 GMT
accept-ranges: bytes
content-length: 11140
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp3-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp3-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash ebb6f4d98e8bbecf3f0fa584860ba179
53c9d3700b1eb6979c1254b51a62000e9b32cff2
178bb3d6f20a43a160f2fb2dbfe3f5044201979df4fcc1bd4da76462849c79fa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp3-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18674
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic8-300x300.jpeg
50.87.170.207200 OK 17 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic8-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash eba3cbd0d0848332414f2b235482ee92
99f3dc6cf045ca5eb7fb23c7609fbc2ee466197e
faa0505ce22a1ae11422d229486f4ed5edd2496b26ab921a892920ae1a08dcc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic8-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 17080
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic9-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic9-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 8c5648f8bd221f90d11804f93f32371e
06d05ef71775d60c06b9377e0b9cc7203757c451
e3d89f4d13599da86852d2e2a1faf81585bfd3c398bd6c8eb14ee822b54a3d9e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic9-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 19153
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp1-300x300.jpeg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp1-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash b884d9cb61057c808740a0bd21b6abd8
bea66542aed294bc4bca9bd15f305c0f1f3d0d33
810a7f7d24a683559963380e8270c38cb8130442ca4f03f2083e7e7a65e2419a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp1-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 15890
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp5-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp5-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash ccab492855274052d9b5e7bc304e1616
371d7c9d019834a500eaf68e3ad1071e9bbfdd63
2762a6eafe29ba818eebb81adfcaed95afb53b75c01dd011d397d5a6d21c5acd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp5-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 18396
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-4-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-4-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f0b083def5fe9ccc22351a372d93004a
de8a0135796d47c663108f4cdcf3b3b4a7f6221d
7f1704378b86aba51b1e406f9265a318076cb43f843f48b3e3c18c09b53e4ac2
GET /wp-content/uploads/2022/10/13-10-2022-pic-4-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 19:30:28 GMT
accept-ranges: bytes
content-length: 18054
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp2-300x300.jpeg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp2-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7e39ea72db23ffd04d09e63493dfc290
1f4df4e55b187c32ba046835d62e4dbdde05b6e5
e541adecb5ce41e23beb5ffd1e8e61e840a312839c2a62f6eedeee44984dae4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp2-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 17476
last-modified: Mon, 10 Oct 2022 10:36:05 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic7-300x300.jpeg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic7-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash f6e9b3ff3c6b04c20c17fa65ed234afb
12331ca010b069f8d601ba30f54981121f26568a
837fce05cd2ca487f9d5a3eb54354c4d95232387577efdc776fdf7f837671a1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic7-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 22136
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic4-300x300.jpeg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic4-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 3c06dd1e98c04a10f10fe8561e2ad801
1ac82ed3671e9f91d21e335fb1f3a94778204085
905dcb6eab6df580287df93fa8f6fc9c37f3efa71fde988e2f32199f5c5f10f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic4-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 15856
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic2-300x300.jpeg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic2-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 580e821f98b17f96757faa652bac6de1
c3bd0e72728ae9e63e172416688e538a8339e082
af8b798bb7bb3f4ec3605675051c94c5c607dd093e76173e0fb2dcbd1d0c2236
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic2-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 24822
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp6-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp6-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 17ab3b927e65dbe042f34db1edbe177e
7b22b82eca3e9d2b814ea61b5116f2c7e6cb5a2e
fbbde9ab37722a8d23064810469d1556bf393cb21a80dee5ed36e8884e4bdd4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-picp6-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:11 GMT
server: Apache
content-type: image/jpeg
content-length: 19803
last-modified: Mon, 10 Oct 2022 10:36:04 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic5-300x300.jpeg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic5-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9814e6cd796d1b6ae3640aa7acfff2f2
a8e9bfa98661e5f0037e95b25a078de858c5e5b0
6083dcf0fe560bb7bd59b73f049f9704c211a98842ec22fac11f8980e043b1b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic5-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 20046
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-3-300x300.jpg
50.87.170.207200 OK 21 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-3-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 5834a67720a4c4293cd5624a6812e593
68be2c7914f7baeaebf8830c937940e06d31937a
2a2b18cea2de424ac44645550b79f2f0aa0c505d0b915a0186ebfc2284a3265b
GET /wp-content/uploads/2022/10/13-10-2022-pic-3-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 19:30:28 GMT
accept-ranges: bytes
content-length: 21184
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic3-300x300.jpeg
50.87.170.207200 OK 24 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic3-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash d6c48e8750b815228dae48b8688f4368
7fd1df6fe9f00a652af93915c901969da89eabf4
2c0ecc646de0c77db4f018a31095931ca6ee1032c04a093ed7489351c233e5d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic3-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 24346
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic1-300x300.jpeg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic1-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 79284f731b55807dd71404723db9f26b
1e9378cb2360e264955b5e46f84f0d843235d032
75e093ff88739e87f91da3d94f4c316a4cf6d5e86a032d6f5f640d701c5d3126
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic1-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 19278
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-2-300x300.jpg
50.87.170.207200 OK 12 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-2-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e3173ca494fa0bb0913d92f63abf15fd
4dbea078ec8ff9a2b2b7e467200fc839c5c018b6
95f1460fd7c6941e2d7b126bbf365ff90200f8ba8269e80d832141988a53655a
GET /wp-content/uploads/2022/10/13-10-2022-pic-2-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 19:30:28 GMT
accept-ranges: bytes
content-length: 12294
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic0-300x300.jpeg
50.87.170.207200 OK 13 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic0-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 2982d9fb874511faad8671794aeb4615
e4f82768cbe0059fda3ee0cbcd041799168ba7ea
d7132835ea35c21c86fe9ebc2e88534a6f64bc8ac1644a8dffee696693361f67
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic0-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 12645
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-1-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/13-10-2022-pic-1-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 26c51d1770358fbbee4c6e45bfd3b18f
338df973755971dba091a82b0f2b61177bd8cb3f
ae746b1a6365a8a65e68c997496aee253c6c195cba97d739e6322988428e2dd1
GET /wp-content/uploads/2022/10/13-10-2022-pic-1-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 19:30:28 GMT
accept-ranges: bytes
content-length: 23265
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-6-300x300.jpg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-6-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 7795fb0f410b19c2469e390774d88469
bdb76f343cc52d74e56a029e896f1c7fe98cb836
b5eb5183e209e7b1911f9b5bec2966a7428c4878b1e7400007e67a41eec2dfbf
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-6-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 24637
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-7-300x300.jpg
50.87.170.207200 OK 25 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-7-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 630502ced42e7a40ab578f56453f47df
48756ac32b99b0feb5e3f229660e6388031e8ab4
2b446e5b2fed4b1d66368d3cfe43fd2e9bedb40cc8a13752f723e3a6626b638c
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-7-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 24824
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-4-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-4-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 39508affaf1304da03a846f783e328e6
3b2805c5f09ac5d10a7a3fe41395af2e36b5b8d4
0c4fa17d62aaf67810578953a79b9049a767c9d7b521837b496245218639c715
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-4-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:31 GMT
accept-ranges: bytes
content-length: 18910
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic6-300x300.jpeg
50.87.170.207200 OK 26 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic6-300x300.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 8dc37312984ec75bf4ac32ac453e6aa0
7b66d81bf3c4119dcb04e585ec5c1519f9882858
842db056c64f1c62c3a54ac4950e4cbe083c90d0916cc3b135cab59a3d6d4abe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/09-10-2022-Amsterdam-pic6-300x300.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 26370
last-modified: Mon, 10 Oct 2022 10:36:06 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-2-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-2-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash e4f6e4ab3ba878d56c957e1978b78998
5d8a204d7feacd27f6db1369b57bd370d608424e
9265d3a8706162e0e712474c6762c2e01dfcfded0daf723b3bd34a6e12fcf243
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-2-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:30 GMT
accept-ranges: bytes
content-length: 19590
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-8-300x300.jpg
50.87.170.207200 OK 19 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-8-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash c1a505296315dd559d40f4e1538b09c8
b1e6c5de1eca2404a8b1e184165153e4de2ceec2
45dd21538d95bd619fcad592109656ce514f37bcee5817b941aebd941e011228
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-8-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 19246
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-12-300x300.jpg
50.87.170.207200 OK 23 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-12-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash afdf67a71f4d890c0edebfc582c4aace
be5d2afd9c47ddfe66dea55641fde3ca4296c136
7e960df573f091c8758ebedae72bc2dd2197dddd5859387ca8e8416b19cb64a9
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-12-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 22973
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-10-300x300.jpg
50.87.170.207200 OK 26 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-10-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 54ced134403ea74e8302125f7e1a2e55
2baaff827437ce1046cca8554585ea7092ca583e
0a99f16089570dd9306e216d49a4945f387e51a4aa8b5bd4b5a2d648de6ebabb
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-10-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 25552
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-11-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-11-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash d69392ee76c3e5da079785b62fc1dfe1
739601414ce5b4913646a69c4c972436baaf8640
e8fa89951e0546427600568fcb2f6a1c2cfa1bc8dda5afc4efb62bd7f1576736
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-11-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 22465
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-9-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-9-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f755a0477d2d2ba0bfbb504d1fd3f970
d3b1527f97a459f9ef1aa403c310915194664c3b
2ced1ea1458ad21d0484453887b77a21220065437de5c6db7e45941b779fefc8
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-9-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 21614
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-13-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-13-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash aaeaa63e054ad03f7cdae7d905e4e898
7360b8ecb7f8b9bdb068404314ca89ae62951f32
f0f7d399d3f64cdc6c5e2a7dff3229093f63c4d8a57ee9dc50cf953ccae35747
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-13-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 18113
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-14-300x300.jpg
50.87.170.207200 OK 18 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-14-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 403407f9730e8492970b966480476271
f4734c3cc0f46fd7b2c21b7c78fb6e4c8f18526b
cbd790abb78582617249d4e9f86111a21e0884e5bc6da748da405736c91a67b1
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-14-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 18318
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-15-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-15-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f8f24c09a110cd1362531edce28b2f02
d4b18c22b2ae85efc71bad1747f925e49bc119ce
5311f7a751b23b76b54640c5ffd56cdfc3d825bf74beb821eaabf7758f4891ff
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-15-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:33 GMT
accept-ranges: bytes
content-length: 19583
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-17-300x300.jpg
50.87.170.207200 OK 20 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-17-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 09ff3d2c1b9713d1d4c8578479757650
8665d611a3253b4e8536cd2972574f253fac6f0f
a00e5a1a282d7b2f9f3a14242573ce6705f775c193da34d81b931e3a8b8e1ffe
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-17-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:33 GMT
accept-ranges: bytes
content-length: 20483
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-16-300x300.jpg
50.87.170.207200 OK 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-16-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash b0b364aa5e6a6cd871af580e020431c3
74f97f5546144a18db5580876c0f94b7cd3a7aa9
39d36e3c5c37bf7c244c91fea0c8eee0ee6095d48643a53a44a739396d93eae3
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-16-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:33 GMT
accept-ranges: bytes
content-length: 15612
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/Go%CC%88ksel-Gu%CC%88lensoy-300x175.png
50.87.170.207200 OK 44 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/Go%CC%88ksel-Gu%CC%88lensoy-300x175.png
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 175, 8-bit grayscale, non-interlaced\012- data
Hash 087b86c90bedd91d26f7f21901373111
cdb4f3580997eae4a84c5031340b7ef387d04304
c8019a2193e5cf8a34db35f14d6666af2964679095033a44bd0de37a0124a8da
GET /wp-content/uploads/2022/10/Go%CC%88ksel-Gu%CC%88lensoy-300x175.png HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 06:00:59 GMT
accept-ranges: bytes
content-length: 44345
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/sabirzislik-zamani1-300x175.jpg
50.87.170.207200 OK 15 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/sabirzislik-zamani1-300x175.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 216x216, segment length 16, baseline, precision 8, 300x175, components 3\012- data
Hash 3392aeb3850df16855058e88b964ebef
3e04f63228de6dfdc51d8b38258a3f72abf20eff
b2dbc1788f2ec6e8079aacd5d203c0d27a60225b2972ca2cd243cb173d79fda5
GET /wp-content/uploads/2022/10/sabirzislik-zamani1-300x175.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 05:57:16 GMT
accept-ranges: bytes
content-length: 14618
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/condolance1-300x500.jpg
50.87.170.207200 OK 14 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/condolance1-300x500.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x500, components 3\012- data
Hash 91c90e0f576124a61cfe6ce600597da0
aebc7b58b69225ed2ed7a67db6564bc60111617f
c4b7ff7a4550321ba56dc7236a3ab3e15578a1b5b629df408bcf75824e8c35d1
GET /wp-content/uploads/2022/10/condolance1-300x500.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 13:06:59 GMT
accept-ranges: bytes
content-length: 14389
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
50.87.170.207409 Conflict 83 B URL HTTP/2 rtff.nl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=6.9.0
50.87.170.207200 OK 2.5 kB URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10211), with no line terminators
Hash 1975d1c3804f87df6a44aa0282f4cf7f
d547541663339d5c21b2a15db3a6a1504b531773
43e0db41fc902dfff00a21dbff0250bcd353da3025369e7087bbed21a1366d65
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2497
content-type: text/css
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
50.87.170.207409 Conflict 83 B URL HTTP/2 rtff.nl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.9.0
50.87.170.207200 OK 866 B URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2137), with no line terminators
Hash 01fa1b05d7c5a5cb0a16eebf8f7f3e09
f83401cdb8ca402f182c9ec21a33848f8b5d676f
940d6dd0568f191defe8fa6e7e0c6909e0fb2cb52208bc2fbd3378691d64eefb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 866
content-type: text/css
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=6.9.0
50.87.170.207200 OK 464 B URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (619)
Hash f1fc6e005271afdd50b4af6d8b17619c
8d88455c38712c5173108e850c40cd18f74ceb2a
0d21680a75b3688d44b6b13026114577c7ca1f25d83af262e523e238ef08fc5f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 464
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=6.9.0
50.87.170.207200 OK 3.4 kB URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9557)
Hash 0f94f5361da1e2ccdd767f5c292d826c
6666edd4df2d10e18704ab6866b53bc01dd99883
44758f09eef9222760b857d071491f7581baa74a87c4df44da5d1fb9e587ea88
GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3433
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/js/lightbox.min.js?ver=6.9.0
50.87.170.207200 OK 3.6 kB URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/js/lightbox.min.js?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10774)
Hash 3d656cb28263faf51d36552dcc972805
788d9b26445a6212a9587a1082557196e31363c7
f50d77c7c3b0bfda01ed800b330e2e7c45d619f211ff35eb4f1d117692f4c4f9
GET /wp-content/plugins/js_composer/assets/lib/lightbox2/dist/js/lightbox.min.js?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3643
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/main-page-head2.jpg
50.87.170.207200 OK 65 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/main-page-head2.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 840x360, components 3\012- data
Hash 78d2d6eba35339fe7e0e07c4182f9a4d
1ea3840d2dd6c95cf1b2f4ef72554934b1a2918b
f5e965258fbae5f20c8defd29f7aaf7cdd7553101c57d7d819cbdd2ba03d5fbd
GET /wp-content/uploads/2022/10/main-page-head2.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 16 Oct 2022 10:38:38 GMT
accept-ranges: bytes
content-length: 64971
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-1-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-1-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 02a940ed5bcfb73308d35f5e453062c4
a69429581075f69087c0d8bd0306dd6282644b41
7211ac7fdc1a834e8753ab48a4036dc0af95bfaaf3809966ecb0957156600217
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-1-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:29 GMT
accept-ranges: bytes
content-length: 22437
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-3-300x300.jpg
50.87.170.207200 OK 22 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-3-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash ec56a88b1d00191f963a452c04bd1d28
75bc60bddd621a5124cae98cd0ffea9c23c2b9eb
377ae191ac6189e73127c3d7d11c44bf2e13bb9bdca3bd4559abdf91f6364e3b
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-3-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:30 GMT
accept-ranges: bytes
content-length: 21718
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-5-300x300.jpg
50.87.170.207200 OK 15 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/15-10-2022-Amsterdam-5-300x300.jpg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash b0befe25d74e28e54c4ff84fbfb05a26
e84fa8bc69968dbff8e487c6c75256131b3cbb33
652595a30fae94f7435c923e00018fc4e53f4be56a488645ad9a4da3dd9a8881
GET /wp-content/uploads/2022/10/15-10-2022-Amsterdam-5-300x300.jpg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Oct 2022 08:38:32 GMT
accept-ranges: bytes
content-length: 15410
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/aydin-orak-kimdir-300x175.jpeg
50.87.170.207200 OK 7.8 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/aydin-orak-kimdir-300x175.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x175, components 3\012- data
Hash f864d3df2e5f4b19c303bcfa5b0a8fba
9cd53886064ea3010c73cb81bf6d5789eedda70a
b587637a1eacfadf2239b5050821549c45d668a5b164121deee27c7c6ecaa098
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/aydin-orak-kimdir-300x175.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 7837
last-modified: Tue, 11 Oct 2022 05:57:16 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/banner1.jpg?id=9224
50.87.170.207200 OK 129 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/banner1.jpg?id=9224
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1824x848, components 3\012- data
Size 129 kB (129106 bytes)
Hash efafd3b9dada2a883fa369fc49e34439
2229071ed091603bc1d04a5ffb892994373d9bee
69d1ec501e1ccf6ad690bd3c88505b58235170bec0944867badbc86558169553
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/banner1.jpg?id=9224 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 13:10:44 GMT
accept-ranges: bytes
content-length: 129106
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/I%CC%87lke-I%CC%87s%CC%A7isag%CC%861-300x175.webp
50.87.170.207200 OK 13 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/I%CC%87lke-I%CC%87s%CC%A7isag%CC%861-300x175.webp
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x175, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b27104c60767750d8f8ee45b8452ce9a
6a7a2a3cc6f7efe542adb9d0b958e7a8e3f59072
a8bc32ff78fa4b3952adb4ed7f722b73f330057b3769959d76727856817541e3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/I%CC%87lke-I%CC%87s%CC%A7isag%CC%861-300x175.webp HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/webp
content-length: 12576
last-modified: Tue, 11 Oct 2022 05:47:53 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/ihsan-temur-1-400x945.jpeg
50.87.170.207200 OK 55 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/ihsan-temur-1-400x945.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x945, components 3\012- data
Hash 2b7cdc054235327b396d1a0f5c664ad2
17ffe33c678b448a9e0745018ff13562490f622e
d2aefc7a41d6a410ac66c343e7e6b1bbe88b53eb52da9ada7dea42b05790a607
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/ihsan-temur-1-400x945.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 54718
last-modified: Tue, 11 Oct 2022 15:24:24 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/Go%CC%88rkem-Tas%CC%A71-300x175.jpeg
50.87.170.207200 OK 9.7 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/Go%CC%88rkem-Tas%CC%A71-300x175.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x175, components 3\012- data
Hash a591f519004aaec9ef2a0754bafd444e
647ea1ac5444d567361157bf24d618e8fa391f40
e2ffa893c9f91f30b4ae09af33ef9507707cb61c1c2dfd6deeff8a72bf4bc5ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/Go%CC%88rkem-Tas%CC%A71-300x175.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 9698
last-modified: Tue, 11 Oct 2022 05:48:41 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/go%CC%88ksel-gu%CC%88lensoy-4-scaled-300x175.jpeg
50.87.170.207200 OK 43 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/go%CC%88ksel-gu%CC%88lensoy-4-scaled-300x175.jpeg
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=Sony, model=E6633, orientation=upper-left, xresolution=158, yresolution=166, resolutionunit=2, software=32.4.A.0.160_0_f500, datetime=2017:10:13 12:30:49, GPS-Data], baseline, precision 8, 300x175, components 3\012- data
Hash 82b78591e0e3248d1bf363358ac2eacd
bd0aae7df063853e496b518cd2613ddc545a34b6
3628d16365bf9c012a584d621b78600785f637d4f33d13139abc170db008432b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/go%CC%88ksel-gu%CC%88lensoy-4-scaled-300x175.jpeg HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 43204
last-modified: Tue, 11 Oct 2022 06:04:00 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/banner-pic.jpeg?id=8854
50.87.170.207200 OK 66 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/banner-pic.jpeg?id=8854
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x512, components 3\012- data
Hash ebb28f4d2a6c4d668769ab1c2993e9e6
eaaff28c2566b664de6dfd73a2e7e26b2d858b88
2f5622b27d43fa2a4f4428c28ebddc00a48bfba3e4a7ef9f1073e9e39d5fdd9d
GET /wp-content/uploads/2022/10/banner-pic.jpeg?id=8854 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: image/jpeg
content-length: 66174
last-modified: Sun, 09 Oct 2022 17:05:22 GMT
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false
X-Firefox-Spdy: h2
www.youtube.com/embed/MW6k-aRoEOU?feature=oembed
142.250.74.174200 OK 126 kB URL HTTP/2 www.youtube.com/embed/MW6k-aRoEOU?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58634)
Size 126 kB (125978 bytes)
Hash 715cddfa820dfb80fd2801e7a938ed63
95bd0c622783eab2bc2bff72009660faa3b3682f
c3354510acfe42b59d1b476f28d3724dbbc8ca99b865487553ad2e2edfff2b69
GET /embed/MW6k-aRoEOU?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=DHpnlYSKqWc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=NdHn58FP8y0; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+832; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/O_Az7wjZV3w?start=41&feature=oembed
142.250.74.174200 OK 620 kB URL HTTP/2 www.youtube.com/embed/O_Az7wjZV3w?start=41&feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58628)
Size 620 kB (620079 bytes)
Hash 0cc84b74f790992e2a5dacdf099f9854
1d3dbcebfd36553267223f2bec1eb535644c534c
920541467bac07f306b84f5352945aa602eae85652236a9dbce979ce9814ff7a
GET /embed/O_Az7wjZV3w?start=41&feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=e8K-y3sPdI4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=N5y_5AU8Zyk; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+089; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/BBwtRUddY7k?feature=oembed
142.250.74.174200 OK 27 kB URL HTTP/2 www.youtube.com/embed/BBwtRUddY7k?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58643)
Hash e7bf3088717a071011d01d6f54a990dd
8882b6d54931a51fdd01f688487215f67f0df07f
71249369ac668dd3d80e1b52613dc279b726aba698abf9d5302ec5571dd804fb
GET /embed/BBwtRUddY7k?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NWAJv-ddEOE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=6XWQM9EsPIY; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+688; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/condolance.jpg?id=9346
50.87.170.207404 Not Found 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/condolance.jpg?id=9346
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash ef3b871687ae497faa1fe692769338dc
a3917445c8e4442eb661e491197aa0ef9d25e7e8
12b7443008d9052de3b5cbde0344083524be7e95811ac805099c68e9859518ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/condolance.jpg?id=9346 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://rtff.nl/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16521
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/dogus-haber.jpeg?id=8763
50.87.170.207404 Not Found 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/dogus-haber.jpeg?id=8763
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash a1fa93daebd7cafdf983b55135398c25
45b5d663582774c371e95410b017af4e9f8715bb
10939c1042c0eb9aa6991d13e906b9df4f219a4cd0d9e1c54367439860b0652b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/dogus-haber.jpeg?id=8763 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 16523
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://rtff.nl/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/cumhuriyet.jpeg?id=9433
50.87.170.207404 Not Found 16 kB URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/cumhuriyet.jpeg?id=9433
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 44ea7536fc6589c84e121483175dbd65
6eba59a13b23727be5ec94c95c67838f038c7804
1b69e6a5b20c2b4d6685d261558f5721e3b846164030cea1995d7e4b355d1252
GET /wp-content/uploads/2022/10/cumhuriyet.jpeg?id=9433 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 16522
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://rtff.nl/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.74200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.74:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rtff.nl
Connection: keep-alive
Referer: https://rtff.nl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 25 Nov 2022 12:17:13 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://rtff.nl
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 68387
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 60951c730d96e02c20219f2765873699
64d0ecb0d9001990841e9faa434d9239af4b6927
9eb0e510930409a6eed080afd7759a51ca4ecb58dd30ea04221cea917358f658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 12:15:21 GMT
expires: Fri, 25 Nov 2022 12:30:21 GMT
cache-control: public, max-age=900
age: 113
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 25 Nov 2022 12:17:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/pWfSZd6cI64?feature=oembed
142.250.74.174200 OK 27 kB URL HTTP/2 www.youtube.com/embed/pWfSZd6cI64?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58604)
Hash 314306be429c7333a140641da772f48d
7d1135885d99d527ab976f1590d0cd0e64d223bf
820c88edf0a681ed7bf7e209e5d48ab0f2eac7673341fd7db40dc3d4258ad53e
GET /embed/pWfSZd6cI64?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=oscAlrxusv8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=i3VflEXRgrA; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+799; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/1QG_ifVWWak?start=1&feature=oembed
142.250.74.174200 OK 27 kB URL HTTP/2 www.youtube.com/embed/1QG_ifVWWak?start=1&feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58646)
Hash 46988766db027802ec420573dafb3939
368f3f12800a1829c54f105d41b388450f2c7d0d
3436b21fc6ab9e60489d6756c30f911376b158de7fc399ce9464de3dc86f94c2
GET /embed/1QG_ifVWWak?start=1&feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=af2-wvcWBRM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=KKQCc0WGZ8M; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+877; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 25 Nov 2022 12:17:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 25 Nov 2022 12:17:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 60951c730d96e02c20219f2765873699
64d0ecb0d9001990841e9faa434d9239af4b6927
9eb0e510930409a6eed080afd7759a51ca4ecb58dd30ea04221cea917358f658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 25 Nov 2022 12:17:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/uploads/2022/10/back3.png?id=9307
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/uploads/2022/10/back3.png?id=9307
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2022/10/back3.png?id=9307 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/du-home/
Cookie: pll_language=nl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Oct 2022 07:06:28 GMT
accept-ranges: bytes
content-length: 98094
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Fri, 25 Nov 2022 12:17:12 GMT
server: Apache
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 25 Nov 2022 12:17:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/css/foundation.min.css?ver=6.1.1
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/css/foundation.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/css/foundation.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/embed/-Ch-oSuTZn8?feature=oembed
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/-Ch-oSuTZn8?feature=oembed
IP 142.250.74.174:0
GET /embed/-Ch-oSuTZn8?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0MvJAyUOaOU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=QVZ3oPazhf8; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+502; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/simplebar.min.js?ver=6.1.1
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/simplebar.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/noxe/includes/assets/js/simplebar.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 05:45:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/embed/qXjVECBXS8E?feature=oembed
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/qXjVECBXS8E?feature=oembed
IP 142.250.74.174:0
GET /embed/qXjVECBXS8E?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1IlSZqMCDps; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=88aN7rzp5-k; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+627; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:58:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/themes/noxe/includes/assets/js/fancybox.min.js?ver=6.1.1
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/themes/noxe/includes/assets/js/fancybox.min.js?ver=6.1.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/noxe/includes/assets/js/fancybox.min.js?ver=6.1.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Jul 2022 17:53:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.3
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.3
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.3 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:51:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Fri, 25 Nov 2022 12:17:06 GMT
server: Apache
X-Firefox-Spdy: h2
rtff.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
50.87.170.207200 OK 0 B URL HTTP/2 rtff.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 50.87.170.207:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: rtff.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Cookie: pll_language=nl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:45:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Fri, 25 Nov 2022 12:17:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/embed/Y3XiU-HISYI?feature=oembed
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/Y3XiU-HISYI?feature=oembed
IP 142.250.74.174:0
GET /embed/Y3XiU-HISYI?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtff.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 12:17:12 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=N4oCsCb02S8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5xsDwP9rY6I; Domain=.youtube.com; Expires=Wed, 24-May-2023 12:17:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+982; expires=Sun, 24-Nov-2024 12:17:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2