Overview

URL bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo
IP162.241.5.74
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-07-07 01:19:52 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-07-06 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo Rabobank Nederland
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/ Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/ (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/ (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/core/to (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/core/fo (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/bower_c (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/bower_c (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/n (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/t (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/r (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/c (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/i (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/i (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/f (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/0 (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/3 (...) Phishing
2022-07-07 2 bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/i (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx (37) 0 No data No data 162.241.5.74 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.77.32
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.7
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 35.83.91.138


Recent reports on same IP/ASN/Domain

Last 5 reports on IP: 162.241.5.74

Date UQ / IDS / BL URL IP
2022-07-07 00:09:34 +0000
0 - 0 - 21 avcipraxis.com/ 162.241.5.74
2022-07-06 21:09:51 +0000
0 - 0 - 19 bankieren.rabobank.nl.online-identificatie.au (...) 162.241.5.74
2022-07-06 18:13:34 +0000
0 - 0 - 20 bankieren.rabobank.nl.online-identificatie.au (...) 162.241.5.74
2022-07-06 15:19:35 +0000
0 - 0 - 20 bankieren.rabobank.nl.online-identificatie.au (...) 162.241.5.74
2022-07-05 00:14:44 +0000
0 - 0 - 19 https://bankieren.rabobank.nl.online-identifi (...) 162.241.5.74

Last 10 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-08-16 17:08:23 +0000
0 - 0 - 2 yasperfumes.com/lkk/index.html 108.167.164.71
2022-08-16 17:06:17 +0000
0 - 0 - 1 buyinhocomd.com/property/mdpg551096 192.185.78.9
2022-08-16 17:03:44 +0000
0 - 0 - 2 aimic.com/userfiles/file/92878385688.pdf 162.241.5.8
2022-08-16 17:02:09 +0000
0 - 0 - 2 www.reacredit.com.br/painel/wa/simple_slide/p (...) 162.241.203.21
2022-08-16 17:00:28 +0000
0 - 0 - 3 https://hostingparacolombia.com/i9dn32.rar 162.241.85.82
2022-08-16 17:00:22 +0000
0 - 0 - 3 hostingparacolombia.com/i9dn32.rar 162.241.85.82
2022-08-16 16:59:24 +0000
0 - 0 - 1 https://e-commerce.saleensuporte.com.br/z4voa7.rar 192.185.215.34
2022-08-16 16:57:57 +0000
0 - 0 - 3 https://lceventos.net/qqo0sk.tar 162.241.5.72
2022-08-16 16:57:31 +0000
0 - 0 - 1 crmfarko.manivelasst.com/e632uu.tar 162.144.7.57
2022-08-16 16:54:14 +0000
0 - 0 - 2 icscards.nl.online-identificatie.jaitech.co.t (...) 192.185.182.6

No other reports on domain: aulavirtualcecip.mx



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (54)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 07 Jul 2022 00:56:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IXhoIQQdrl7HwX7Ls9WSKw9S6KF73kgDu-uuCki_E956Njg888IQgA==
Age: 1394


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /rabo HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         162.241.5.74
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 07 Jul 2022 01:19:38 GMT
Server: Apache
Location: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/
Content-Length: 283
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   283
Md5:    252a7826138ce30241dcf6027cba1449
Sha1:   270b2c284e4c3a7672d438f5bc994f29fea5d386
Sha256: 14c7d645401bc73dbddafe781f782af89261d34024205865662e3e52bcde9eab

Alerts:
  Blocklists:
    - openphish: Rabobank Nederland
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8751
Expires: Thu, 07 Jul 2022 03:45:30 GMT
Date: Thu, 07 Jul 2022 01:19:39 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -zM7O99s2Brzk8aLgun6BVdHBXJvH_V8HBEXvXSTNqaU-MK3ibKISw==
age: 78774
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:19:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /rabo/ HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 07 Jul 2022 01:19:39 GMT
Server: Apache
Set-Cookie: real=OK
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   728
Md5:    27875068f7d980c144528ec1b1d9d17f
Sha1:   fb211a2556006c1bae9f1d3b0bb088bb683b0e2c
Sha256: 41b64c3d2f37d119b838cc8c0b2f5db35af27daa44467ceaa240288822017d91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/

                                         
                                         162.241.5.74
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 07 Jul 2022 01:19:39 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 07 Jul 2022 00:34:56 GMT
Cache-Control: max-age=3600
Expires: Thu, 07 Jul 2022 01:11:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aEZq4wVu9MTdO8g9W1OoY-elaGWhPspMs0P_CAgKaFNEn15eISXuHQ==
Age: 2684


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4588
Cache-Control: 'max-age=158059'
Date: Thu, 07 Jul 2022 01:19:41 GMT
Last-Modified: Thu, 07 Jul 2022 00:03:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9? HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/
Cookie: real=OK
Upgrade-Insecure-Requests: 1

                                         
                                         162.241.5.74
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 07 Jul 2022 01:19:40 GMT
Server: Apache
Location: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/?
Content-Length: 324
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   324
Md5:    45d4697e177c84fd1f26d73001e72253
Sha1:   b7836472878c78334e26fde06730db3802f85b9b
Sha256: a30b5969bffb93b61f0a2e95decf9424f62dfec9ded73043ded939e2313e14b1
                                        
                                            GET /rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/? HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1

                                         
                                         162.241.5.74
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 07 Jul 2022 01:19:40 GMT
Server: Apache
Set-Cookie: bid=be45fa4141204120f7d25dd77038aae9; expires=Sat, 06-Aug-2022 01:19:40 GMT; Max-Age=2592000; path=/
location: login/?
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MHZVF7xBtreopkm+6gMueQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.83.91.138
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LgPyh73riZAZZkB3P4E7dF+pXE0=

                                        
                                            GET /rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/? HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/
Connection: keep-alive
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9
Upgrade-Insecure-Requests: 1

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 07 Jul 2022 01:19:40 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Size:   14288
Md5:    d64990ec211718e7f19e95977841037e
Sha1:   e975b311b4f6cc22d4e11440866fafeb4976f338
Sha256: e993a8f847fa3d9af2c03c651c4f500511c434f87c7754a7c2126d522a73b13c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/form/form.js?v=62c634acb4c68 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 3502
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3502
Md5:    88b520d8c00fdd84887024de3a4cd669
Sha1:   b031ff3e41fe419b67be819a458e81fc03990769
Sha256: 06a988a48e4395b52a620fdf5d77603350f4ace705ace1db7007e9b74e1a931e
                                        
                                            GET /rabo/core/token/core_token.js HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 13:09:52 GMT
Accept-Ranges: bytes
Content-Length: 11865
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   11865
Md5:    54b4ac2d00fae21d9f448f21b665af43
Sha1:   199511826a1ed5f5be6a92bdce69c93bfc665e35
Sha256: 6073063cfd2a2f92ab92f328d83642b52a88c7c63c81b12611eb9b8e947f2169

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/core/form/core_form.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:40 GMT
Accept-Ranges: bytes
Content-Length: 2741
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   2741
Md5:    98890b613575e1f0f6cd8a9f607faeb9
Sha1:   c962db92f59cb33fdabbe303dcf4dc55767c37a6
Sha256: cdf4dc725d51fd036311ae9b026c3e20f15f937511d8c88dd23c969665380ab5
                                        
                                            GET /rabo/login/force-myriad.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 121
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   121
Md5:    c03c5b49519f9ad3760ad4b35f240faf
Sha1:   9292a1e9817471f980894a2496a69b97a64b04db
Sha256: 5480e455fe88ae27ac083954834e86fc1ccd392e9f37872a55c13e1fd23dfbac
                                        
                                            GET /rabo/login/form/css.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 219
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   219
Md5:    ea143d0fb4b03b588b86e9e484500bf9
Sha1:   ee35966492f31eb25aacec83e9a422a39c6c1c5b
Sha256: d7fb0c004ea0b99f9d85f90a0d966f92f83eb049840170d884176a20346d80af
                                        
                                            GET /rabo/core/form/core_form.js HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Sat, 29 Jan 2022 12:49:38 GMT
Accept-Ranges: bytes
Content-Length: 62429
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (44438)
Size:   62429
Md5:    c3df9f28cd3d671ef40901a2f5a2a270
Sha1:   6ee0e39505f5d377a7b72d64aa4a719866604d53
Sha256: 556909b267526558ed7ba4a6018c438d3e697f9a66be50a8c72e0238ef000c8f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/default.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 4292
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (373)
Size:   4292
Md5:    ed60c6601e82feb62920fe4f7fc1f421
Sha1:   d74f5f294c21b75fb0c13be47d5869cc8a00ae8f
Sha256: 72c82da4ab2867adae069f4e2185c947516282fd46fe24dda6275a142d43bffe
                                        
                                            GET /rabo/bower_components/jquery/dist/jquery.min.js HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:40 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:34 GMT
Accept-Ranges: bytes
Content-Length: 86659
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   86659
Md5:    c9f5aeeca3ad37bf2aa006139b935f0a
Sha1:   1055018c28ab41087ef9ccefe411606893dabea2
Sha256: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/senses2-styling.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 7415
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   7415
Md5:    c00fdd65560587538acbcc96c104e674
Sha1:   fef56a0d0e72bf4d65fee0bf8691d70048214ad5
Sha256: 8ec7be5cfe00c4139d351647f1cb2581e658a3de31b642158a9ae61442fbbfa2
                                        
                                            GET /rabo/login/rass-proto.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 51372
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30865)
Size:   51372
Md5:    0ed567e55fb901d66d498952e8a4f8e9
Sha1:   7d1dd5b04f113e5b3d1d733b6b4d3fe370045010
Sha256: c29b4bb70a6a918a63501804c99dc56ca41d315deb01bc3f0589cd579c1b0627
                                        
                                            GET /rabo/login/www-extension.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 28507
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (440)
Size:   28507
Md5:    54da2be40d2dd1c7e5c0528f329d32a0
Sha1:   f93c8ded909ac9e6994bd46b7e3b64cfbd03098f
Sha256: 9d028b7774d2edc3072f63dd5b39b5d66a3bbebf83717a42f7521a8205a1c2f4
                                        
                                            GET /rabo/bower_components/angular/angular.min.js HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:32 GMT
Accept-Ranges: bytes
Content-Length: 168828
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (552)
Size:   168828
Md5:    4c619ef91e3fa3f1d4813db2b2eb738d
Sha1:   c5f77156c6f5397be71914eb80d8f998ea1279e7
Sha256: 35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:32 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   31000
Md5:    269550530cc127b6aa5a35925a7de6ce
Sha1:   512c7d79033e3028a9be61b540cf1a6870c896f8
Sha256: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
                                        
                                            GET /rabo/login/ng/ng.js?v=62c634acb4cee HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 5450
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   5450
Md5:    51c41ba228c36a2424b91bdd6b55d07e
Sha1:   cff83aaf946613f5242c1f028e746b8b06c19c4c
Sha256: 2395c0accc6b161f967e510eea9c01bed3a724d6838d3d51212f2758d8875bf8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/token/token.js?v=62c634acb4d47 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 2440
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   2440
Md5:    ac8186a3bd60e284255dda833a300993
Sha1:   fa4375e209b292edd38c7337cdba8bc69e75d8cb
Sha256: ce3a4650959ba2e4b00de877a1e9649c1e1feb0f4aef2c082162688e7de3afc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/trans.gif HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 50
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 3 x 3\012- data
Size:   50
Md5:    1d192e51d9b375c85f70e1fb495e1819
Sha1:   ab6ce05a0b670156d7048a366b1decdf1397d0b8
Sha256: 50899db83a211440e9c7c2b96db96f5791431bb2ec2aef9a0578713b4dd6c25c
                                        
                                            GET /rabo/login/rabobank_logo.png HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 16211
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 124 x 148, 8-bit/color RGBA, non-interlaced\012- data
Size:   16211
Md5:    1bee5d325e70973c5f039c4fb77c7a88
Sha1:   0bb44029de6e6c38a8f2612251cdcaf8d5a50cac
Sha256: 03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
                                        
                                            GET /rabo/login/grayed-out-vc-nl.png HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 15354
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 315 x 315, 8-bit/color RGBA, non-interlaced\012- data
Size:   15354
Md5:    106423b2ca130a77c97219c12727f5ec
Sha1:   886366d9c42fe58114c04ec4e59701b7c30ae92c
Sha256: cf59560647e49f765aa01b63bff1950159fc806bc2e82bb6154393f6502a18e1
                                        
                                            GET /rabo/login/rabobank.svg HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/senses2-styling.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 6331
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5913)
Size:   6331
Md5:    3c20814da59f616bc2b5103b948a759b
Sha1:   1847a89c71b7ff8a703ad5207b02ade1a6e461c9
Sha256: 1361e81984b190dfb362eff0ea3085da933c920b9aa7f1d03e9e1e3edef57b72

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/checkbox_off.svg HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/www-extension.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 2960
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size:   2960
Md5:    70354d2b55db7ddb796e0000120f5177
Sha1:   3f46d3cce316b82f900a92436618c984f3adc61e
Sha256: 472369804eed23e731261b2a4bdc6c454a9c31ca008c393d797b95160b14276b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/icon_supercirkel_kruisje.svg HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/www-extension.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 1284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1284
Md5:    a01e894c90eb0be2239047b9cd2199a0
Sha1:   910e60989a19381275e14c3d2bf051d9539b756e
Sha256: 828129fe18f492866bcc822c9338af9244d4677404d899f80121dbfaccefe82d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/icon_supercirkel_vraagteken.svg HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/www-extension.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 1359
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1359
Md5:    c484570c8e8c38fc5c89e904a1b04161
Sha1:   78268d8df2432766e523c799fbc307fe6fc55c41
Sha256: 5bc5eedf7164055f5658a7c6129ff8886564713fe82cad2ed3d9f94f6308f5f9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:19:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:19:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:19:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:19:42 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:53:29 GMT
age: 77173
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0584e039-a479-41c4-ad51-d842dbd32f7c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5198
x-amzn-requestid: f56b5dea-3209-4e32-985e-fbcb45c70e71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0xnWFKCIAMFe2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4fc95-159a1632285a681d7478353a;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 03:08:05 GMT
x-amz-cf-pop: SFO20-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jh8Cn-5251TNBafhSRsz0jUA8md-ZKQpjj_N1YYcUaVnJAYIdFAQ2A==
via: 1.1 21e2c668bb54ebb4456425e394c3356a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:19:59 GMT
age: 79183
etag: "76b2ac44ab4590c5345063d314975f483a61cb1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5198
Md5:    cd4e7dda9491e473d4b36a87915a82df
Sha1:   76b2ac44ab4590c5345063d314975f483a61cb1f
Sha256: f1e7681478f46029c90d707def4755f3d91a9f0b1d3509008bfca84d84a9634a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7271
x-amzn-requestid: 3fa97801-72ce-40f1-9609-10406e6d70ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UoS0BFjuoAMFw8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bffe7f-103b3e9a2928a3ed39c62b1b;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 08:14:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TrgAb-pYFci7r56srzmwDp_mnZ6ApHI6KRaOyrHTYgJHmLcx6iNr1g==
via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:50:30 GMT
age: 12552
etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7271
Md5:    1d4f4e3ad0f3ca501b797538d0f3aaac
Sha1:   949707b56fd4aa6464f5f4a5d52b18ab72d307ff
Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4243
x-amzn-requestid: 7529aa91-0ea7-442d-a0b7-c3c74f0d5d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UthU8HNdoAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c215b9-527e994b56eb0630557d6dd5;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 22:18:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DQPLClNEQSPyiJJEq83p-1_lCk1cLIqpXQuPUQA2EzYd4kc0D9ILaw==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 04:44:24 GMT
age: 74118
etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4243
Md5:    4dadb5bd9157f2899ea250117bf6655e
Sha1:   5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3
Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12294
x-amzn-requestid: e6b35bb1-bc6b-4b98-aa16-cff64cf3e4b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ua_AwHdPIAMFSzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62baab9e-4659e88772f9e8551e06800a;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 07:19:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EWsndyPnvdV629tcpvI0HUzSA6Ocbb0acwQ6v5i0VWoEeGIKaF7fcw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:59:49 GMT
age: 11993
etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12294
Md5:    8b57e1aba0bce88ae13af9ccf60089bd
Sha1:   7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7
Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7249
x-amzn-requestid: 74cbc653-182e-4ef0-9fe5-901ddaa4edaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UoBIEGKqIAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfe233-383f73a750696511624ff453;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 06:14:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BVo4WA3x-2hGSrOBQTIcT5yjiYcdzQby4NDOrnrWpREFtHG5x52Jzg==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 09:18:45 GMT
age: 57657
etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7249
Md5:    5c958b0c904620aff5f5f8a74f80d9f9
Sha1:   2f79d1e28bb827f7fa60b6675dba8022c28a1a3d
Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
                                        
                                            GET /rabo/login/fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/default.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 16696
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16696, version 1.0\012- data
Size:   16696
Md5:    d30827b823fbcc46ae577287d9958a85
Sha1:   f66f0cb0ca05cfa5b4c96750225478febf1f110a
Sha256: 1a35e85545a55eb7a307543de45c5a73588d63d9b08fd571c22ae6ec1a2f78d9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/default.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:56 GMT
Accept-Ranges: bytes
Content-Length: 16356
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16356, version 1.0\012- data
Size:   16356
Md5:    dcb5812d0cda70ffa90ea868e642bef6
Sha1:   716d56c3ba9698291126a80e57ef1b247714702b
Sha256: 2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/default.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:06:56 GMT
Accept-Ranges: bytes
Content-Length: 16376
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16376, version 1.0\012- data
Size:   16376
Md5:    66cc04b61a823c9138869b61b173f21d
Sha1:   7608f8d3ef9e55e0f8284a923dc33bfd961f95b6
Sha256: 49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/login/form/newloader.gif HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:02 GMT
Accept-Ranges: bytes
Content-Length: 557122
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 480 x 480\012- data
Size:   557122
Md5:    ef8d4e6b20b0cf0d68713fb2f6069042
Sha1:   d62bb4b1a169c88879de3bd2f5c4292b6259a952
Sha256: 32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
                                        
                                            GET /rabo/login/icon_supercirkel_pijl.svg HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/login/www-extension.css
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 07 Jul 2022 01:19:42 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 1190
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1190
Md5:    346c13a73679fbb6ba87156774970309
Sha1:   dddc9c09b66ab02172214a6755117b16409a60cf
Sha256: c0a3bbe501ee2ef2c8bc2031667bdc41d3f4d19e1715317d6a9ef924b0d39323

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /rabo/home.php?pl=token&link=rabo.nl&bid=be45fa4141204120f7d25dd77038aae9&callback=jQuery321002990461669062594_1657156781594&data=%7B%22mes%22%3A%22User%20on%20Login%20page%22%7D&_=1657156781595 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   58
Md5:    6e7ac5e6ef630986a62bd38aa994c24f
Sha1:   d992fc91d50e2006a2f2c635ab6c0c39a654a31a
Sha256: 41725bafd91e4943ddcf5a7540e0546ceff774aff800bb5f6539cd4380871961
                                        
                                            GET /rabo/home.php?pl=token&link=rabo.nl&bid=be45fa4141204120f7d25dd77038aae9&callback=jQuery321002990461669062594_1657156781592&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1657156781593 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 07 Jul 2022 01:19:41 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   58
Md5:    fb1b4aba57035b84c41b7759e87c3bfe
Sha1:   9570d157d4aaee595e0e20f8b405b02f6380544b
Sha256: 3a00acf45cc747cb32d81fb39f7c25586e361aed82e57bab83a712aa079a8c4e
                                        
                                            GET /rabo/login/favicon.ico HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Thu, 07 Jul 2022 01:19:42 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 21:07:00 GMT
Accept-Ranges: bytes
Content-Length: 1406
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16\012- data
Size:   1406
Md5:    4868d321b600ed914dd5c80ccb4b0ac2
Sha1:   12ce924696555a23dd0fcb452722d6e4b2739d06
Sha256: c440ca4fab7deaaaf070f43183ad85b322b25dbaee7f781bb5a783e36372f66d
                                        
                                            GET /rabo/home.php?pl=token&link=rabo.nl&bid=be45fa4141204120f7d25dd77038aae9&callback=jQuery321002990461669062594_1657156781592&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1657156781596 HTTP/1.1 
Host: bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bankieren.rabobank.nl.online-identificatie.aulavirtualcecip.mx/rabo/a1b2c3/be45fa4141204120f7d25dd77038aae9/login/?
Cookie: real=OK; bid=be45fa4141204120f7d25dd77038aae9; lng=nl

                                         
                                         162.241.5.74
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 07 Jul 2022 01:19:46 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   58
Md5:    fb1b4aba57035b84c41b7759e87c3bfe
Sha1:   9570d157d4aaee595e0e20f8b405b02f6380544b
Sha256: 3a00acf45cc747cb32d81fb39f7c25586e361aed82e57bab83a712aa079a8c4e