Report - www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

Report Overview

Submitted URL
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
IP
31.11.32.207
ASN
#31034 Aruba S.p.A.
Submitted
2023-05-30 00:46:46
Access
public
Website Title
Final URL
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
16
Network Intrusion Detection
10
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-29	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-29	4.1 kB	243 kB	216.58.207.227
js.hsforms.net	7264	2013-09-18	2013-09-26	2023-05-29	536 B	2.7 kB	104.16.186.65
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-29	6.8 kB	743 kB	142.250.74.35
www.google.com	7	1997-09-15	2015-05-10	2023-05-29	4.0 kB	102 kB	216.58.211.4
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-29	445 B	1.2 kB	216.58.207.202
www.aegtecnoservice.it	unknown	2010-04-23	2017-04-02	2023-05-28	22 kB	646 kB	31.11.32.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-30 00:46:28	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:29	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:29	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:29	medium	31.11.32.207	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
2023-05-30 00:46:29	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:39	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:39	medium	31.11.32.207	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
2023-05-30 00:46:40	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:43	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-30 00:46:43	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-05-29	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/mm-logo.svg
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(1).html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(2).html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
2023-05-30	medium	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html	73 B	2023-03-07	2024-04-06
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:43 Last Seen2024-04-06 20:09:38 Times Seen403 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html	181 B	2023-03-07	2024-04-19
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:43 Last Seen2024-04-19 13:28:35 Times Seen3727 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js	417 kB	2023-05-25	2023-12-01
Pretty URL www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 23:34:05 Last Seen2023-12-01 20:53:29 Times Seen14311 Hash 95a32a4d8f8be968bc15d6ab9b9491d1 fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015 a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981 Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html	75 B	2023-03-07	2024-04-19
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-19 13:26:34 Times Seen10284 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	0 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 14:06:43 Times Seen36960768 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html	164 B	2023-03-07	2024-04-06
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:09:39 Times Seen296 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html	33 kB	2023-03-09	2024-04-12
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen129 Hash 27fe4cb47aa233ddd8165960b6d65929 11cc82d6e20cc46d88bacc3ed4bfb3f24bbf4b3b 692d9a7342c1fcb4c0417afee37d21695396088ca85a5a29f116f63189e0c595 Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html	1.8 kB	2023-03-07	2024-04-02
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 17:55:49 Last Seen2024-04-02 06:38:23 Times Seen241 Hash 8b1fb904d189e68aaf32a2223915fdfd d1a510fab3db50f7482275581d2171914e1d6631 c1863d7b43731c0cb9a160099c3fa80215e0b0966f27061f78eb6af1da84f026 Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html	116 B	2023-03-07	2024-04-06
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:05:07 Times Seen234 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html	184 B	2023-03-07	2024-04-06
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:20 Last Seen2024-04-06 20:09:39 Times Seen261 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	js.hsforms.net/forms-next/shell-recaptcha	540 B	2023-04-05	2024-04-12
Pretty URL js.hsforms.net/forms-next/shell-recaptcha IP 104.16.186.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:29:16 Last Seen2024-04-12 19:27:19 Times Seen150 Hash 0ef8295b6b00040322f2dcbc2dad3a7b 3c3f471eb10ddba84126b623484930b3c99a8014 8f6e0ed5457a4e0086d8f5754cf5beb474f716ed08184676d4768c88bffb2c63 Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js	3.4 kB	2023-03-07	2024-04-02
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-02 06:38:24 Times Seen660 Hash 5acfeead7d13511cdef767305b87e3f8 ec5337e62f1e64d3aaba3bf41a41b5f876964922 b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246 Loading...

	www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html	175 B	2023-03-07	2024-04-12
Pretty URL www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:36 Last Seen2024-04-12 19:27:19 Times Seen275 Hash 117ee3a6ec35b36713c5e48205ff5fce 8f892b6a14a32c6e5e1cf000d06b18535a7b6238 7317f1aa4ede14314da978897b86477afe5fbc7b634899c0e33a740ca235e675 Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit	1.0 kB	2023-05-26	2023-06-02
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 22:00:35 Last Seen2023-06-02 02:14:55 Times Seen41 Hash c6a470d89578d96acbdd17d345d39bee 2563ad170e69126f93e515d135b426409fac6742 8bf15792d415efa969e9fa7b62a9478cfae10992b46935822398bd4f1e785212 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz	44 kB	2023-05-30	2023-05-30
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 02:46:48 Last Seen2023-05-30 02:46:48 Times Seen1 Hash 7bbc22dbf7d2fbc09fd653e9fd50e35c 76cbe815a6cc3d0205369c37a6b6cb524eb25c72 c142fff42298b3a97b61d8efb1c8e5f522b1041408d763dc5fb5594431464e71 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ff4502800abb7504a8d47851aba2e63e	17 kB	2023-05-30	2023-05-30
Pretty Observations First Seen2023-05-30 02:46:48 Last Seen2023-05-30 02:46:48 Times Seen1 Hash ff4502800abb7504a8d47851aba2e63e a9075d65b54c4b6952f28d53005f4e3ec500749d 554758e96c189c7cd11172333449aab0f68c75277c04d91398a101da515c5816 Loading...

	#2 Eval - db239010a87e10045c38d68d80d53193	22 B	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1958 Hash db239010a87e10045c38d68d80d53193 1b4a5ec9e7be6d7ecf80e8da870c873e95a841d6 8e841e21866babc6374341c8912a81266537f7ad8747bbf62dfbf5b782427bc4 Loading...

	#3 Eval - 3486f9c2a32195c9fc5562d98041874c	16 kB	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1955 Hash 3486f9c2a32195c9fc5562d98041874c 4c4f3719194eece131e126860cc1bac9738d0456 92e4d4a9c97f6b559c3514fc92b5e34d8a95d9e71c4e5bb78ca1dad12ba88b75 Loading...

	#4 Eval - b4382637425dcbd2b7193f4869bd2ea7	22 B	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1953 Hash b4382637425dcbd2b7193f4869bd2ea7 97cabfec2628032d4d148d0910b4056a3f34adfb 527c9e3edfb79e372ec5ac05510312764bd14023d848d9ac4746daecba21f13c Loading...

	#5 Eval - 3e17aa65db170d8d135c100ada8fb5e6	64 B	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1959 Hash 3e17aa65db170d8d135c100ada8fb5e6 2cccef52fe8dbfcffd7cebb2ae7ebc4c70c91b15 abe6e0a658bdad68d3e9185ac581468444ce5f020f508313ac8b38772e102eae Loading...

	#6 Eval - 50569bff135c39857c4b78e79b49f565	22 kB	2023-05-30	2023-05-30
Pretty Observations First Seen2023-05-30 02:46:48 Last Seen2023-05-30 02:46:48 Times Seen1 Hash 50569bff135c39857c4b78e79b49f565 4f917b8ee222918a4da2eaad4dbcd302bb77d32d 020b362a6f50518e37d1bed72ce3abf937288aacabcc7cbfc506c2b38c26c9ac Loading...

HTTP Transactions (86)

URL IP Response Size

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

31.11.32.207

5.9 kB

URL User Request GET
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1843)
Size
5.9 kB (5878 bytes)
Hash
f8c7935b5ca77e488dc69ae93e204204
27a7866f4a348e062cedceb1dd76b4090d7faa43
c3533d2dd48df4286579a299033014698b239b1f89e2491c923fb2af7b37ee42

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/secure.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 5878

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/normalize.css

31.11.32.207

200 OK

2.7 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/normalize.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
ASCII text
Size
2.7 kB (2668 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/normalize.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 2668

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html

31.11.32.207

200 OK

684 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 684

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7166 bytes)
Hash
2b584ec08c873a804d91c45130ef56f3
ca181ab06847214d8e83257f3d14efed884cc07b
c671642f97a876669639efda28c44417e472c318ff1fc5192616f03785099b37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7166

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js

31.11.32.207

404 Not Found

4.7 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
4.7 kB (4724 bytes)
Hash
1d8f1891384ed380ca82f2ebf95e4f2a
fe3c0809da5af7f8bc12a98695f08df48b078b48
0318b7b54f8dd45847178133e47f070f519cf8f165a2fd86400d677f1ca12ec2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4724

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp

31.11.32.207

404 Not Found

4.7 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
4.7 kB (4730 bytes)
Hash
03aba95c5f3d0d5762b650c88d0fbd1c
88a716472e9587842cbbed5a7a2ecec89d70af28
15b1fe9de34bf59f3f51606b64c5441685a65d9dc5991c0c18579637d276b442

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4730

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
2f1694bae80c5e3e797114c03df3dd1c
888e7de973f41d964859e99af3f7b75361029250
f92d13824588dd31eefd892f723e76dc52a7f8aa1dde937b272fb064788b95b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7200 bytes)
Hash
c6c16f927b253ac9bab287ea3a0ee68b
2981ade953eb64174b940c6ed684eb2121bb902f
af726fc743a251120f0fb66ab8654ee29ed702ea3c148f34d47bf0b7b8bc15c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7200

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7164 bytes)
Hash
4856425e787a31c638be45c49a2cfb0e
883bc0de0359dea701b2d1c7f13a05b26ea1c72c
900b445c6f135f6eec75b047a3ce19b29e774dccf9ff06278a862d6e5fb18d03

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7164

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
701073ecf49d46fccca16899d7a23165
76848c8f0ae3116470d2d15ffdc5de5ad511cf7b
18ae816fef89bd5c358a1f2842613eb3ea3d0e9f53e7b783bbfff3adca549bad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7182 bytes)
Hash
698d53ae7d05bbfb89697c4430467602
74e5df54e8cec2b1a45e0b26acef4724e9f0e021
e6b5b828369d7be5384d9ebb8c392d441dab2151ff984f778d47f8b008740182

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7182

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.css

31.11.32.207

200 OK

9.3 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.3 kB (9297 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 9297

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7150 bytes)
Hash
6fe2f91eb441ca6b8a82eab8868c5e47
4492687dbf09382fe245870963e642b4d7d68628
3f1bc838e4bef51f12d98a9535f0e302c4689596d18ecb84e97b2a82395c677c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7150

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js

31.11.32.207

200 OK

312 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/plx.chock.js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
ASCII text
Size
312 B (312 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/plx.chock.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 312

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7152 bytes)
Hash
85f470259fd4f911575322503edcc872
6e389ae2783b745c134df01c025abe0fad3589b4
5cad597dc91970dd7c155d2804fdb01f1c5571df5f44e62aef4174787f4058eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7152

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css

31.11.32.207

200 OK

18 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
ASCII text
Size
18 kB (17472 bytes)
Hash
d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 17472

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/mm-logo.svg

31.11.32.207

200 OK

12 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/mm-logo.svg
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/mm-logo.svg HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "8d686b28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 12019

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webfont.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
2f1694bae80c5e3e797114c03df3dd1c
888e7de973f41d964859e99af3f7b75361029250
f92d13824588dd31eefd892f723e76dc52a7f8aa1dde937b272fb064788b95b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/analytics.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7164 bytes)
Hash
4856425e787a31c638be45c49a2cfb0e
883bc0de0359dea701b2d1c7f13a05b26ea1c72c
900b445c6f135f6eec75b047a3ce19b29e774dccf9ff06278a862d6e5fb18d03

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7164

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html

31.11.32.207

200 OK

684 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/css.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 684

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js

31.11.32.207

404 Not Found

4.7 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
4.7 kB (4724 bytes)
Hash
1d8f1891384ed380ca82f2ebf95e4f2a
fe3c0809da5af7f8bc12a98695f08df48b078b48
0318b7b54f8dd45847178133e47f070f519cf8f165a2fd86400d677f1ca12ec2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4724

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/tag.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7152 bytes)
Hash
85f470259fd4f911575322503edcc872
6e389ae2783b745c134df01c025abe0fad3589b4
5cad597dc91970dd7c155d2804fdb01f1c5571df5f44e62aef4174787f4058eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7152

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/enterprise.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7166 bytes)
Hash
2b584ec08c873a804d91c45130ef56f3
ca181ab06847214d8e83257f3d14efed884cc07b
c671642f97a876669639efda28c44417e472c318ff1fc5192616f03785099b37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7166

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp

31.11.32.207

404 Not Found

4.7 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jsonp
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
4.7 kB (4730 bytes)
Hash
03aba95c5f3d0d5762b650c88d0fbd1c
88a716472e9587842cbbed5a7a2ecec89d70af28
15b1fe9de34bf59f3f51606b64c5441685a65d9dc5991c0c18579637d276b442

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 4730

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/v2.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7150 bytes)
Hash
6fe2f91eb441ca6b8a82eab8868c5e47
4492687dbf09382fe245870963e642b4d7d68628
3f1bc838e4bef51f12d98a9535f0e302c4689596d18ecb84e97b2a82395c677c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:28 GMT
Content-Length: 7150

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7192 bytes)
Hash
58bb258ae4708e8f53c37c11612445b1
841979ada732e96901203986abe9f63071745712
87ec01db16e9d16ae509a9abe7b0a2c1902d9d22197cf3d4bdfbf95e27ed2f32

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7192

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7186 bytes)
Hash
ea307d177bfd7f187f441bf152c0733b
99ae0864a356074e5aa5da72025b608b2c731fc6
1122057b750852b23416896267ab7e4e93a47e266986795a41c63d5079bbb947

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7186

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html

31.11.32.207

200 OK

10 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
10 kB (10242 bytes)
Hash
de4ff6118374a4bdddaeafc4da59b95e
22c2418e29e43fead20844c0f7009372607acb0b
724ea951d695f615e5c02d58973836560baef3341aa9eddc05824f82809e7834

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/saved_resource.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 10242

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html

31.11.32.207

200 OK

22 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
22 kB (21596 bytes)
Hash
a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/anchor.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 21596

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(1).html

31.11.32.207

200 OK

504 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(1).html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
504 B (504 bytes)
Hash
938be7d50aa827110de3ba6d24f24ceb
499a6b9239bbf79c2363a2ecf3cc405a957b24ec
58092d87121c0af28a0ae8ad3e9afcfb4c50156ca369a9a2dfafc8d516a25d5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/saved_resource(1).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "7d207028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 504

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html

31.11.32.207

200 OK

808 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "ef626428c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 808

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7200 bytes)
Hash
c6c16f927b253ac9bab287ea3a0ee68b
2981ade953eb64174b940c6ed684eb2121bb902f
af726fc743a251120f0fb66ab8654ee29ed702ea3c148f34d47bf0b7b8bc15c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7200

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:42 GMT
expires: Thu, 23 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
age: 520187
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html

31.11.32.207

200 OK

808 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dc2b6328c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 808

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/Institutional-Illustration.png

31.11.32.207

200 OK

290 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/Institutional-Illustration.png
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size
290 kB (289564 bytes)
Hash
85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/Institutional-Illustration.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dd346828c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 289564

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/webflow.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
701073ecf49d46fccca16899d7a23165
76848c8f0ae3116470d2d15ffdc5de5ad511cf7b
18ae816fef89bd5c358a1f2842613eb3ea3d0e9f53e7b783bbfff3adca549bad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5022 bytes)
Hash
482a2dfdea19364e246ba7f2a04ba751
49c82e80bed0949307f35921b62cb8a5e34522c9
f0c6137e29cb8b7edf6ef48e95687cc608067108fba3307429d28742868c1a2e

HTTP Headers

GET /public/js.hsforms.net/forms/v2.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 5022

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7182 bytes)
Hash
698d53ae7d05bbfb89697c4430467602
74e5df54e8cec2b1a45e0b26acef4724e9f0e021
e6b5b828369d7be5384d9ebb8c392d441dab2151ff984f778d47f8b008740182

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7182

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

31.11.32.207

200 OK

4.1 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.1 kB (4072 bytes)
Hash
ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 4072

www.aegtecnoservice.it/public/metamask.io/images/webclip.png

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/metamask.io/images/webclip.png
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5030 bytes)
Hash
85bf5fec475c3c9f827d60314a457067
307a96a0a7cac42485ba8e7d8498549f0a3dc1f8
257be8a54661b69a3a38999178818ade763deb090b1b020f972d463c0952debc

HTTP Headers

GET /public/metamask.io/images/webclip.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 5030

www.aegtecnoservice.it/public/metamask.io/images/favicon.png

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/metamask.io/images/favicon.png
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5030 bytes)
Hash
ae8ec8cfb480b3fd1037d51b93074411
0ed7b6cd89f445d86593d6ca4e0af8dd347b1f2c
45ee03263f945bd0bb2c424237325b4e573a6c553aef46ee1cb658dc8cae1a46

HTTP Headers

GET /public/metamask.io/images/favicon.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 5030

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/styles__ltr.css

31.11.32.207

200 OK

24 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/styles__ltr.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24390 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/styles__ltr.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 24390

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d064cee448396618dd3b4e91c8ff9bd1
4e32647996abca8dfea7bcfb43b0655a3e597650
62330fac13ae462bab4a742d9aa76d8bb8aa06d3d68b3b49072ce5a2953ba9cd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.hsforms.net/forms-next/shell-recaptcha

104.16.186.65

200 OK

1.1 kB

URL GET HTTP/2
js.hsforms.net/forms-next/shell-recaptcha
IP
104.16.186.65:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1093 bytes)
Hash
b398fe98f83c84b8e686c2169573245a
6b5610c4d51770d21119485a9ac316566aae8b1c
df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724

HTTP Headers

GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 May 2023 00:46:30 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 May 2023 08:37:04 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: 1neKgmSIo2kNjbv_9pCs.QkkwsDeI7HB
x-cache: Hit from cloudfront
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: OTf_wRausnXYRESqh_q6ZE4C-yLHsSyx0h5xv9n-Zuk5A-A8NP6qFQ==
age: 2463
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.631/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: cde82109-3ddf-4e85-a810-3b82eb0a7a31
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0t1YUgkrDYWi9NYhp%2B0%2B%2F4HZMQsieVdQwizzoXvJJ%2BEvJUq6cpsviaFbouKZkgMtaUB%2BP3mloNOmfqLK3gzf8quQZULoiGBfnrzGkXszVnO80M7lvqirWjZVyY3LSzC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cf2f5dedf4ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
05a780ff7f545fd7b39736808ecba320
ef8dbe57dc939734042b1752794810e68a740c5d
0c524f782a71460cc98e29c3dcbff8ffa219747707c5c6848459b3d90e0c92d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 00:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
2a542eb63ef92a5dae6be84513dd4b30
b4e2d093e1c154e32a8c7ce437b1abceb6f2ca1a
4040364c384d6943a6edea71fd88f16a1fbf506d9da5c1d8ec727107b7d277e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(2).html

31.11.32.207

200 OK

504 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/saved_resource(2).html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
504 B (504 bytes)
Hash
be8f11582f8b9d35f9b9476b810c0468
59600ce9d68f20be69bbaead09ac058abf650dd2
1898ec2fd073040a6d445e0a662e7fdbccbd59946a629b82c2db1e202665f46d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/saved_resource(2).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "d7e37028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:29 GMT
Content-Length: 504

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 01:44:15 GMT
Expires: Thu, 23 May 2024 01:44:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
Age: 514935

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 10:53:05 GMT
Expires: Thu, 23 May 2024 10:53:05 GMT
Cache-Control: public, max-age=31536000
Age: 482005
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3421
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 446228
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 549108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 431395
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz

216.58.211.4

200 OK

29 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43750)
Size
29 kB (28612 bytes)
Hash
c4fca3c3e5ff569f2e87db0a99cc3e08
ea22441e7150ad90a8dd8cc422b123ca1e6215a4
60bbdf24f1cf43faeca75225df588db7a8b30f89d8f589ce5a6090bcd9a7d6e1

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 30 May 2023 00:46:30 GMT
content-security-policy: script-src 'nonce-mJhX3fohe7p4uoaAuKNTVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28612
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:55:34 GMT
expires: Tue, 28 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
age: 3057
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3422
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 544499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 529570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9

216.58.211.4

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Tue, 30 May 2023 00:46:31 GMT
date: Tue, 30 May 2023 00:46:31 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=gkiq3lavsvsz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 21:48:58 GMT
expires: Mon, 05 Jun 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 10653
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3422
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.211.4

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1159 bytes)
Hash
cb6d7e232657279fd51ef55791ce9317
4cd845aa863e1697f5effdae4590e60e3066e147
466d393ac1b7afe00b5c3e90d2e6c9298ad4c4c81cdfbc798df0b5bbd0f7c96a

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 30 May 2023 00:46:31 GMT
content-security-policy: script-src 'nonce-PihMbcS6JpZNckepB6QhKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1159
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:55:34 GMT
expires: Tue, 28 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
age: 3057
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 3422
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.211.4

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (41064)
Size
25 kB (24874 bytes)
Hash
d8cfcb4db953d889c4464cc295a98524
846d9e0c558715dd7784f33d5dd5e3a727948de5
5582bcc9e9ba2c8d2124e0a1f766d2f75dfecdf38d66c747a3a02e528ed255d1

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 8053
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 30 May 2023 00:46:31 GMT
expires: Tue, 30 May 2023 00:46:31 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24874
server: GSE
set-cookie: _GRECAPTCHA=09ALyjir-iBbvjlYUMJXNn4K4B6OIIespQ6b5IZdP8UG7LxuJj7_xnh-4GkjRmrgdvxp5DFuRwPIPwIqw3zVcXDGw;Path=/recaptcha;Expires=Sun, 26-Nov-2023 00:46:31 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 544500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 529571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:43 GMT
expires: Thu, 23 May 2024 00:16:43 GMT
cache-control: public, max-age=31536000
age: 520189
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 446230
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 549110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 431397
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/canonical_car.png

142.250.74.35

200 OK

11 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/canonical_car.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
PNG image data, 98 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11174 bytes)
Hash
a4741c6089e163f0e5c0cdb2c698a03e
03b190c8d9350802cbabbccd2757cff1fb7115f0
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

HTTP Headers

GET /recaptcha/api2/canonical_car.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 11174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 17:48:40 GMT
expires: Sat, 03 Jun 2023 17:48:40 GMT
cache-control: public, max-age=604800
age: 197872
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AL8dmw8ZEEAn1akxSCywgDYpgl898p3xJKX84yIEdrd0xt8N4jRuhpJwxg1hn20k7iACyIZibHJJ6CxG0uJQC6Ys69ih3ydNxf3ZiG6XgzmQSs1WXaMhNyMrSkb6wK9baqrPE7fzE_8EJeOnHtkmkUn769aoVqx--vO9UO585UusBzaRjvqHt9zpPDSGiifNM5x5Kw2VUch_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.211.4

200 OK

43 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AL8dmw8ZEEAn1akxSCywgDYpgl898p3xJKX84yIEdrd0xt8N4jRuhpJwxg1hn20k7iACyIZibHJJ6CxG0uJQC6Ys69ih3ydNxf3ZiG6XgzmQSs1WXaMhNyMrSkb6wK9baqrPE7fzE_8EJeOnHtkmkUn769aoVqx--vO9UO585UusBzaRjvqHt9zpPDSGiifNM5x5Kw2VUch_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
43 kB (42630 bytes)
Hash
a6d97fa590265a6427b32311b090d4b3
ecb2f3a280220ecba2a4223deddb8b2bfb529634
f9ca86fd76f395c59d4259e08cd3e345fdf88d4622311bf240d4e3d902f4b357

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AL8dmw8ZEEAn1akxSCywgDYpgl898p3xJKX84yIEdrd0xt8N4jRuhpJwxg1hn20k7iACyIZibHJJ6CxG0uJQC6Ys69ih3ydNxf3ZiG6XgzmQSs1WXaMhNyMrSkb6wK9baqrPE7fzE_8EJeOnHtkmkUn769aoVqx--vO9UO585UusBzaRjvqHt9zpPDSGiifNM5x5Kw2VUch_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09ALyjir-iBbvjlYUMJXNn4K4B6OIIespQ6b5IZdP8UG7LxuJj7_xnh-4GkjRmrgdvxp5DFuRwPIPwIqw3zVcXDGw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Tue, 30 May 2023 00:46:32 GMT
date: Tue, 30 May 2023 00:46:32 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 42630
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html

31.11.32.207

200 OK

22 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/anchor.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
22 kB (21596 bytes)
Hash
a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/anchor.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:42 GMT
Content-Length: 21596

www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html

31.11.32.207

200 OK

4.1 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/meta/bframe.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.1 kB (4072 bytes)
Hash
ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/buchershoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Tue, 30 May 2023 00:46:42 GMT
Content-Length: 4072

fonts.googleapis.com/icon?family=Material+Icons

216.58.207.202

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
http://www.aegtecnoservice.it/public/buchershoerling2023/metahbcha/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 May 2023 00:46:29 GMT
date: Tue, 30 May 2023 00:46:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

216.58.211.4

200 OK

1.0 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
c6a470d89578d96acbdd17d345d39bee
2563ad170e69126f93e515d135b426409fac6742
8bf15792d415efa969e9fa7b62a9478cfae10992b46935822398bd4f1e785212

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Tue, 30 May 2023 00:46:30 GMT
date: Tue, 30 May 2023 00:46:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML