firefox.settings.services.mozilla.com/v1/
18.164.68.8200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 03:05:28 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a455b0542ae02d17ddbe081579777502.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: sNtd8Vi2LbLd9k8Y7FgKa-nxUXZwBZ0WkqQxB8iFJiXcmV4CPb_nvQ==
Age: 2066
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7672
Expires: Sat, 24 Sep 2022 05:47:46 GMT
Date: Sat, 24 Sep 2022 03:39:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f793ce54a443ce6e9ca85f518dd4fd36.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: D598foappPHnlu5FCJ6XI55kOrAMOJ70atgJVGjvoayMHUgYoFncMg==
age: 84412
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 03:39:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
216.58.211.10200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 216.58.211.10:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 13:11:40 GMT
expires: Tue, 19 Sep 2023 13:11:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 397695
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bmemberservicexxxx1ax.syno-ds.de/
210.16.120.193200 OK 18 kB URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash d4aa5f3e562ad499450052e1d766198b
a7d2fc3d7bdd68311c0e82926a42d3089b5f9cc7
1049bac5a8ffd83593e814b6a5083f4386db805091fcec6580280d7d047791d6
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET / HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 03:39:54 GMT
Content-Type: text/html
Content-Length: 18394
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 23:56:15 GMT
ETag: "fc55-5e8abdfce221d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css
216.58.211.10200 OK 5.9 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css
IP 216.58.211.10:0
File type ASCII text, with very long lines (551)
Hash 521def403dde2402c6d867185ab41ac6
128490143795bd6d557b6c6bd463c2973b1862ce
16c80f377bbb572eff07ce4b202463d39073e31e4c327edaf898de923b2034c0
GET /ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5918
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 12:36:23 GMT
expires: Fri, 22 Sep 2023 12:36:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 140612
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js
216.58.211.10200 OK 52 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (563)
Hash 0fd0e04fe62ff281d2dd5a94ced9e11f
0fc9632b823fd5c782ab106fc2ef9715130e2822
2e19c9038a7939b50ac6beca5801c3d8d8c6ac506fb397300276a8d1127d35d5
GET /ajax/libs/jqueryui/1.8.16/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 52222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 03:03:09 GMT
expires: Tue, 19 Sep 2023 03:03:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 434206
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 812 B IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 9e37994c072337184f0669fb366fbfd1
1be44c1c1c2ab538ce1af5361122a1f13271085e
a7a4770c9bf5727046a62b135b1fdd4e371ccde35dd6555727642928ec943146
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/spin.min.js
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/spin.min.js
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET /NBO/assets/js/spin.min.js HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa58ca16387e8f05dd9fbf268dd7a748
024b9be8676598e2eba669d56f152983f67eecb2
2cab1c2148538cff208d26e26bd8b761adc3591c3ed1dc7549836a1dc624c740
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5237
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Last-Modified: Sat, 24 Sep 2022 02:12:38 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa58ca16387e8f05dd9fbf268dd7a748
024b9be8676598e2eba669d56f152983f67eecb2
2cab1c2148538cff208d26e26bd8b761adc3591c3ed1dc7549836a1dc624c740
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6574
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Last-Modified: Sat, 24 Sep 2022 01:50:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa58ca16387e8f05dd9fbf268dd7a748
024b9be8676598e2eba669d56f152983f67eecb2
2cab1c2148538cff208d26e26bd8b761adc3591c3ed1dc7549836a1dc624c740
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4271
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Last-Modified: Sat, 24 Sep 2022 02:28:44 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.8200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 03:20:46 GMT
Expires: Sat, 24 Sep 2022 03:33:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9f698c14e6527accab310c26bfca2030.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: UbcgfR8Lxc8RgoBO5J1xIWGQ_EqC3iIznJziIAZqZP5SfPC4OmlIgA==
Age: 1149
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
GET /NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
GET /NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET /NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET /NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Last-Modified: Sat, 24 Sep 2022 02:07:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe68d6ef0b2caf455727ac79f847d28e
127f1c95552a42351003396dbbf8506da4a199a1
aa0a92bddfbb6600edbf65d5195d34c3981ebb44c9e86363572b204631dbcbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Server: ECS (amb/6B7E)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe68d6ef0b2caf455727ac79f847d28e
127f1c95552a42351003396dbbf8506da4a199a1
aa0a92bddfbb6600edbf65d5195d34c3981ebb44c9e86363572b204631dbcbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Server: ECS (amb/6BA2)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe68d6ef0b2caf455727ac79f847d28e
127f1c95552a42351003396dbbf8506da4a199a1
aa0a92bddfbb6600edbf65d5195d34c3981ebb44c9e86363572b204631dbcbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Server: ECS (amb/6BB9)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe68d6ef0b2caf455727ac79f847d28e
127f1c95552a42351003396dbbf8506da4a199a1
aa0a92bddfbb6600edbf65d5195d34c3981ebb44c9e86363572b204631dbcbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:55 GMT
Server: ECS (amb/6B88)
Content-Length: 471
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
GET /NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
www.rbfcu.org/NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 1.2 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
Hash a025ce93659c13ee48c102c1bf6904c1
d5acabdaf052c03026edb9328aa20dd6849f284a
54b251089798d44616b8255e9e64b535cbe97f7bb1f2d070a9175e2b11747e0d
GET /NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 45452
Date: Fri, 23 Sep 2022 15:02:24 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA4
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!6gUpCF/uwgk4TuhAkMUA10oZ0F/2r0qsf8pEB6xXwgspcttjmSpCvjkGpblPLWdbtEJSLWr/oL7/wgs=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 114 B URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
File type ASCII text, with CRLF line terminators
Hash 29ff40f45cf15e206cf0e07f9101209b
ccb83f746066dcda98f90e8aafb5abc67338c07a
9b4694e3039b77de3a1fb1abba77bd96809ce43234b1cef398178ed9f54a9bf7
GET /NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 45453
Date: Fri, 23 Sep 2022 15:02:23 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS3
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!wB5lMA9/Uz6itT1AkMUA10oZ0F/2r/yPmdevAiRiOFmSRHfvOPyOtiz+K4gHw/9L2udGzL8jWCPDdTA=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gszPM7EMQoiywDHEE4qaQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PClwQzeDCD/AGpNhzBkA++A/5LI=
www.rbfcu.org/NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 14 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
File type assembler source, ASCII text, with very long lines (325), with CRLF line terminators
Hash 5e1b6d02febad06c3c474b7ccf3242db
087c1fe6f79b7f551c2add530aa83883aa3a3032
a4953551f043d2fefd1256393b824cbd1003abe746db1e1accd99dfc23d83a6e
GET /NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 32780
Date: Fri, 23 Sep 2022 18:33:38 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Wed, 29 Jun 2022 19:51:42 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA4
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!EkLkRwpaoGsvU29AkMUA10oZ0F/2r3KuFwRGLM6B8wsY8l19lF4cceGc3tpmAUZnJepQ5gq3PwGhMCg=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 2.5 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
File type assembler source, ASCII text
Hash a0348d40f20ccc40608c8c958ed3e67c
525043a9496f6d35e33a1a71d3b6f52ec0d135c2
98e577dff603acbe3df7e2a3ce161741765d4e8b231b7697f234212fcd232a01
GET /NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 32776
Date: Fri, 23 Sep 2022 18:33:42 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Wed, 29 Jun 2022 19:51:44 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!5bS0U4uzbK5DIqZAkMUA10oZ0F/2r3SJ5C8Nlz1lY0hMSlAoQCvyNsDSlmnTdRtypmLpNjoz5l1H+DQ=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/general.css?upd=542
107.162.179.221200 OK 6.5 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/general.css?upd=542
IP 107.162.179.221:0
File type ASCII text, with CRLF line terminators
Hash 48b47cc184f61d806d091bbedae7ccce
9ffe793d27fb10767fa7ddfa0a82bd69c5f1303e
3255ad265adc75929c18b555825cb458594c0d0bca532d89066da02493ef5865
GET /NBO/assets/css/general.css?upd=542 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 23026
Date: Fri, 23 Sep 2022 21:16:11 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/forms.css?upd=543
107.162.179.221200 OK 4.2 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/forms.css?upd=543
IP 107.162.179.221:0
File type ASCII text, with CRLF, LF line terminators
Hash ac36970b94097b0a6b87df3e4038543b
aac09d9010d9768003219df73bd4cd4cc75a9ef0
644219a983b0aac11b275194773b7c28305a91bc30e8619ef2eaebf67c4472f9
GET /NBO/assets/css/forms.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 23026
Date: Fri, 23 Sep 2022 21:16:11 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/tables.css?upd=543
107.162.179.221200 OK 4.4 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/tables.css?upd=543
IP 107.162.179.221:0
Hash 6f30d2dfb9334b803a64115a09ee0514
66c634f6fc09438ed972b8c3460a5466bf1d19ae
5f7fa404b4cb0dd5be95312360acb646b9b1d194a38e821bc15992db847a4505
GET /NBO/assets/css/tables.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 23026
Date: Fri, 23 Sep 2022 21:16:12 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
GET /NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
www.rbfcu.org/NBO/assets/css/print.css?upd=543
107.162.179.221200 OK 876 B URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/print.css?upd=543
IP 107.162.179.221:0
Hash fb0070d0acdc7f98ec86305f286d863b
cad50ba27361167699186ce9a2c20ecf1cf16fed
becb7ab334081cde0535c42c199eaf539e15ff8e7e8fa62823644b05032f09c2
GET /NBO/assets/css/print.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 23026
Date: Fri, 23 Sep 2022 21:16:12 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:14 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/colors.css?upd=543
107.162.179.221200 OK 1.7 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/colors.css?upd=543
IP 107.162.179.221:0
Hash df3996f8f9f4dfd4130ed12d34ba9949
6513e274dfb205cf38a2e66c5fe4a96bb39335e6
9f574443d1b4af964d23411e63f9170aede32bf4770dee8793053d0408df3717
GET /NBO/assets/css/colors.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 23027
Date: Fri, 23 Sep 2022 21:16:11 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!K8TFJqoo7LkuDJ5AkMUA10oZ0F/2r6r6zI+p+Mis+J+HNofdZwNMuvcp26uozhdreWxHhayYV6Oe9/s=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/font-awesome.min.css?upd=543
107.162.179.221200 OK 9.1 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/font-awesome.min.css?upd=543
IP 107.162.179.221:0
File type ASCII text, with very long lines (30837)
Hash 7070c2d3f692c558490a79402e8b0dbf
5b3ece0d2d5eb3c5391922afb21cf27760b7c174
70983587cdbda3b737fb3d60ba242143460564e032abddd789ba386f76213eb0
GET /NBO/assets/css/font-awesome.min.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 23027
Date: Fri, 23 Sep 2022 21:16:11 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!FG/MerUMEKr62gVAkMUA10oZ0F/2ryqbB8sH7nVFwbNWWavsSfripAk8WMmWoG0mKh8GfAjGNvH/hLA=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
172.217.21.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
IP 172.217.21.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 33d4d393398b5bb2e6542ec3c6db8414
7fdd5381c4b5ad32147fe6e27480f15a1b73f76c
e1f1c6537cc1dc1833d6bdaae1e37d22b6c94613ab8826520bd3c1dff0571ccf
GET /gtm.js?id=GTM-5B5PGN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 24 Sep 2022 03:39:56 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bmemberservicexxxx1ax.syno-ds.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:39 GMT
expires: Tue, 19 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 377177
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bmemberservicexxxx1ax.syno-ds.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 201948
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rbfcu.org/NBO/assets/img/redesign-icons/locate-branch-orange.svg
107.162.179.221200 OK 1.8 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/locate-branch-orange.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (709)
Hash 13b566dce2613be3e009ffb5e247f2a9
27d576b054500fc6e1d3687524f31198bba198a9
0658dde45a3100670a452f32dc2eef8ab127ea26bae103c34c0b7b3d743f0a4f
GET /NBO/assets/img/redesign-icons/locate-branch-orange.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22862
Date: Fri, 23 Sep 2022 21:18:56 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Length: 1809
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/EHL-logo-gray.svg
107.162.179.221200 OK 1.6 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/EHL-logo-gray.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (364)
Hash 4c3e76f3539f8138ce127058adda3f16
3d24cf4b8ac04557b1cb49ba5200e06513bc5136
8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152
GET /NBO/assets/img/redesign-icons/EHL-logo-gray.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22931
Date: Fri, 23 Sep 2022 21:17:47 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 1613
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/white-phone-header.svg
107.162.179.221200 OK 1.7 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/white-phone-header.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (845)
Hash 4a066fd87a48426d8cf5d81f2f1e7622
bc25e0aaa78aa736100d278b1a4beb5fa46db78b
2c0b8abef50020a91c0b8f07a8478c65eea5bd77446467b9a44ae1b1d98828b7
GET /NBO/assets/img/redesign-icons/white-phone-header.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22931
Date: Fri, 23 Sep 2022 21:17:48 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Length: 1653
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/send-reg-mail-olive.svg
107.162.179.221200 OK 6.8 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/send-reg-mail-olive.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4432)
Hash 9929514c11d33bfe2a6799469f364d86
de2d9b60c8e7d9280b6e651e0083ccce21b3576b
4e2bff0068e8833892e2a07e86e168f9ce05b57bb0820ae9b67b7802781704b1
GET /NBO/assets/img/redesign-icons/send-reg-mail-olive.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 45451
Date: Fri, 23 Sep 2022 15:02:26 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 6764
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/rbfcu-logo.svg
107.162.179.221200 OK 5.4 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/rbfcu-logo.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5383), with no line terminators
Hash 2d436455d162d3e00f0ca92055cef754
5b64a30fd987d469bd818fc8ed6a4ed89b873d02
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884
GET /NBO/assets/img/redesign-icons/rbfcu-logo.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22931
Date: Fri, 23 Sep 2022 21:17:48 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Length: 5383
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/gray-phone-footer.svg
107.162.179.221200 OK 1.7 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/gray-phone-footer.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (845)
Hash cb033ded6c1f2f925259cc1d79c1c386
393c06fb6736af1a32e122feba480012716ecaf6
ae9a2a53c52aa5ee5f447598cfd3dc771459349e9bbb2f1f82a9d1d875246d74
GET /NBO/assets/img/redesign-icons/gray-phone-footer.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22863
Date: Fri, 23 Sep 2022 21:18:56 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 1653
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
172.217.21.168200 OK 84 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
IP 172.217.21.168:0
File type Unicode text, UTF-8 text, with very long lines (44551)
Hash 1aee68697da18efb9a99fcd722b1d1b2
4fd552106d3759df5cd2ba49e3cfc42f52b3ddb0
ce3837f48691ccb0671b1d2ff54cad58d7ddbbe5305cf7740f2206e1a0b24cf7
GET /gtm.js?id=GTM-5B5PGN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 03:39:56 GMT
expires: Sat, 24 Sep 2022 03:39:56 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET /NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
www.rbfcu.org/NBO/assets/img/gloss.png
107.162.179.221200 OK 1.1 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/gloss.png
IP 107.162.179.221:0
File type gzip compressed data, max compression\012- data
Hash e87258dc6a0e7c73c4861a6d824e650f
eb9b2d2dd22079e4c8e19a4013c7c4044fa5b446
a8f7990eacb47431430fed63f6fb76f6bf8dc3de1d489948a8d512a3913841cc
GET /NBO/assets/img/gloss.png HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/forms.css?upd=543
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 20764
Date: Fri, 23 Sep 2022 21:53:54 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 399
Content-Type: image/png
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
www.rbfcu.org/NBO/assets/img/redesign-icons/call-member-services-blue.svg
107.162.179.221200 OK 1.9 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/call-member-services-blue.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (750)
Hash b5b5a34c5ba5d972249fcdd7a26ceb3d
f02d36454cb31a73cbc672fe95ebcaa0bdd432e4
abc9fe01ce6f914e95ca82f3a92dc6fad4301e74db572714db706c938aa8a6ef
GET /NBO/assets/img/redesign-icons/call-member-services-blue.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22862
Date: Fri, 23 Sep 2022 21:18:57 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:14 GMT
Content-Length: 1859
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/NCUA-gray.jpg
107.162.179.221200 OK 3.0 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/NCUA-gray.jpg
IP 107.162.179.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 96x40, components 3\012- data
Hash d80aab3eb6561429fe8e8492f6d0536f
e33730a2c6f2767ca5df99c54062da34813ba5ff
07c30c3c7a4f0be68f1435fce0f5ad1bd975c078d6615f10db02b82a24d2e5d6
GET /NBO/assets/img/redesign-icons/NCUA-gray.jpg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 22863
Date: Fri, 23 Sep 2022 21:18:56 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Length: 3001
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/send-email-blue.svg
107.162.179.221200 OK 2.0 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/send-email-blue.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (486)
Hash d8dfad42f1093203fc216df58447df6a
16c8ba02821191ba9ee5c80af56775a46e411d9d
0485a7fb75a2337825e6fef13a41ae4baeb10de565cb6f32eae708e9c293fdae
GET /NBO/assets/img/redesign-icons/send-email-blue.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 45453
Date: Fri, 23 Sep 2022 15:02:24 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit4010
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Length: 1965
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS3
Strict-Transport-Security: max-age=31536000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c0c0fad8096bc252b17b37fb6b081da
7be5fd67940d59e6ec825096e9dffc95d4bacf95
60790d372fe87d1cbef9a734b51d083ab2044ac3777c6b54e8c789b187570084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60790D372FE87D1CBEF9A734B51D083AB2044AC3777C6B54E8C789B187570084"
Last-Modified: Wed, 21 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2467
Expires: Sat, 24 Sep 2022 04:21:03 GMT
Date: Sat, 24 Sep 2022 03:39:56 GMT
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=47224
date: Sat, 24 Sep 2022 03:39:56 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
fullstory.com/s/fs.js
147.75.40.150301 Moved Permanently 48 B IP 147.75.40.150:0
File type ASCII text, with no line terminators
Hash 7b12595d471f02dde9ebc1b7c701e936
77abfc06684d022f59656235c475fbe61775da94
7bc37f83786f13fe81ada038f604a9256dd3da7722b885ee8fdace203fbc5752
GET /s/fs.js HTTP/1.1
Host: fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bmemberservicexxxx1ax.syno-ds.de
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
age: 12386
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Sat, 24 Sep 2022 00:13:30 GMT
location: https://www.fullstory.com/s/fs.js
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GDPS94M9RF3BAWKQ42YA5PPR
x-xss-protection: 1; mode=block
content-length: 48
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 19826
Date: Sat, 24 Sep 2022 02:20:50 GMT
Expires: Sat, 24 Sep 2022 04:20:50 GMT
Cache-Control: public, max-age=7200
Age: 4746
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=2FD1BEF6849069A83B84ACDF85C7687E; domain=.bing.com; expires=Thu, 19-Oct-2023 03:39:56 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: E486E70EB6634010AE0AB906DD9550A9 Ref B: OSL30EDGE0317 Ref C: 2022-09-24T03:39:56Z
Date: Sat, 24 Sep 2022 03:39:56 GMT
www.google-analytics.com/j/collect?v=1&_v=j97&a=97218780&t=pageview&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=416334405&gjid=407394055&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796&_r=1>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&z=1598308212
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=97218780&t=pageview&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=416334405&gjid=407394055&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796&_r=1>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&z=1598308212
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j97&a=97218780&t=pageview&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=416334405&gjid=407394055&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796&_r=1>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&z=1598308212 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bmemberservicexxxx1ax.syno-ds.de
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://bmemberservicexxxx1ax.syno-ds.de
date: Sat, 24 Sep 2022 03:39:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=4031169&Ver=2&mid=e1f59d73-e206-45f2-a25b-750668010fde&sid=8e9233d03bba11ed8b8887eafe6f4846&vid=8e9220303bba11ed96dea34976bf8c16&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%3A%20Online%20Banking%20Logon&p=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&r=<=2468&evt=pageLoad&sv=1&rn=174837
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=4031169&Ver=2&mid=e1f59d73-e206-45f2-a25b-750668010fde&sid=8e9233d03bba11ed8b8887eafe6f4846&vid=8e9220303bba11ed96dea34976bf8c16&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%3A%20Online%20Banking%20Logon&p=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&r=<=2468&evt=pageLoad&sv=1&rn=174837
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=4031169&Ver=2&mid=e1f59d73-e206-45f2-a25b-750668010fde&sid=8e9233d03bba11ed8b8887eafe6f4846&vid=8e9220303bba11ed96dea34976bf8c16&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%3A%20Online%20Banking%20Logon&p=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&r=<=2468&evt=pageLoad&sv=1&rn=174837 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=14052EA5C2786E212F033C8CC38D6F09; domain=.bing.com; expires=Thu, 19-Oct-2023 03:39:57 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00B80ED806784CD982FACCA09FB8A2FA Ref B: OSL30EDGE0509 Ref C: 2022-09-24T03:39:57Z
date: Sat, 24 Sep 2022 03:39:56 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1663990795982%26url%3Dhttp%253A%252F%252Fbmemberservicexxxx1ax.syno-ds.de%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKM0oeszuh8EwAAAYNtlJL6p43RHUyQGhMavYDui9j0JWbBzefuj8eXwJM5MjscRQ4do-nbIGdR4g; Max-Age=2592000; Expires=Mon, 24 Oct 2022 03:39:57 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLnTGS77mCP1gAAAYNtlJL6K8Hq3jDyclGDOacA3_FIS6w0b0LzOYOa0wv0__a6S_P79gsa_Jxx7A-KxZgybw; Max-Age=2592000; Expires=Mon, 24 Oct 2022 03:39:57 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&fec34516-f3df-4285-8c18-af81605efa56"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 24-Sep-2023 03:39:57 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2394:u=1:x=1:i=1663990797:t=1664077197:v=2:sig=AQF1zMbPNx0RJyz13LnEjNkTlo4qSpZW"; Expires=Sun, 25 Sep 2022 03:39:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpZAxd/E1+U+Wf0iFkCw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 92E4D96B780E4F1F981089EA10B6E7BD Ref B: OSL30EDGE0111 Ref C: 2022-09-24T03:39:56Z
date: Sat, 24 Sep 2022 03:39:56 GMT
content-length: 0
X-Firefox-Spdy: h2
bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/header-footer-redesign.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/NBO/assets/js/header-footer-redesign.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET /NBO/assets/js/header-footer-redesign.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
bmemberservicexxxx1ax.syno-ds.de/favicon.ico
210.16.120.193404 Not Found 734 B URL HTTP/1.1 bmemberservicexxxx1ax.syno-ds.de/favicon.ico
IP 210.16.120.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f85cb5232b8dbae0b4b53325df6525b1
c0bc45910951e804cc91a7da5e9b8aabc5104e8b
b9e5a859f39f34048e8c5ce90653f3313c9c0c9d815deb657af95a7905c931b0
Analyzer Verdict Alert openphish RBFCU
GET /favicon.ico HTTP/1.1
Host: bmemberservicexxxx1ax.syno-ds.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 03:39:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 17:07:34 GMT
ETag: W/"5bf-5e8a62a3ead5d"
Content-Encoding: gzip
bat.bing.com/p/action/4031169.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/4031169.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/4031169.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=05C4F411F472636E0EC3E638F5876227; domain=.bing.com; expires=Thu, 19-Oct-2023 03:39:57 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E0C30AB889F4CEC8CDCBCA94B72CD30 Ref B: OSL30EDGE0509 Ref C: 2022-09-24T03:39:57Z
date: Sat, 24 Sep 2022 03:39:56 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10698
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 03:39:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10698
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 03:39:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 20581
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10698
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 03:39:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 007aba90cc24589b974c6039372121d3
c308f846b81275e50122f99a229ae3fec0b5fe4c
dac4561f24f52c33e79e86b0794eab704866a879d6967ec120fdf7bc5a4e2d8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6294
x-amzn-requestid: 4007bdf7-f31a-414b-8711-f319aa09692b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruHG-loAMF-QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-18dc206b23fe3e383c1eb9cc;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C-XyRAhMGXUgsUrSD0ecJs-6vZMpE5pLjNShVhWYuyNOlehUMFmwmw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 21128
etag: "c308f846b81275e50122f99a229ae3fec0b5fe4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10698
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 03:39:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:05:15 GMT
age: 20082
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09db434-67f2-44ab-86f2-081df7e6af92.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09db434-67f2-44ab-86f2-081df7e6af92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b0e3ac4e16f6dc66a26a4389761d0a
e2e1b87dc1e205d437648f89cd6d0ad21019d662
1e2cd2c842e3aea339ba0c18267af45fd110e70d6e86ad1dab7b65b007afcc16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09db434-67f2-44ab-86f2-081df7e6af92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8208
x-amzn-requestid: 0fd39a74-3b99-41d6-ba1c-87cb53d8a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shFFwQoAMFfvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-5774d24f791810730183da18;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xnh0Z31k7bB0YOTDFrGKElc7qZjiNxIEpl_Vl8i8jn7GUDLE31Azxg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:55:51 GMT
age: 20646
etag: "e2e1b87dc1e205d437648f89cd6d0ad21019d662"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b722574c0e6f63a78a19eff0f100ae4
96185aa90e560a4bd9462cef2e280561ee557413
c5b1012f1fca39d949f4b70e69b94bc6e03521d93ab8c38bb30d2c9c43bac633
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12087
x-amzn-requestid: bf12c6c6-f19a-4b64-8c40-1df852974bf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvRCsFT-oAMFjpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63292edd-20450d0447040267001aec49;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 03:09:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0OoSYE6sXnwYypoUrCrlgw-ATlPc1RnVOrdw900lXRERPBDLUEP1LQ==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 05:45:53 GMT
age: 78844
etag: "96185aa90e560a4bd9462cef2e280561ee557413"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d78fe23-176d-4858-a42b-1f7944845b79.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d78fe23-176d-4858-a42b-1f7944845b79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2255aa8ee173094449d814a20238a8ac
7d480011939a32baf53926a144eac807ac397bcb
1db716c4c69c851100e788f78bd7c04282d6878068361e06a29fe44dd6ffee32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d78fe23-176d-4858-a42b-1f7944845b79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4866
x-amzn-requestid: d96de29c-d64e-415e-9cf7-85a0fad34967
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tCNGjuoAMFpeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2874-548fc71f4a4a9ad74298ee7a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SBMDqLaDDc-YOHE3gTp-QZSOxwzpsjHi8tLMpoQUmm8XqNdr3HFYmg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:18 GMT
age: 20919
etag: "7d480011939a32baf53926a144eac807ac397bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-6286893-1&cid=1572293489.1663990796&jid=416334405&gjid=407394055&_gid=1414153296.1663990796&_u=YEBAAEAAAAAAAC~&z=572633633
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-6286893-1&cid=1572293489.1663990796&jid=416334405&gjid=407394055&_gid=1414153296.1663990796&_u=YEBAAEAAAAAAAC~&z=572633633
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-6286893-1&cid=1572293489.1663990796&jid=416334405&gjid=407394055&_gid=1414153296.1663990796&_u=YEBAAEAAAAAAAC~&z=572633633 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bmemberservicexxxx1ax.syno-ds.de
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://bmemberservicexxxx1ax.syno-ds.de
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 03:39:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 03:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1663990795982%26url%3Dhttp%253A%252F%252Fbmemberservicexxxx1ax.syno-ds.de%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1663990795982%26url%3Dhttp%253A%252F%252Fbmemberservicexxxx1ax.syno-ds.de%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1663990795982%26url%3Dhttp%253A%252F%252Fbmemberservicexxxx1ax.syno-ds.de%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&1d43221a-ffdb-44ba-8f9c-f1deec755b1a"; Domain=.linkedin.com; Expires=Sun, 24-Sep-2023 03:39:57 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202209240339576c804385-c75f-48c2-8f93-b056215b8017AQEW7OnkWA8aZt_QacogpRcOuq-wD-u2"; Domain=.www.linkedin.com; Expires=Sun, 24-Sep-2023 03:39:57 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjM5OTA3OTc7MjswMjH8ofLccV+czRjMjwH0zSTKxng5Z9cxvRIcgg95Brb6kg==; Domain=.linkedin.com; Expires=Thu, 23 Mar 2023 03:39:57 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2390:u=1:x=1:i=1663990797:t=1664077197:v=2:sig=AQEGNqy2dyZpqx1ffCN8OEKexwDt-kke"; Expires=Sun, 25 Sep 2022 03:39:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpZAxgqLWMEflPwfLFdg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B484EC39F7084B508AD1F19B3C1DBDC6 Ref B: OSL30EDGE0111 Ref C: 2022-09-24T03:39:57Z
date: Sat, 24 Sep 2022 03:39:56 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2367698&time=1663990795982&url=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&81f17fb6-32db-44f4-8d6e-3be101f47a31"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 24-Sep-2023 03:39:57 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2390:u=1:x=1:i=1663990797:t=1664077197:v=2:sig=AQEGNqy2dyZpqx1ffCN8OEKexwDt-kke"; Expires=Sun, 25 Sep 2022 03:39:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpZAxjSjtSz6RMIHShuA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 262827CFF8D4460CAF754299A4ABAF70 Ref B: OSL30EDGE0111 Ref C: 2022-09-24T03:39:57Z
date: Sat, 24 Sep 2022 03:39:57 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=25%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=2011002216
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=25%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=2011002216
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=25%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=2011002216 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 24 Sep 2022 02:08:04 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 5513
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
www.google-analytics.com/collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=792195019
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=792195019
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=792195019 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 24 Sep 2022 02:08:04 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 5513
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
www.google-analytics.com/collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=1887041028
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=1887041028
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j97&a=97218780&t=event&ni=1&_s=1&dl=http%3A%2F%2Fbmemberservicexxxx1ax.syno-ds.de%2F&ul=en-us&de=UTF-8&dt=RBFCU%3A%20Online%20Banking%20Logon&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=%2F&el=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1572293489.1663990796&tid=UA-6286893-1&_gid=1414153296.1663990796>m=2wg9l05B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=bmemberservicexxxx1ax.syno-ds.de%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=1887041028 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 24 Sep 2022 02:08:04 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 5513
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
use.fontawesome.com/releases/v5.0.12/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.0.12/css/all.css
IP 172.64.133.15:0
GET /releases/v5.0.12/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmemberservicexxxx1ax.syno-ds.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 03:39:55 GMT
content-type: text/css
x-amz-id-2: I0Lm2VCdrSpdIHeAIrkWu5SU5nkW8KnJ4EV+K6IU2O0jQWW6/C00Hn53L/H2hxgomNiLLlFORL0=
x-amz-request-id: F0PP8KQN4FATFHJG
last-modified: Wed, 30 Jun 2021 15:27:17 GMT
etag: W/"d896a88b71aa2ba5d6bd670429bf1bad"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28757817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNzVJxZMq1d%2BgAUOntYrBZNPkVRom1vwEIur6sdxXOo9gmPe8CgVwoYhbzpz4xElysr88E7DqturJd%2Fq6GqP7PlBi78Psvd8dOJcPS%2BzDJrqex2nvxqVvRiilNwgnABUhG%2F3b1BW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f87ee5cc8a75a9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2