www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
31.11.32.207 5.9 kB URL User Request GET www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
IP 31.11.32.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1843)
Hash f8c7935b5ca77e488dc69ae93e204204
27a7866f4a348e062cedceb1dd76b4090d7faa43
c3533d2dd48df4286579a299033014698b239b1f89e2491c923fb2af7b37ee42
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/secure.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 5878
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/normalize.css
31.11.32.207200 OK 2.7 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/normalize.css
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Hash 4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
GET /public/buchershoerling2023/metahbcha/meta/normalize.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 2668
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
31.11.32.207200 OK 684 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 684
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2b584ec08c873a804d91c45130ef56f3
ca181ab06847214d8e83257f3d14efed884cc07b
c671642f97a876669639efda28c44417e472c318ff1fc5192616f03785099b37
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7166
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
31.11.32.207404 Not Found 4.7 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1d8f1891384ed380ca82f2ebf95e4f2a
fe3c0809da5af7f8bc12a98695f08df48b078b48
0318b7b54f8dd45847178133e47f070f519cf8f165a2fd86400d677f1ca12ec2
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4724
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
31.11.32.207404 Not Found 4.7 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 03aba95c5f3d0d5762b650c88d0fbd1c
88a716472e9587842cbbed5a7a2ecec89d70af28
15b1fe9de34bf59f3f51606b64c5441685a65d9dc5991c0c18579637d276b442
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4730
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2f1694bae80c5e3e797114c03df3dd1c
888e7de973f41d964859e99af3f7b75361029250
f92d13824588dd31eefd892f723e76dc52a7f8aa1dde937b272fb064788b95b7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7160
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash c6c16f927b253ac9bab287ea3a0ee68b
2981ade953eb64174b940c6ed684eb2121bb902f
af726fc743a251120f0fb66ab8654ee29ed702ea3c148f34d47bf0b7b8bc15c3
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7200
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 4856425e787a31c638be45c49a2cfb0e
883bc0de0359dea701b2d1c7f13a05b26ea1c72c
900b445c6f135f6eec75b047a3ce19b29e774dccf9ff06278a862d6e5fb18d03
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7164
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 701073ecf49d46fccca16899d7a23165
76848c8f0ae3116470d2d15ffdc5de5ad511cf7b
18ae816fef89bd5c358a1f2842613eb3ea3d0e9f53e7b783bbfff3adca549bad
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7160
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 698d53ae7d05bbfb89697c4430467602
74e5df54e8cec2b1a45e0b26acef4724e9f0e021
e6b5b828369d7be5384d9ebb8c392d441dab2151ff984f778d47f8b008740182
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7182
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.css
31.11.32.207200 OK 9.3 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.css
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash 13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
GET /public/buchershoerling2023/metahbcha/meta/webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 9297
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 6fe2f91eb441ca6b8a82eab8868c5e47
4492687dbf09382fe245870963e642b4d7d68628
3f1bc838e4bef51f12d98a9535f0e302c4689596d18ecb84e97b2a82395c677c
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7150
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js
31.11.32.207200 OK 312 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Hash 5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/plx.chock.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 312
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7172
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 85f470259fd4f911575322503edcc872
6e389ae2783b745c134df01c025abe0fad3589b4
5cad597dc91970dd7c155d2804fdb01f1c5571df5f44e62aef4174787f4058eb
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7152
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
31.11.32.207200 OK 18 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Hash d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
GET /public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 17472
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/mm-logo.svg
31.11.32.207200 OK 12 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/mm-logo.svg
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/mm-logo.svg HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "8d686b28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 12019
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7172
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2f1694bae80c5e3e797114c03df3dd1c
888e7de973f41d964859e99af3f7b75361029250
f92d13824588dd31eefd892f723e76dc52a7f8aa1dde937b272fb064788b95b7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7160
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 4856425e787a31c638be45c49a2cfb0e
883bc0de0359dea701b2d1c7f13a05b26ea1c72c
900b445c6f135f6eec75b047a3ce19b29e774dccf9ff06278a862d6e5fb18d03
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7164
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
31.11.32.207200 OK 684 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 684
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
31.11.32.207404 Not Found 4.7 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1d8f1891384ed380ca82f2ebf95e4f2a
fe3c0809da5af7f8bc12a98695f08df48b078b48
0318b7b54f8dd45847178133e47f070f519cf8f165a2fd86400d677f1ca12ec2
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4724
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 85f470259fd4f911575322503edcc872
6e389ae2783b745c134df01c025abe0fad3589b4
5cad597dc91970dd7c155d2804fdb01f1c5571df5f44e62aef4174787f4058eb
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7152
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2b584ec08c873a804d91c45130ef56f3
ca181ab06847214d8e83257f3d14efed884cc07b
c671642f97a876669639efda28c44417e472c318ff1fc5192616f03785099b37
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7166
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
31.11.32.207404 Not Found 4.7 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 03aba95c5f3d0d5762b650c88d0fbd1c
88a716472e9587842cbbed5a7a2ecec89d70af28
15b1fe9de34bf59f3f51606b64c5441685a65d9dc5991c0c18579637d276b442
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4730
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 6fe2f91eb441ca6b8a82eab8868c5e47
4492687dbf09382fe245870963e642b4d7d68628
3f1bc838e4bef51f12d98a9535f0e302c4689596d18ecb84e97b2a82395c677c
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7150
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 58bb258ae4708e8f53c37c11612445b1
841979ada732e96901203986abe9f63071745712
87ec01db16e9d16ae509a9abe7b0a2c1902d9d22197cf3d4bdfbf95e27ed2f32
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7192
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash ea307d177bfd7f187f441bf152c0733b
99ae0864a356074e5aa5da72025b608b2c731fc6
1122057b750852b23416896267ab7e4e93a47e266986795a41c63d5079bbb947
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7186
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
31.11.32.207200 OK 10 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Hash de4ff6118374a4bdddaeafc4da59b95e
22c2418e29e43fead20844c0f7009372607acb0b
724ea951d695f615e5c02d58973836560baef3341aa9eddc05824f82809e7834
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/saved_resource.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 10242
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
31.11.32.207200 OK 22 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Hash a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/anchor.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 21596
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(1).html
31.11.32.207200 OK 504 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(1).html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 938be7d50aa827110de3ba6d24f24ceb
499a6b9239bbf79c2363a2ecf3cc405a957b24ec
58092d87121c0af28a0ae8ad3e9afcfb4c50156ca369a9a2dfafc8d516a25d5c
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/saved_resource(1).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "7d207028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 504
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html
31.11.32.207200 OK 808 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "ef626428c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 808
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash c6c16f927b253ac9bab287ea3a0ee68b
2981ade953eb64174b940c6ed684eb2121bb902f
af726fc743a251120f0fb66ab8654ee29ed702ea3c148f34d47bf0b7b8bc15c3
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7200
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227200 OK 128 kB URL GET HTTP/2 fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:42 GMT
expires: Thu, 23 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
age: 520187
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html
31.11.32.207200 OK 808 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dc2b6328c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 808
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/Institutional-Illustration.png
31.11.32.207200 OK 290 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/Institutional-Illustration.png
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size 290 kB (289564 bytes)
Hash 85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
GET /public/buchershoerling2023/metahbcha/meta/Institutional-Illustration.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dd346828c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 289564
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 701073ecf49d46fccca16899d7a23165
76848c8f0ae3116470d2d15ffdc5de5ad511cf7b
18ae816fef89bd5c358a1f2842613eb3ea3d0e9f53e7b783bbfff3adca549bad
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7160
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172
www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js
31.11.32.207404 Not Found 5.0 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 482a2dfdea19364e246ba7f2a04ba751
49c82e80bed0949307f35921b62cb8a5e34522c9
f0c6137e29cb8b7edf6ef48e95687cc608067108fba3307429d28742868c1a2e
GET /public/js.hsforms.net/forms/v2.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 5022
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 698d53ae7d05bbfb89697c4430467602
74e5df54e8cec2b1a45e0b26acef4724e9f0e021
e6b5b828369d7be5384d9ebb8c392d441dab2151ff984f778d47f8b008740182
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7182
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
31.11.32.207200 OK 4.1 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 4072
www.aegtecnoservice.it/public/metamask.io/images/webclip.png
31.11.32.207404 Not Found 5.0 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/metamask.io/images/webclip.png
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 85bf5fec475c3c9f827d60314a457067
307a96a0a7cac42485ba8e7d8498549f0a3dc1f8
257be8a54661b69a3a38999178818ade763deb090b1b020f972d463c0952debc
GET /public/metamask.io/images/webclip.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 5030
www.aegtecnoservice.it/public/metamask.io/images/favicon.png
31.11.32.207404 Not Found 5.0 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/metamask.io/images/favicon.png
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash ae8ec8cfb480b3fd1037d51b93074411
0ed7b6cd89f445d86593d6ca4e0af8dd347b1f2c
45ee03263f945bd0bb2c424237325b4e573a6c553aef46ee1cb658dc8cae1a46
GET /public/metamask.io/images/favicon.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 5030
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/styles__ltr.css
31.11.32.207200 OK 24 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/styles__ltr.css
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
File type ASCII text, with very long lines (52368), with no line terminators
Hash 97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
GET /public/buchershoerling2023/metahbcha/meta/styles__ltr.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 24390
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash d064cee448396618dd3b4e91c8ff9bd1
4e32647996abca8dfea7bcfb43b0655a3e597650
62330fac13ae462bab4a742d9aa76d8bb8aa06d3d68b3b49072ce5a2953ba9cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.hsforms.net/forms-next/shell-recaptcha
104.16.186.65200 OK 1.1 kB URL GET HTTP/2 js.hsforms.net/forms-next/shell-recaptcha
IP 104.16.186.65:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b398fe98f83c84b8e686c2169573245a
6b5610c4d51770d21119485a9ac316566aae8b1c
df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724
GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 00:46:30 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 May 2023 08:37:04 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: 1neKgmSIo2kNjbv_9pCs.QkkwsDeI7HB
x-cache: Hit from cloudfront
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: OTf_wRausnXYRESqh_q6ZE4C-yLHsSyx0h5xv9n-Zuk5A-A8NP6qFQ==
age: 2463
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.631/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: cde82109-3ddf-4e85-a810-3b82eb0a7a31
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0t1YUgkrDYWi9NYhp%2B0%2B%2F4HZMQsieVdQwizzoXvJJ%2BEvJUq6cpsviaFbouKZkgMtaUB%2BP3mloNOmfqLK3gzf8quQZULoiGBfnrzGkXszVnO80M7lvqirWjZVyY3LSzC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cf2f5dedf4ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 05a780ff7f545fd7b39736808ecba320
ef8dbe57dc939734042b1752794810e68a740c5d
0c524f782a71460cc98e29c3dcbff8ffa219747707c5c6848459b3d90e0c92d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
31.11.32.207404 Not Found 7.2 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7
Analyzer Verdict Alert fortinet Phishing
GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(2).html
31.11.32.207200 OK 504 B URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(2).html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash be8f11582f8b9d35f9b9476b810c0468
59600ce9d68f20be69bbaead09ac058abf650dd2
1898ec2fd073040a6d445e0a662e7fdbccbd59946a629b82c2db1e202665f46d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/saved_resource(2).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "d7e37028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 504
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 01:44:15 GMT
Expires: Thu, 23 May 2024 01:44:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
Age: 514935
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 10:53:05 GMT
Expires: Thu, 23 May 2024 10:53:05 GMT
Cache-Control: public, max-age=31536000
Age: 482005
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3421
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35200 OK 600 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.35:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 446228
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35200 OK 530 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.35:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 549108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 431395
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
216.58.211.4200 OK 29 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
IP 216.58.211.4:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43750)
Hash c4fca3c3e5ff569f2e87db0a99cc3e08
ea22441e7150ad90a8dd8cc422b123ca1e6215a4
60bbdf24f1cf43faeca75225df588db7a8b30f89d8f589ce5a6090bcd9a7d6e1
GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 30 May 2023 00:46:30 GMT
content-security-policy: script-src 'nonce-mJhX3fohe7p4uoaAuKNTVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28612
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:55:34 GMT
expires: Tue, 28 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
age: 3057
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3422
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 544499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 529570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
216.58.211.4200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with no line terminators
Hash ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95
GET /recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Tue, 30 May 2023 00:46:31 GMT
date: Tue, 30 May 2023 00:46:31 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 21:48:58 GMT
expires: Mon, 05 Jun 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 10653
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3422
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
216.58.211.4200 OK 1.2 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP 216.58.211.4:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cb6d7e232657279fd51ef55791ce9317
4cd845aa863e1697f5effdae4590e60e3066e147
466d393ac1b7afe00b5c3e90d2e6c9298ad4c4c81cdfbc798df0b5bbd0f7c96a
GET /recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 30 May 2023 00:46:31 GMT
content-security-policy: script-src 'nonce-PihMbcS6JpZNckepB6QhKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1159
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:55:34 GMT
expires: Tue, 28 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
age: 3057
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3422
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
216.58.211.4200 OK 25 kB URL POST HTTP/3 www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (41064)
Hash d8cfcb4db953d889c4464cc295a98524
846d9e0c558715dd7784f33d5dd5e3a727948de5
5582bcc9e9ba2c8d2124e0a1f766d2f75dfecdf38d66c747a3a02e528ed255d1
POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 8053
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 30 May 2023 00:46:31 GMT
expires: Tue, 30 May 2023 00:46:31 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24874
server: GSE
set-cookie: _GRECAPTCHA=09ALyjir-iBbvjlYUMJXNn4K4B6OIIespQ6b5IZdP8UG7LxuJj7_xnh-4GkjRmrgdvxp5DFuRwPIPwIqw3zVcXDGw;Path=/recaptcha;Expires=Sun, 26-Nov-2023 00:46:31 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 544500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 529571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:43 GMT
expires: Thu, 23 May 2024 00:16:43 GMT
cache-control: public, max-age=31536000
age: 520189
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35200 OK 600 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.35:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 446230
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35200 OK 530 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.35:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 549110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 431397
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/canonical_car.png
142.250.74.35200 OK 11 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/canonical_car.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 98 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash a4741c6089e163f0e5c0cdb2c698a03e
03b190c8d9350802cbabbccd2757cff1fb7115f0
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
GET /recaptcha/api2/canonical_car.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 11174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 17:48:40 GMT
expires: Sat, 03 Jun 2023 17:48:40 GMT
cache-control: public, max-age=604800
age: 197872
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/payload?p=06AL8dmw8ZEEAn1akxSCywgDYpgl898p3xJKX84yIEdrd0xt8N4jRuhpJwxg1hn20k7iACyIZibHJJ6CxG0uJQC6Ys69ih3ydNxf3ZiG6XgzmQSs1WXaMhNyMrSkb6wK9baqrPE7fzE_8EJeOnHtkmkUn769aoVqx--vO9UO585UusBzaRjvqHt9zpPDSGiifNM5x5Kw2VUch_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
216.58.211.4200 OK 43 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/payload?p=06AL8dmw8ZEEAn1akxSCywgDYpgl898p3xJKX84yIEdrd0xt8N4jRuhpJwxg1hn20k7iACyIZibHJJ6CxG0uJQC6Ys69ih3ydNxf3ZiG6XgzmQSs1WXaMhNyMrSkb6wK9baqrPE7fzE_8EJeOnHtkmkUn769aoVqx--vO9UO585UusBzaRjvqHt9zpPDSGiifNM5x5Kw2VUch_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a6d97fa590265a6427b32311b090d4b3
ecb2f3a280220ecba2a4223deddb8b2bfb529634
f9ca86fd76f395c59d4259e08cd3e345fdf88d4622311bf240d4e3d902f4b357
GET /recaptcha/enterprise/payload?p=06AL8dmw8ZEEAn1akxSCywgDYpgl898p3xJKX84yIEdrd0xt8N4jRuhpJwxg1hn20k7iACyIZibHJJ6CxG0uJQC6Ys69ih3ydNxf3ZiG6XgzmQSs1WXaMhNyMrSkb6wK9baqrPE7fzE_8EJeOnHtkmkUn769aoVqx--vO9UO585UusBzaRjvqHt9zpPDSGiifNM5x5Kw2VUch_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09ALyjir-iBbvjlYUMJXNn4K4B6OIIespQ6b5IZdP8UG7LxuJj7_xnh-4GkjRmrgdvxp5DFuRwPIPwIqw3zVcXDGw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Tue, 30 May 2023 00:46:32 GMT
date: Tue, 30 May 2023 00:46:32 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 42630
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
31.11.32.207200 OK 22 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Hash a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/anchor.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:42 GMT
Content-Length: 21596
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
31.11.32.207200 OK 4.1 kB URL GET HTTP/1.1 www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
IP 31.11.32.207:80
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /public/buchershoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:42 GMT
Content-Length: 4072
fonts.googleapis.com/icon?family=Material+Icons
216.58.207.202200 OK 565 B URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 216.58.207.202:443
Requested by http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (588), with no line terminators
Hash bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 May 2023 00:46:29 GMT
date: Tue, 30 May 2023 00:46:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
216.58.211.4200 OK 1.0 kB URL GET HTTP/2 www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP 216.58.211.4:443
Requested by https://js.hsforms.net/forms-next/shell-recaptcha
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT
File type ASCII text, with very long lines (1008), with no line terminators
Hash c6a470d89578d96acbdd17d345d39bee
2563ad170e69126f93e515d135b426409fac6742
8bf15792d415efa969e9fa7b62a9478cfae10992b46935822398bd4f1e785212
GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Tue, 30 May 2023 00:46:30 GMT
date: Tue, 30 May 2023 00:46:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2