server.bertuzzitravel.com/conferma/web/login.php
35.240.47.27200 OK 8.2 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/login.php
IP 35.240.47.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13690), with CRLF line terminators
Hash 2173371fe457fad028ac81b231315104
66072a44c290f0f6f4502f80ef8c7fbc13d1930a
b8503fa963aa3f99bcc510649ec95b5ca3450960d581ad4c2bfe4828825e952a
Analyzer Verdict Alert openphish Generic/Spear Phishing
GET /conferma/web/login.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Set-Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8193
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Mon, 06 Feb 2023 23:13:00 GMT
Date: Mon, 06 Feb 2023 21:35:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3371
Expires: Mon, 06 Feb 2023 22:32:03 GMT
Date: Mon, 06 Feb 2023 21:35:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 21:34:06 GMT
content-type: application/json
age: 106
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14053
Expires: Tue, 07 Feb 2023 01:30:05 GMT
Date: Mon, 06 Feb 2023 21:35:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TnnoYIZfHloTsVtbAAq70HirORZRYInCWSPhdMvk5B7nO4OX4Qvd997qC13NylUG/tMd/oJFY84=
x-amz-request-id: SKXTH7TAXNFFD7TA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 21:35:16 GMT
age: 36
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 21:35:52 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
server.bertuzzitravel.com/PasswordScaduta_Include.css
35.240.47.27404 Not Found 1.5 kB URL HTTP/1.1 server.bertuzzitravel.com/PasswordScaduta_Include.css
IP 35.240.47.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 434dc1caeecfb543efdee3bd58dfeddc
7e76b6d9bcc59d9c786bcf1596077ca7e8c90930
5e8a91801dba6e4bac5d3e298302c21a99383fa67f7e94ea006acd7d04a58d23
GET /PasswordScaduta_Include.css HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Fri, 03 Feb 2023 15:29:20 GMT
ETag: "5aa-5f3cd5869806b"
Accept-Ranges: bytes
Content-Length: 1450
Connection: close
Content-Type: text/html
server.bertuzzitravel.com/conferma/web/res/source.css?v=55
35.240.47.27200 OK 27 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/source.css?v=55
IP 35.240.47.27:0
File type ASCII text, with CRLF line terminators
Hash 9d3430db34e037b0e3c979b841b87aab
63a7812ae8a2cd6944659b122c35819ebf47cf07
99b0d269520b0f2cf673adfffa2456aba73771e7e45c7aac592fdee9abe7df94
GET /conferma/web/res/source.css?v=55 HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:34 GMT
ETag: "24eea-5f3e4f52c2a89-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26589
Connection: close
Content-Type: text/css
server.bertuzzitravel.com/conferma/web/res/info-information-circle.svg
35.240.47.27200 OK 822 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/info-information-circle.svg
IP 35.240.47.27:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (822), with no line terminators
Hash de6f9bb9f89689d268ff3bb9bdfed24c
da340ab7b7384c68b9fb0deb072c911238941479
27a9a24907f8907c98afcf081684fe8fe95f3381ef49ff0d56c9e8e1eb525b6f
GET /conferma/web/res/info-information-circle.svg HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:33 GMT
ETag: "336-5f3e4f51a6746"
Accept-Ranges: bytes
Content-Length: 822
Connection: close
Content-Type: image/svg+xml
server.bertuzzitravel.com/conferma/web/res/eye-hide.svg
35.240.47.27200 OK 2.3 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/eye-hide.svg
IP 35.240.47.27:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2105), with CRLF line terminators
Hash 2280199dcaecd21f0e7399a68563efb8
754041887e22f6abe406313cae22115e8b4ac9a7
6c46bf722fb11c3066171661ece073b58b6ea6c16b00a9d3cc162a6f215b57f1
GET /conferma/web/res/eye-hide.svg HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:32 GMT
ETag: "92a-5f3e4f50dc4a0"
Accept-Ranges: bytes
Content-Length: 2346
Connection: close
Content-Type: image/svg+xml
server.bertuzzitravel.com/conferma/panel/res/jq.js
35.240.47.27200 OK 31 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/res/jq.js
IP 35.240.47.27:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 5c9be68fc77842021ef0cc49b85bf798
cda55672211fa73c458014c61598aa97c52eb430
2664c2cafdeba32970a06ad15374ee1cf022e87bd5737c2328dc5600958317b7
GET /conferma/panel/res/jq.js HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:30 GMT
ETag: "15d9d-5f3e4f4eec274-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30905
Connection: close
Content-Type: application/javascript
server.bertuzzitravel.com/conferma/web/res/eye-show.svg
35.240.47.27200 OK 2.0 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/eye-show.svg
IP 35.240.47.27:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1717), with CRLF line terminators
Hash 549c9c3370ccd127db959e0afe296697
d6dd5fe853bfe70b1456f8d66e4526dfd4376f92
6676b05ef9626756989d9dbc09608830af666a330ad1bfa12438b9775330c474
GET /conferma/web/res/eye-show.svg HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:32 GMT
ETag: "7a6-5f3e4f50e0321"
Accept-Ranges: bytes
Content-Length: 1958
Connection: close
Content-Type: image/svg+xml
server.bertuzzitravel.com/conferma/web/res/main_separatore_5_5.gif
35.240.47.27404 Not Found 1.5 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/main_separatore_5_5.gif
IP 35.240.47.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 434dc1caeecfb543efdee3bd58dfeddc
7e76b6d9bcc59d9c786bcf1596077ca7e8c90930
5e8a91801dba6e4bac5d3e298302c21a99383fa67f7e94ea006acd7d04a58d23
GET /conferma/web/res/main_separatore_5_5.gif HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Fri, 03 Feb 2023 15:29:20 GMT
ETag: "5aa-5f3cd5869806b"
Accept-Ranges: bytes
Content-Length: 1450
Connection: close
Content-Type: text/html
server.bertuzzitravel.com/conferma/web/res/back.jpg
35.240.47.27200 OK 54 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/back.jpg
IP 35.240.47.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x455, components 3\012- data
Hash 6cd269c304dd1eea2b53202ffc12d747
801127f7fafcbffaffc6c072491f8406bb7bd6a2
bcedd8f5b1acb515cecfe911027e6a0dfeb447b4e9c8613f5e4fab67930b7d54
GET /conferma/web/res/back.jpg HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:32 GMT
ETag: "d32a-5f3e4f5095f87"
Accept-Ranges: bytes
Content-Length: 54058
Connection: close
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 21:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 21:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 21:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/web/res/main_separatore_5_5.gif
35.240.47.27404 Not Found 1.5 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/main_separatore_5_5.gif
IP 35.240.47.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 434dc1caeecfb543efdee3bd58dfeddc
7e76b6d9bcc59d9c786bcf1596077ca7e8c90930
5e8a91801dba6e4bac5d3e298302c21a99383fa67f7e94ea006acd7d04a58d23
GET /conferma/web/res/main_separatore_5_5.gif HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Fri, 03 Feb 2023 15:29:20 GMT
ETag: "5aa-5f3cd5869806b"
Accept-Ranges: bytes
Content-Length: 1450
Connection: close
Content-Type: text/html
server.bertuzzitravel.com/conferma/web/spy.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/spy.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /conferma/web/spy.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:52 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 21:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 10:25:03 GMT
expires: Mon, 05 Feb 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 126650
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:08 GMT
expires: Wed, 31 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 580005
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
server.bertuzzitravel.com/conferma/web/res/icon-headset.png
35.240.47.27200 OK 15 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/icon-headset.png
IP 35.240.47.27:0
File type PNG image data, 18 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash aa430c070840a66c4664fa2f582d7c94
2622948f3506c9ae8f2197344265de3f35f0e570
bcedcafd81248b08cb428b22618a38866d0cee85b4e9ecd27ef734d0533e2792
GET /conferma/web/res/icon-headset.png HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/res/source.css?v=55
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:33 GMT
ETag: "3c35-5f3e4f516022e"
Accept-Ranges: bytes
Content-Length: 15413
Connection: close
Content-Type: image/png
server.bertuzzitravel.com/conferma/web/res/icon-user.png
35.240.47.27200 OK 17 kB URL HTTP/1.1 server.bertuzzitravel.com/conferma/web/res/icon-user.png
IP 35.240.47.27:0
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 16dd3b0879da68623d1ba4df22df6373
6c4178ec861865e43450c7a37715aace1160967c
a525f163e73542be1b82c5ae4e4beed74d137d56161ac5b02833a279ef6d9b61
GET /conferma/web/res/icon-user.png HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/res/source.css?v=55
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Sat, 04 Feb 2023 19:39:33 GMT
ETag: "43f1-5f3e4f5169e71"
Accept-Ranges: bytes
Content-Length: 17393
Connection: close
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 21:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
server.bertuzzitravel.com/favicon.ico
35.240.47.27404 Not Found 1.5 kB URL HTTP/1.1 server.bertuzzitravel.com/favicon.ico
IP 35.240.47.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 434dc1caeecfb543efdee3bd58dfeddc
7e76b6d9bcc59d9c786bcf1596077ca7e8c90930
5e8a91801dba6e4bac5d3e298302c21a99383fa67f7e94ea006acd7d04a58d23
GET /favicon.ico HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Fri, 03 Feb 2023 15:29:20 GMT
ETag: "5aa-5f3cd5869806b"
Accept-Ranges: bytes
Content-Length: 1450
Connection: close
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 20:51:19 GMT
age: 2674
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16497
Expires: Tue, 07 Feb 2023 02:10:50 GMT
Date: Mon, 06 Feb 2023 21:35:53 GMT
Connection: keep-alive
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
44.227.109.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.109.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VxFASapcP4hehBNW8z+HQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6mYLa/PjrZMrEzptNZSIwXgthOU=
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:53 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:54 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:54 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9756
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 21:35:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9756
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 21:35:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9756
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 21:35:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9756
Expires: Tue, 07 Feb 2023 00:18:30 GMT
Date: Mon, 06 Feb 2023 21:35:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:39 GMT
age: 84135
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 85551
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 85318
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 85551
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LXNdWi5iKCUI61c2z3spsg5_DGu1jnZ4cIACc3MCmqWP57RveBMGw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 85551
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:33:53 GMT
age: 205
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:54 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:54 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:55 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:55 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:55 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:55 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:56 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:56 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:56 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:56 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:57 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:57 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:57 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:57 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:58 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:58 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:58 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:58 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:59 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:59 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:59 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:35:59 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:36:00 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:36:00 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 0 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:36:00 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
server.bertuzzitravel.com/conferma/panel/classes/processor.php
35.240.47.27200 OK 1 B URL HTTP/1.1 server.bertuzzitravel.com/conferma/panel/classes/processor.php
IP 35.240.47.27:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
NIDS Severity Alert suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
suricata medium ETPRO HUNTING Observed HTTP POST with panel in URI
POST /conferma/panel/classes/processor.php HTTP/1.1
Host: server.bertuzzitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: http://server.bertuzzitravel.com
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/conferma/web/login.php
Cookie: PHPSESSID=buj35j76q69jcj452sus5u4rjk
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 21:36:00 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Lato:300,400,700,900
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700,900
IP 142.250.74.74:0
GET /css?family=Lato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://server.bertuzzitravel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 21:35:52 GMT
date: Mon, 06 Feb 2023 21:35:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2