Overview

URL www.web8515.web07.bero-webspace.de/Hernieuw-Scanner/
IP109.71.253.24
ASNSYNLINQ
Location Germany
Report completed2022-09-06 21:08:38 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-06 2 www.web8515.web07.bero-webspace.de/Hernieuw-Scanner/ Rabobank Nederland
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 www.web8515.web07.bero-webspace.de/Hernieuw-Scanner/ Phishing
2022-09-06 2 www.web8515.web07.bero-webspace.de/qsl/trans.gif?data=MzAwMTA9MTY2ZWM1Y2YwM (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.77.32
mnemonic passive DNS www.web8515.web07.bero-webspace.de (2) 0 2022-09-02 23:51:42 UTC 2022-09-06 12:24:03 UTC 109.71.253.24 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 35.161.231.36
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-06 08:08:24 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-06 14:05:23 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-06 12:27:00 UTC 93.184.220.29
mnemonic passive DNS bankieren.rabobank.nl (22) 58394 2016-09-14 12:05:31 UTC 2022-09-06 19:53:10 UTC 23.36.79.8


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 109.71.253.24

Date UQ / IDS / BL URL IP
2022-12-10 04:35:32 +0000
0 - 0 - 6 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 04:09:27 +0000
0 - 0 - 4 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 04:09:25 +0000
0 - 0 - 4 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 03:35:46 +0000
0 - 0 - 10 web9259.web07.bero-webspace.de/in/a1b2c3/48b7 (...) 109.71.253.24
2022-12-10 00:18:55 +0000
0 - 0 - 56 web9254.web07.bero-webspace.de/ 109.71.253.24

Last 5 reports on ASN: SYNLINQ

Date UQ / IDS / BL URL IP
2022-12-10 04:35:32 +0000
0 - 0 - 6 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 04:09:27 +0000
0 - 0 - 4 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 04:09:25 +0000
0 - 0 - 4 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 03:35:46 +0000
0 - 0 - 10 web9259.web07.bero-webspace.de/in/a1b2c3/48b7 (...) 109.71.253.24
2022-12-10 03:35:33 +0000
0 - 0 - 26 xn--kuferschutz-sabrina-gwb.de/customer_cente (...) 91.218.65.6

Last 5 reports on domain: bero-webspace.de

Date UQ / IDS / BL URL IP
2022-12-10 04:35:32 +0000
0 - 0 - 6 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 04:09:27 +0000
0 - 0 - 4 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 04:09:25 +0000
0 - 0 - 4 web9254.web07.bero-webspace.de/a1b2c3/ee66907 (...) 109.71.253.24
2022-12-10 03:35:46 +0000
0 - 0 - 10 web9259.web07.bero-webspace.de/in/a1b2c3/48b7 (...) 109.71.253.24
2022-12-10 00:18:55 +0000
0 - 0 - 56 web9254.web07.bero-webspace.de/ 109.71.253.24

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-21 21:14:58 +0000
0 - 0 - 6 pxlme.me/w9Orjz1_ 51.15.139.10
2022-09-06 10:08:39 +0000
0 - 0 - 6 pxlme.me/w9Orjz1_ 51.15.139.10
2022-09-06 09:22:17 +0000
0 - 0 - 3 21464-3997.s3.webspace.re/Bskahaug/ 91.218.65.6
2022-09-05 14:51:43 +0000
0 - 0 - 3 pxlme.me/w9Orjz1_ 51.15.139.10
2022-09-03 15:34:27 +0000
0 - 0 - 7 rabobank.web8481.web07.bero-webspace.de/liam/ 109.71.253.24


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (48)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 21:04:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: l61W6p2pzrTaiLAqOWR1uE7_4KOmVLY1Cxewaqcj4DiU-s_aMEJbew==
Age: 240


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3192
Expires: Tue, 06 Sep 2022 22:01:39 GMT
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CA_Z9ldYJJ2gxDSriJTXpMWsfgSkCn6wWXKCS8aDxxex8N66dNvYkw==
age: 71590
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "185E0FC28993CB824EE1E82D16CE95CE5A410B0AB887FB2486FFBD564056D4A8"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Sep 2022 03:08:27 GMT
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 21:08:27 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /Hernieuw-Scanner/ HTTP/1.1 
Host: www.web8515.web07.bero-webspace.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         109.71.253.24
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Sep 2022 21:08:27 GMT
content-length: 2716
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=qc857d65r0upkioke9ftngibo9; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (417), with CRLF line terminators
Size:   2716
Md5:    46cf89ea8af3a533dec59dde1019486e
Sha1:   6aa32f94aa7f1995755297b71d7efb665aca8dd8
Sha256: 125541c3f019b4f85313d701674538498db4d6aebd31e13331efc03afaa93042

Alerts:
  Blocklists:
    - openphish: Rabobank Nederland
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5778
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 21:08:27 GMT
Last-Modified: Tue, 06 Sep 2022 19:32:10 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4367
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 21:08:27 GMT
Last-Modified: Tue, 06 Sep 2022 19:55:40 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1596
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 21:08:27 GMT
Last-Modified: Tue, 06 Sep 2022 20:41:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2674
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 21:08:27 GMT
Last-Modified: Tue, 06 Sep 2022 20:23:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3589
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 21:08:27 GMT
Last-Modified: Tue, 06 Sep 2022 20:08:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /klanten/static/generic/font/myriad/default.css HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache
Last-Modified: Fri, 20 Apr 2018 10:42:30 GMT
ETag: "e06-56a455848b180"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1256
Cache-Control: public, max-age=17136841
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (400)
Size:   1256
Md5:    c0212b5984053592cf8d069859b64425
Sha1:   20df045597b03679f0d5bc03e162a7f60f6e8a1d
Sha256: bb40dc1fba164f39acbfae5661a22acaa2376a78ef7a0ec82fe7e29b07522118
                                        
                                            GET /rabo/sam/javascript/brwfunc.js HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Apache
Last-Modified: Thu, 24 Mar 2022 07:38:51 GMT
ETag: "4206-5daf1eff3642f"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5991
Cache-Control: public, max-age=3402
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (16901)
Size:   5991
Md5:    9473d5243b5c7be8bf4cac5357631164
Sha1:   d0b37281e72ffa72eb94b2a5a172e7f3648e6882
Sha256: 70f040c4661a53ead1182ef8703a74d737d46dd2d02ad6399342eb636dc1e760
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/rass-proto.css HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "1f448-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 83175
Cache-Control: public, max-age=4363
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (30865), with CRLF line terminators
Size:   83175
Md5:    ebd421b628d49a39f07b88e388089565
Sha1:   b9ff6c7f9c94ee9ef891dc7b0ecbb7a4fce826f1
Sha256: e12c24f9605bbebea4074939bb82aed9071aa94ba8fd5d63eb91a078f0f5b329
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/www-extension.css HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "72cd-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5247
Cache-Control: public, max-age=5967
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (440), with CRLF line terminators
Size:   5247
Md5:    5e10f74a33f68ae39d23d235322cd8a7
Sha1:   d2ff17bcd5df338326f358f17a70adf1d7e2115e
Sha256: e49a2fb876b874811cf72c211bc538f1b28b6b7de1c050a73c07923e54e8efd3
                                        
                                            GET /rabo/sam/vrs1112/newdesign/scripts/device.min.js HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "ce2-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1147
Cache-Control: public, max-age=4286
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (3272), with CRLF line terminators
Size:   1147
Md5:    5dedea95b50cf4c8f41c9c56a727d0ef
Sha1:   a0e2ba5f5f32ed829f507d30671bd78fa1c611b7
Sha256: 4097761f67b2d2ec736bf3158660670356e206023602eed87391e4a549c9716f
                                        
                                            GET /rabo/sam/javascript/x12.js HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Apache
Last-Modified: Tue, 06 Oct 2015 11:12:18 GMT
ETag: "ab17-5216db3f6c880"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12619
Cache-Control: public, max-age=3359
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (43786)
Size:   12619
Md5:    3a9a8383afb0a80cc635b58e1bbc0bac
Sha1:   d0deec5a8efd8a5343cc23758141f82e47c80a82
Sha256: 22b029014f872cfd170dd59abc8dba288bbec7d2edbf148415900d1635090103
                                        
                                            GET /rabo/sam/vrs1112/newdesign/scripts/rass-proto.js HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "f595-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12798
Cache-Control: public, max-age=3387
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  ASCII text, with very long lines (2050), with CRLF line terminators
Size:   12798
Md5:    97dfc08fa56609497e08db74e4d7f489
Sha1:   a929a831ba9089f7fa4ee2ae13aabf1b6f128305
Sha256: 762337db78b08aa416d1d675205886956b0223d14124acf79a080a92b31e241f
                                        
                                            GET /rabo/sam/vrs1112/newdesign/images/grayed-out-vc-nl.png HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "6cff-53c4f47308b80"
Accept-Ranges: bytes
Content-Length: 27903
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=1337769
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  PNG image data, 315 x 315, 8-bit/color RGBA, non-interlaced\012- data
Size:   27903
Md5:    4f1bd86cc1c35dae0b5935a8af0183ae
Sha1:   f24c9da9531fe5263e6d7927fcd342aa392e2d02
Sha256: fe748922f0098bbdadddfbf0db28277e7ba4021d13d9a7f607bb7a2ec16863f2
                                        
                                            GET /rabo/sam/vrs1112/newdesign/images/rabobank_logo.png HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "3f53-53c4f47308b80"
Accept-Ranges: bytes
Content-Length: 16211
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=986131
Date: Tue, 06 Sep 2022 21:08:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  PNG image data, 124 x 148, 8-bit/color RGBA, non-interlaced\012- data
Size:   16211
Md5:    1bee5d325e70973c5f039c4fb77c7a88
Sha1:   0bb44029de6e6c38a8f2612251cdcaf8d5a50cac
Sha256: 03caeff0f4235241611956eeb18dcbfabb8b67083208f00a0b0f92fbff9b28bd
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/itje_16x16_new.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "5cb-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 780
Cache-Control: public, max-age=1249974
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   780
Md5:    0cf1abed2b4f1797a22368c2b2ed1915
Sha1:   802c4a6710c9db4453dc3154eb74dfe62b966593
Sha256: 344788bb0eee9bcf9bb0064d002e087de731ccb4b4522bb3e71abf00bd35c86a
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/checkbox_off.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "bc3-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 770
Cache-Control: public, max-age=1250175
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   770
Md5:    bd7c8a904d0fe9b2ff20746ed573bfdd
Sha1:   8be0720cc888d50020b4193f8568fee8376d31cf
Sha256: 9076f0b99e9dd3e3cd3988265c9cf464e0c5a38bfd1957690f1b9ed7fa3adb19
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/icon_supercirkel_kruisje.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "504-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 681
Cache-Control: public, max-age=1250067
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   681
Md5:    d440de0749473fbbbbb45a1fb66c30cf
Sha1:   244f366c273f74dc4ff331c7eb4ab7af9cd5707f
Sha256: a2fdafc77b24745ffa93204c04bbdb7c44fd4d854e6193f4c5daee6e3d13e56d
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/icon_supercirkel_vraagteken.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "54f-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 736
Cache-Control: public, max-age=1337778
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   736
Md5:    5459bf123028afb5d8b6546ea183e804
Sha1:   123ca17ab5bc332dc250e71c39b334a1f0ce0f04
Sha256: fd48c33153cf5bdeabfb1c72f7785693b4a2d906aa71c35fb3b8535836f946ff
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/icon_supercirkel_pijl_wh.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "490-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 636
Cache-Control: public, max-age=1250018
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   636
Md5:    40cb6da55377855ee18bf60596a4b877
Sha1:   ca9ff45cae89a93518ff833a9ef3b2cd1e285bf0
Sha256: bd9df0304fdbd55957fc405e1e831d67725ae1337cb69951a64fb35db68a1e82
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/icon_supercirkel_pijl.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "4a6-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 648
Cache-Control: public, max-age=2075449
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   648
Md5:    d3aa64ac52e44db19c57fff4e97affcb
Sha1:   b197293e4bbc222c56401cdc6541f48b785a8250
Sha256: 88ffaf5196f5d049805054f8d14a01674258f69026b8111ece0c266a58e9efaf
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/icon_supercirkel_pijl_bl.svg HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "4a6-53c4f47308b80"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 651
Cache-Control: public, max-age=1250092
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   651
Md5:    173f5d48fbc2a02abde95980179b6aef
Sha1:   b0c1dc150513ed0c0c136558431c2d03d7ec47de
Sha256: cca0406f08ed87c4a8675688815b6d4388f1d3c7a40f9b9b9856e76e0ae9f43a
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 20:38:18 GMT
Expires: Tue, 06 Sep 2022 20:44:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WF32nJtDo7SAuf80K3knGZYNXjv2ZNYtEzJvn_Rcas3erIZP5VccBw==
Age: 1810


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /klanten/static/generic/font/myriad/fonts/2cc3ff2f-19fe-458d-99da-2fb1acb43d81.woff2 HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.web8515.web07.bero-webspace.de
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: Apache
Last-Modified: Fri, 20 Apr 2018 10:42:30 GMT
ETag: "41fc-56a455848b180"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Cache-Control: public, max-age=16669717
Date: Tue, 06 Sep 2022 21:08:28 GMT
Content-Length: 16892
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Set-Cookie: ak_bmsc=4D2C7C329AAF290FE756B51D70584322~000000000000000000000000000000~YAAQBE8kF5SsPQCDAQAARQ2iFBEN6n+X87od914n+EYtAEzMZdk9joYJhUKLPVHzWuimBuPlseIArZggwGD7O/xsuA0kJw4vAn+d4DwVJqSVmF9h3S3zd5HwE9SprpCuWCR/6cDX/x4txb1lImpLH0iW5CXm698sx1XovaBD3b74bwPRViKlbrkUGBywckrD1jHGa2WCi0RVtKo8h74GGpFgHIvRzvlwvAMjDUylMlI9iyzmvNUcrkhPUgu+PjRP2H3KSUjWyU55EgElRHSaT3QSev8nmmXqwHKBwW5YbVXwdC7GEckcJ24LgbVyVUr5UCH/d4I+VxatAMI160Jox+JjsPKJko3OK64BiJLrXHmgiluGTToJb4s7mjEciy2a; Domain=.rabobank.nl; Path=/; Expires=Tue, 06 Sep 2022 23:08:28 GMT; Max-Age=7200; HttpOnly


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16892, version 1.0\012- data
Size:   16892
Md5:    212751b9e5bc3a017435a492d06bd368
Sha1:   bed1e9e4aa6dc4bd6bd2166faeeda4ac6f2afa1a
Sha256: 9978c7504f5d95149404fe19bfaed705f60cf3dacba5b2b1b6548d52a88c1e55
                                        
                                            GET /klanten/static/generic/font/myriad/fonts/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2 HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.web8515.web07.bero-webspace.de
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
                                        
Server: Apache
Last-Modified: Fri, 20 Apr 2018 10:42:30 GMT
ETag: "3ff8-56a455848b180"
Accept-Ranges: bytes
Content-Length: 16376
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=23903992
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16376, version 1.0\012- data
Size:   16376
Md5:    66cc04b61a823c9138869b61b173f21d
Sha1:   7608f8d3ef9e55e0f8284a923dc33bfd961f95b6
Sha256: 49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
                                        
                                            GET /klanten/static/generic/font/myriad/fonts/e7e30ff2-3a95-49b0-bbf9-024f40ead426.woff2 HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.web8515.web07.bero-webspace.de
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: Apache
Last-Modified: Fri, 20 Apr 2018 10:42:30 GMT
ETag: "3fc0-56a455848b180"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Cache-Control: public, max-age=16667713
Date: Tue, 06 Sep 2022 21:08:28 GMT
Content-Length: 16320
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Set-Cookie: ak_bmsc=5ED0D724681ED6112072C17D2B2B6198~000000000000000000000000000000~YAAQBE8kF5WsPQCDAQAASA2iFBEnlIKGSI0o5cZPVfb1hTOTb1995UDsJkCW46K/Oltz8KM9GecptqlqWs8RY1dwO81WLQCIJER7cESzlpTvnX4hH14I5OeVF9Kqhc4vpolVPpq6E4uuD8cmck/hqWfNhiqtcPYupxKVG8QTgFavhly2Sgjvh0Nx22AszpN49uKq2eTyQBxXblHjRHiAEzBPFKADcuGQxOd++LE3D8zRqOpFqmgkXbcudjPUxdAuh/Az8vI9ErzRJIkcXk2PazXgmfQ3cZJqn5r6QaW5RQ32xgWm0MRgLkzT8Hu+ndYuVYHLaLlFRI0Y7kPFdMUIOhdflAkMhulMa6VCBKEE2Dy4NGP3hwRkLPj80idHZfLE; Domain=.rabobank.nl; Path=/; Expires=Tue, 06 Sep 2022 23:08:28 GMT; Max-Age=7200; HttpOnly


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16320, version 1.0\012- data
Size:   16320
Md5:    47b3825e14034fd0e9206d452e0a8495
Sha1:   d2efad8ee1d0a4464733d9255feb67b52652767f
Sha256: bfcfea39ebd070e042356af77c4bc16b6170f2106744f1173c15c1fa1a243cce
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/senses14_bg.png HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "26f60-53c4f47308b80"
Accept-Ranges: bytes
Content-Length: 159584
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=1270146
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  PNG image data, 476 x 476, 8-bit/color RGB, non-interlaced\012- data
Size:   159584
Md5:    210745ecf0c24514ef8653ac5d7989c0
Sha1:   7afdaf757d478b446b035dd170756280a1d1dcef
Sha256: 1987096264228c09ca06e68b0458d3610475e44e5720ef2dfefed25f1ffcc8d5
                                        
                                            GET /rabo/sam/vrs1112/newdesign/css/images/rabo-scanner-retina.png HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bankieren.rabobank.nl/rabo/sam/vrs1112/newdesign/css/www-extension.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:38 GMT
ETag: "52f9a-53c4f47308b80"
Accept-Ranges: bytes
Content-Length: 339866
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=1250080
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  PNG image data, 470 x 801, 8-bit/color RGBA, non-interlaced\012- data
Size:   339866
Md5:    24da47fc963b947e514ed702f72d1c43
Sha1:   57c8dc2fc80ad677ad2ee6fbce56e690c589a83a
Sha256: 007d20712baac3fe5b80e9a8aa7099e8cacb18502b780102def21802586e1bb9
                                        
                                            GET /rabo/sam/vrs1112/images/favicon.ico HTTP/1.1 
Host: bankieren.rabobank.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: Apache
Last-Modified: Mon, 12 Sep 2016 13:14:36 GMT
ETag: "57e-53c4f47120700"
Accept-Ranges: bytes
Content-Length: 1406
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=1250141
Date: Tue, 06 Sep 2022 21:08:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16\012- data
Size:   1406
Md5:    4868d321b600ed914dd5c80ccb4b0ac2
Sha1:   12ce924696555a23dd0fcb452722d6e4b2739d06
Sha256: c440ca4fab7deaaaf070f43183ad85b322b25dbaee7f781bb5a783e36372f66d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6141
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 21:08:28 GMT
Last-Modified: Tue, 06 Sep 2022 19:26:08 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eA97KsbUfHcTE1Vzs843Lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.231.36
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tsvn/niMrAi0Y2w/iOvttBw3j0s=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 21:08:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 21:08:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 21:08:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 21:08:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 21:08:29 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 83309
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5775
Md5:    1a87857b93f99eab3118aae97a1c9d22
Sha1:   3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
Sha256: 97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 84023
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 48424
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8134
Md5:    5540d72831e7e7b9fc287f92c48d9f5e
Sha1:   ec19429fa76d9ad47a0578734b011b530b79ebbf
Sha256: bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
age: 82238
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7855
Md5:    8c23179b2131543088771e3fa84ff231
Sha1:   ae50ae4aecd962b698c19f2863857b51cea7fcec
Sha256: 660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 84167
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6656
Md5:    983e705542fa78b4d5c876e0c1eada7e
Sha1:   5fc951e5236edd282d4975853ca35dab2e55fb17
Sha256: fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 59497
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12683
Md5:    ec466c0d472e43c11d36bf6fce068205
Sha1:   720d3624a76d060b8e2699e9aa7a320e3efd4878
Sha256: 5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
                                        
                                            GET /qsl/trans.gif?data=MzAwMTA9MTY2ZWM1Y2YwMzE4NDNlMDhjMjhjNTE3Mjk5NTk3MDRfMTQ2MDQ0MzE5OTM4MiY0MDAyMD0lMkZIZXJuaWV1dy1TY2FubmVyJTJGJjQwMDMwPTEyODAmNDAwNDA9OTM5JjQwMDUwPTEyODAmNDAwNjA9MTAyNCY0MDA3MD1OZXRzY2FwZSY0MDA4MD1mYWxzZSY0MDA5MD1Nb3ppbGxhJjIwMTAwPTIzMCY0MDExMD04NTImNDAxMjA9NS4wJTIwKFgxMSkmMjAxMzA9MTAxNjgmMjAxNDA9MTY2JjQwMTUwPUxpbnV4JTIweDg2XzY0JjQwMTYwPU1vemlsbGElMkY1LjAlMjAoWDExJTNCJTIwTGludXglMjB4ODZfNjQlM0IlMjBydiUzQTk2LjApJTIwR2Vja28lMkYyMDEwMDEwMSUyMEZpcmVmb3glMkY5Ni4wJjQwMTcwPXRydWUmNDAyMDA9MDBWTTEyNVcxOTAxWDFNNjlXMTkwQTJWMTY3VjE5MDNYQzEyNVYxOTBFNFgxNjlXMTkwNVUxRzY3VzE5MDZYQTEyNVkxOTA3VjFFNjlVMTkwOFcxQzY3VTE5MDlSWDE0NFgxNzEwWDFENDRXMTcxMVUxSDQ0VTE3JjIwMjEwPSYzMDIyMD1UdWUlMjBTZXAlMjAwNiUyMDIwMjIlMjAyMSUzQTA4JTNBMjIlMjBHTVQlMkIwMDAwJTIwKENvb3JkaW5hdGVkJTIwVW5pdmVyc2FsJTIwVGltZSkmMjAyMzA9RmFsc2UmNDAyNTA9VE9ETyY0MDI2MD1lbi1VUyYyMDI3MD1odHRwcyUzQSUyRiUyRmJhbmtpZXJlbi5yYWJvYmFuay5ubCUyRnJhYm8lMkZzYW0lMkZ2cnMxMTEyJTJGbmV3ZGVzaWduJTJGaW1hZ2VzJTJGcmFib2JhbmtfbG9nby5wbmd8MHwwfDAmMjAyNzA9aHR0cHMlM0ElMkYlMkZiYW5raWVyZW4ucmFib2JhbmsubmwlMkZyYWJvJTJGc2FtJTJGdnJzMTExMiUyRm5ld2Rlc2lnbiUyRmltYWdlcyUyRmdyYXllZC1vdXQtdmMtbmwucG5nfDI1MHwyNTB8MCY0MDI4MD0wJjMwMjkwPTImNDAzMDA9dW5rbm93biY5OTMyMD1mYWxzZSYyMDMxMD1odHRwcyUzQSY0MDMzMD11bmtub3duJjIwMzUwPSUxMCUxNiUyMyUzQ24lMDYqJTFGJyUwNSUyRjYlM0EtJTI1JTA1KSUxRSUyNCElMkIhZEZiJTI1JTIwMSEtJTI1JTA1KSYzMDM2MD0xJjIwMzcwPXNFJjIwMzgwPXBGJTNEYzIlN0YmMjAzOTA9JTExJTE0KDcyfnIlNUQnJTE0dDAoJTdGd1p6Q3I2fncnWXolMTR0YnklN0QlN0RSd052Y3olMTB1X3RHdWclN0R+JTdEUnFPcyUyRiUzRCUwNzYlMkMnJTE1MyUxMCUyNiUyNDglMEQlMjMlMUIyNjIlMEUxJTFGKiUzRSUyNSUyRjIlMEUxJTFGKjUxMiUzRCUwMTYlMTclM0UlMUIlMjAlM0QpJTNBJTI1JTBDJyUwQiUyRiUzRjIlMUMnJTAyJTI2JTBCcGV4KiclNUUhJTExcSU2MCU3RndwWCdHeTAlN0N3JyU1RXMlNDBzand6JTdEJTVDckMlMUVienl0X3ZEcGp3JTdDJTdDWSUzRSUwNygwJTNEKiclMTcxJTE0JTIwJTNEJTNFJTI2JyUxNyclMTklMjV+JTNFJTNEISUwRCUyQiUwRiUzRCUxRCUwMk9ESyUxMDYlMDMlMUNuJTdGOCo3JTAzKSUxQSozOCo3JTAzKSUxMSUzRS43JTI1MCUwQiUzRCUyMCUwNiUzRCUwMyUwRSUyMCUwNSUwMiUzQiUyNTMlMkIlMDUlM0UlMDMlMjIlM0MlMjIlMjA2JTA4LSUxMyUyNCUyRiUwNSUyMyElMUUwJTE0LjclMkJvJTJCJTFCKiUxNi02JTIwMyUwNSUxRTYlMUYlMDI3MjM3JTFFJTIwJTFBKCcyJTA2KiUwNy0lMTAlMjY2JTIwMyclMEElMkMlMTQlMjQlM0YyJTBFKiUwNTclMUIlMjQhJTJCITg4ISUxRSUyNSUyRiU3RnlyJTBFIUIlMjI1fiU3Q3VTdkQlMjRjdiUyQ3ZTIUJwZCU3Q3YlN0QlNUUlN0IlNDBxZyUxMX5wJTVEckN1JTYwJTdGdiU3RFh6RSUzRCUyMCUwNiUzRCUwMyUwRSUyMCUwNSUwMiUzQiUyNTMlMjIlMEEuJTA0JTI0JTJGJTBGJTNBMCUwMyUwQiUxMyUzRCUyRiUwRiUzQTAlMDMlMDAlMDclMjAlMjAlMDAlM0Q4JTE3ISUwMyUyNDclMUMqJTI1JTBGJyUwNSUzRCElM0MzLSUxRiElMUYzNiUyRiUyQiElMTklM0UlM0UlMkYlM0YhKCUyMyUwRSUyQ1clMkM2JTNBbyUxNiUwQSUyQyUxMy4lM0VuJTFEISUwQSUyNiUxMjMlMkYmMjA0MDA9c0F3YXp2JTdDJTVFckVxY34mMjA0MTA9Jjk5NDIwPUJ3QVNOT0RrJjEwNDMwPQ== HTTP/1.1 
Host: www.web8515.web07.bero-webspace.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.web8515.web07.bero-webspace.de/Hernieuw-Scanner/
Cookie: PHPSESSID=qc857d65r0upkioke9ftngibo9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         109.71.253.24
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Tue, 06 Sep 2022 21:08:28 GMT
last-modified: Fri, 02 Sep 2022 23:27:26 GMT
etag: W/"328-5e7ba12aaf55b"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing