Report - www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

Report Overview

Submitted URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
IP
31.11.32.207
ASN
#31034 Aruba S.p.A.
Submitted
2023-05-27 18:32:01
Access
public
Website Title
Final URL
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
28
Network Intrusion Detection
17
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.aegtecnoservice.it	unknown	2010-04-23	2017-04-02	2023-05-23	49 kB	1.6 MB	31.11.32.207
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-27	2.0 kB	4.2 kB	142.250.74.131
www.google.com	7	1997-09-15	2015-05-10	2023-05-26	6.2 kB	126 kB	142.250.74.132
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-27	6.1 kB	308 kB	142.250.74.35
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-27	9.6 kB	1.1 MB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-27 18:31:42	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:43	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:43	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:43	medium	31.11.32.207	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
2023-05-27 18:31:43	medium	31.11.32.207	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
2023-05-27 18:31:43	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:43	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:53	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:56	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:56	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:56	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:56	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:56	medium	31.11.32.207	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
2023-05-27 18:31:56	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:57	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:57	high	31.11.32.207	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-05-27 18:31:57	medium	31.11.32.207	Client IP	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js	417 kB	2023-05-25	2023-12-01
Pretty URL www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 23:34:05 Last Seen2023-12-01 20:53:29 Times Seen14311 Hash 95a32a4d8f8be968bc15d6ab9b9491d1 fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015 a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981 Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	0 B	2023-03-07	2024-04-24
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 18:35:23 Times Seen37043456 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/plx.chock.js	3.4 kB	2023-03-07	2024-04-02
Pretty URL www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/plx.chock.js IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-02 06:38:24 Times Seen660 Hash 5acfeead7d13511cdef767305b87e3f8 ec5337e62f1e64d3aaba3bf41a41b5f876964922 b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=ukn6ijrm5pxe	75 B	2023-03-07	2024-04-24
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=ukn6ijrm5pxe IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-24 17:29:51 Times Seen10343 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html	73 B	2023-03-07	2024-04-06
Pretty URL www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:43 Last Seen2024-04-06 20:09:38 Times Seen403 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html	181 B	2023-03-07	2024-04-24
Pretty URL www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:43 Last Seen2024-04-24 18:21:17 Times Seen3751 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html	164 B	2023-03-07	2024-04-06
Pretty URL www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html IP 31.11.32.207 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:09:39 Times Seen296 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

		Size	First Seen	Last Seen
	#1 Eval - a22551da44a8c8bc4528a1267bd061c5	16 kB	2023-05-12	2023-06-06
Pretty Observations First Seen2023-05-12 15:26:01 Last Seen2023-06-06 20:40:18 Times Seen1232 Hash a22551da44a8c8bc4528a1267bd061c5 0b0bb44b22a2a9f86d3a98795ee3ff65ae21c76a efc13034de353fde6d5f180ffdfecb577cdacdf360638a517c39a2472e6282f0 Loading...

	#2 Eval - c132ca45091927dff450de5aa557cf50	62 B	2023-05-12	2023-06-06
Pretty Observations First Seen2023-05-12 15:26:01 Last Seen2023-06-06 20:40:18 Times Seen1233 Hash c132ca45091927dff450de5aa557cf50 3a3a73c2e9299df446b351bef21e6729b92e65ce a1f1259856b75f148b11a758fa8547958ef2c3135e1a6fcb4d8aa3534e8894f3 Loading...

	#3 Eval - bdc82b7cdb64ce4b14318cfef3d18425	23 kB	2023-05-27	2023-05-27
Pretty Observations First Seen2023-05-27 20:32:08 Last Seen2023-05-27 20:32:08 Times Seen1 Hash bdc82b7cdb64ce4b14318cfef3d18425 643c84eae216ecb39df16a91a9b8355ccfd9e4fb e2d2b90f12d6f1a1201a953bcdf1dcea81219e83072014356ea38813faa15872 Loading...

	#4 Eval - 15735e0935185388b9abeba99b550bc4	22 B	2023-05-12	2023-06-06
Pretty Observations First Seen2023-05-12 15:26:01 Last Seen2023-06-06 20:40:18 Times Seen1233 Hash 15735e0935185388b9abeba99b550bc4 8a31d19f8b305cc918a71dee8ecb041f18bfe8b7 cd4c5721fed71f7ad0c5fd6328ac85b06bdff22b15d18ca869dfd66a984ae5c9 Loading...

	#5 Eval - 1555ae9194f6f4477cd5de855bd9095c	18 kB	2023-05-27	2023-05-27
Pretty Observations First Seen2023-05-27 20:32:08 Last Seen2023-05-27 20:32:08 Times Seen1 Hash 1555ae9194f6f4477cd5de855bd9095c 0b06ad2221a6bb2d41c9db0687d1ccae9fcc01f3 0d7eebbc4039b3f9767b4846cbb888d46636cb350481c027356ef5962f919b8a Loading...

	#6 Eval - e9531d6920e6fd13856da542550dbfbf	19 kB	2023-05-27	2023-05-27
Pretty Observations First Seen2023-05-27 20:32:08 Last Seen2023-05-27 20:32:08 Times Seen1 Hash e9531d6920e6fd13856da542550dbfbf d610c084a9b2de05e2d3ec106918377a0c2c7a5e a9190e553493153cbae14823898f466f32e690152f967956e8df981ab46f5238 Loading...

	#7 Eval - 187adb5dc8a1a7d09dd085de81cc4db9	22 B	2023-05-12	2023-06-06
Pretty Observations First Seen2023-05-12 15:26:01 Last Seen2023-06-06 20:40:18 Times Seen1232 Hash 187adb5dc8a1a7d09dd085de81cc4db9 4f15d872942f476787edcd0eb41178e74c4b8d02 6417c45b4bfef26d5337b405143adf32a7980631a55850f5403993fa46b0de43 Loading...

HTTP Transactions (145)

URL IP Response Size

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

31.11.32.207

200 OK

19 kB

URL User Request GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Size
19 kB (18840 bytes)
Hash
1eff29ae6c0ddc802135166f9d1d0134
2135d7712a2c7e78fb73d24510b5d506e798e4ba
29e1fdc8f1b4e05bdd4bbc8964ab785a464a206471fc0da992f5e7ad188fc336

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/ HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24; path=/
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 18840

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/plx.chock.js

31.11.32.207

200 OK

312 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/plx.chock.js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
ASCII text
Size
312 B (312 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/plx.chock.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 312

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/normalize.css

31.11.32.207

2.7 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/normalize.css
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
2.7 kB (2668 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/normalize.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 2668

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webfont.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webfont.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
3c16975c96dbb4470dcad4fde8958421
d1a131652b0163cc4828ae7f8a133dc7298605ab
58e5496a0618e596e43e9bb6c67d1eab75320b84189f8751f64925b88d8a553b

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7160

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 18:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/css.html

31.11.32.207

200 OK

684 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/css.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 684

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.css

31.11.32.207

200 OK

9.3 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.3 kB (9297 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 9297

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7164 bytes)
Hash
e523cba5425c77899f756fa5fb6067fe
ee621f1d5b37ceb73738bf5638f7e0cb5f30f3f8
11f97a679a9937fc465de43d6574bc9b6bff5660af4255fa500d608b11af27bb

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7164

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js

31.11.32.207

404 Not Found

7.1 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7126 bytes)
Hash
2bb894355f05cfccbf9367142d458149
9d0f2ff52c470d1290cb57a7cfb6d4ba89b5f243
083e56f720d501a26fe969197a1b7e14c4beaea58c58fe3cbdcd52cdfae506c9

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7126

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css

31.11.32.207

18 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
18 kB (17472 bytes)
Hash
d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 17472

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7152 bytes)
Hash
cdd80ae78db18f48bdf24f98170fc3af
e5089edb0bc8f2339daf72ddc9aff261748dc1cc
5f8872796804d2a67fadd43934676729f17d0f9a877e19bfc6084c482c5907dc

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7152

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7166 bytes)
Hash
6392aa7049d2a286666c5256736bac36
259fe46822b47380d37314b1ffc8b9f5ed7f6daa
1dc3ce5ad8fe320353bb24adb7059963b2feaee204756c7978cc76381f623a6e

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7166

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp

31.11.32.207

7.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7132 bytes)
Hash
be177fcae9091c887ceae95d03c2b808
ae350fcd51bf9778cc6f032d76fc15675555bfe1
7ae93d4e48a47473d97442e20eead695af65b582b16a26e7a1668f1924888db4

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7132

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7150 bytes)
Hash
b3aaa3ba86932289e90d001d016c942f
344c66f894ace2af2fce6cf77d45a4cf44173c3d
1388ce22898d6094292360c23715d97833cb6c05c8fef876478c7f94532c4fe7

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7150

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7200 bytes)
Hash
36a557cf422dfa462fa5263928ad8bb7
41d707e4ca36a7f4301cc946c25606f04ac8b228
4533bf2f34f3d5647119a1b41ae61803ba685167e16f1893a014b54f33dba987

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7200

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
cd063ade010929de81122b354a757823
6d1c3b630e05d3dcef01d95bb67a00fc2aa7be4e
47736eff39aae5147f98e8288b279268c99fc4a823ad72559610676f09721c5d

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7182 bytes)
Hash
5159f01004992db50803af43c134d3e0
9d4f79a47a57df73c3350e1bab52db3fb07020f3
b10634ae276f870e59eed2de323f197ff7d0bb32b4104be9c10a66528f288a7f

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 7182

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/mm-logo.svg

31.11.32.207

12 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/mm-logo.svg
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/mm-logo.svg HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "8d686b28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 12019

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/wpp.gif

31.11.32.207

3.9 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/wpp.gif
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
GIF image data, version 87a, 470 x 40\012- data
Size
3.9 kB (3877 bytes)
Hash
941648b845842a709da73e24652cf8a4
099e5f97e602d026c51537c9b45328dc99261d7c
2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/wpp.gif HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "2dd37828c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:41 GMT
Content-Length: 3877

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 18:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webfont.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webfont.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
3c16975c96dbb4470dcad4fde8958421
d1a131652b0163cc4828ae7f8a133dc7298605ab
58e5496a0618e596e43e9bb6c67d1eab75320b84189f8751f64925b88d8a553b

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7164 bytes)
Hash
e523cba5425c77899f756fa5fb6067fe
ee621f1d5b37ceb73738bf5638f7e0cb5f30f3f8
11f97a679a9937fc465de43d6574bc9b6bff5660af4255fa500d608b11af27bb

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7164

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/css.html

31.11.32.207

200 OK

684 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/css.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 684

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js

31.11.32.207

404 Not Found

7.1 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7126 bytes)
Hash
2bb894355f05cfccbf9367142d458149
9d0f2ff52c470d1290cb57a7cfb6d4ba89b5f243
083e56f720d501a26fe969197a1b7e14c4beaea58c58fe3cbdcd52cdfae506c9

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7126

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7152 bytes)
Hash
cdd80ae78db18f48bdf24f98170fc3af
e5089edb0bc8f2339daf72ddc9aff261748dc1cc
5f8872796804d2a67fadd43934676729f17d0f9a877e19bfc6084c482c5907dc

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7152

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7166 bytes)
Hash
6392aa7049d2a286666c5256736bac36
259fe46822b47380d37314b1ffc8b9f5ed7f6daa
1dc3ce5ad8fe320353bb24adb7059963b2feaee204756c7978cc76381f623a6e

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7166

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp

31.11.32.207

7.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7132 bytes)
Hash
be177fcae9091c887ceae95d03c2b808
ae350fcd51bf9778cc6f032d76fc15675555bfe1
7ae93d4e48a47473d97442e20eead695af65b582b16a26e7a1668f1924888db4

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7132

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7150 bytes)
Hash
b3aaa3ba86932289e90d001d016c942f
344c66f894ace2af2fce6cf77d45a4cf44173c3d
1388ce22898d6094292360c23715d97833cb6c05c8fef876478c7f94532c4fe7

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7150

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7192 bytes)
Hash
1d602f2836ac8ff9283b4aa3f4ff8410
17c3a47d7414b62edbdc3f1c3aced18b39a2bc37
0e79de646b73d3f2f98851d6939992cd5b0acdd44df7ab3c0e9424b93895736c

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7192

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7186 bytes)
Hash
1037284858ca3c43240d3228eb38cb86
5a378f49d690f647d23abb6502455f9c3cdf3f16
3c086b8fba3aae145fbad1ad39cc696cd099136a025ce578aba53a53032f5098

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7186

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html

31.11.32.207

200 OK

10 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
10 kB (10242 bytes)
Hash
de4ff6118374a4bdddaeafc4da59b95e
22c2418e29e43fead20844c0f7009372607acb0b
724ea951d695f615e5c02d58973836560baef3341aa9eddc05824f82809e7834

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/saved_resource.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 10242

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(1).html

31.11.32.207

504 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(1).html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
504 B (504 bytes)
Hash
938be7d50aa827110de3ba6d24f24ceb
499a6b9239bbf79c2363a2ecf3cc405a957b24ec
58092d87121c0af28a0ae8ad3e9afcfb4c50156ca369a9a2dfafc8d516a25d5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/saved_resource(1).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "7d207028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 504

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7200 bytes)
Hash
36a557cf422dfa462fa5263928ad8bb7
41d707e4ca36a7f4301cc946c25606f04ac8b228
4533bf2f34f3d5647119a1b41ae61803ba685167e16f1893a014b54f33dba987

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7200

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html

31.11.32.207

808 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "ef626428c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 808

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html

31.11.32.207

808 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dc2b6328c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 808

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

31.11.32.207

22 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
22 kB (21596 bytes)
Hash
a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/anchor.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 21596

www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5022 bytes)
Hash
482a2dfdea19364e246ba7f2a04ba751
49c82e80bed0949307f35921b62cb8a5e34522c9
f0c6137e29cb8b7edf6ef48e95687cc608067108fba3307429d28742868c1a2e

HTTP Headers

GET /public/js.hsforms.net/forms/v2.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 5022

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css

31.11.32.207

200 OK

24 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24390 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/styles__ltr.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 24390

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
cd063ade010929de81122b354a757823
6d1c3b630e05d3dcef01d95bb67a00fc2aa7be4e
47736eff39aae5147f98e8288b279268c99fc4a823ad72559610676f09721c5d

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/hero2.4.png

31.11.32.207

200 OK

590 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/hero2.4.png
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/hero2.4.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c9fb6628c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 589568

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7182 bytes)
Hash
5159f01004992db50803af43c134d3e0
9d4f79a47a57df73c3350e1bab52db3fb07020f3
b10634ae276f870e59eed2de323f197ff7d0bb32b4104be9c10a66528f288a7f

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7182

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

31.11.32.207

4.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.1 kB (4072 bytes)
Hash
ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 4072

www.aegtecnoservice.it/public/metamask.io/images/webclip.png

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/metamask.io/images/webclip.png
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5030 bytes)
Hash
85bf5fec475c3c9f827d60314a457067
307a96a0a7cac42485ba8e7d8498549f0a3dc1f8
257be8a54661b69a3a38999178818ade763deb090b1b020f972d463c0952debc

HTTP Headers

GET /public/metamask.io/images/webclip.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 5030

www.aegtecnoservice.it/public/metamask.io/images/favicon.png

31.11.32.207

5.0 kB

URL
www.aegtecnoservice.it/public/metamask.io/images/favicon.png
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5030 bytes)
Hash
ae8ec8cfb480b3fd1037d51b93074411
0ed7b6cd89f445d86593d6ca4e0af8dd347b1f2c
45ee03263f945bd0bb2c424237325b4e573a6c553aef46ee1cb658dc8cae1a46

HTTP Headers

GET /public/metamask.io/images/favicon.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 5030

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(2).html

31.11.32.207

504 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(2).html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
504 B (504 bytes)
Hash
be8f11582f8b9d35f9b9476b810c0468
59600ce9d68f20be69bbaead09ac058abf650dd2
1898ec2fd073040a6d445e0a662e7fdbccbd59946a629b82c2db1e202665f46d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/saved_resource(2).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "d7e37028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 504

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css

31.11.32.207

200 OK

24 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24390 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/styles__ltr.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 24390

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7172

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8796f803977abb7a530f42b340c27aa4
a2ee05a2152661894f6abaed4cf23ecf51dd6b7f
e99b23817c80730463e4a9d35dcb0627e9c702ef575e0592313db9d648db7a5e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 18:31:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.132

614 B

URL
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
c6a470d89578d96acbdd17d345d39bee
2563ad170e69126f93e515d135b426409fac6742
8bf15792d415efa969e9fa7b62a9478cfae10992b46935822398bd4f1e785212

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Sat, 27 May 2023 18:31:44 GMT
date: Sat, 27 May 2023 18:31:44 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:42 GMT
Content-Length: 7172

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0d8c522376f9142e51e824edd98e58a7
d43799c84f65ad12b94ac35a4cab08d7eb788741
36915e19659d8c250b3d74fc5705a9d358f95affdbf65ce97d7672883f4071a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 18:31:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 01:44:15 GMT
Expires: Thu, 23 May 2024 01:44:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
Age: 319649

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 10:53:05 GMT
Expires: Thu, 23 May 2024 10:53:05 GMT
Cache-Control: public, max-age=31536000
Age: 286719
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 18:31:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

166 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 412935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

600 B

URL
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 250942
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

665 B

URL
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 236109
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

530 B

URL
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 353822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 18:31:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=ukn6ijrm5pxe

142.250.74.132

200 OK

28 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=ukn6ijrm5pxe
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43555)
Size
28 kB (28358 bytes)
Hash
b64686c436299320ed51ffccdb771627
def9a0445506494d4161d3cddca09930684d9c75
a2e427695b87596f8ef72ecd4ca0afa9bc634d85bfaaf075c223a743cb546029

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=ukn6ijrm5pxe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 18:31:44 GMT
content-security-policy: script-src 'nonce-g0MAt3dv1Qrq2O42VRQZqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28358
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

142.250.74.35

25 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:55:34 GMT
expires: Tue, 21 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
age: 412570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

166 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 412935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 349212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 334283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9

142.250.74.132

112 B

URL
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=ukn6ijrm5pxe
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 27 May 2023 18:31:44 GMT
date: Sat, 27 May 2023 18:31:44 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

2.2 kB

URL
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 21:48:58 GMT
expires: Mon, 29 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 420166
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

166 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 412935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1158 bytes)
Hash
86cda92c7827c2f85edf88e3000c6f5a
b249bab578954cacbad3c1ad65428958580d5b8e
3903e2123c7c48b5f9c6f36147d384af1226a50e3c76c638fa392684a16a3042

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 18:31:44 GMT
content-security-policy: script-src 'nonce-F8sN7dg8EDzD0Q-sLZD4qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1158
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

142.250.74.35

25 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:55:34 GMT
expires: Tue, 21 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
age: 412571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

166 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 412936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

26 kB

URL
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (42398)
Size
26 kB (25709 bytes)
Hash
022249eeac63116968b4ddc1ec1e2ab7
c2e6cd2c9e5abd0435d451443fc331a7eea5906a
903a35db5714881217a37b48e5e5c8718659debfdf8782897da0ebd691940b5e

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6332
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sat, 27 May 2023 18:31:45 GMT
expires: Sat, 27 May 2023 18:31:45 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 25709
server: GSE
set-cookie: _GRECAPTCHA=09ALyjir9dpuyyLY3xolF6-1lWorfGD63AEGIxXtis6DVV304DO_Oy0MXcBeEobjjgSA3PFKJPocwSYiFqGtSwsJ0;Path=/recaptcha;Expires=Thu, 23-Nov-2023 18:31:45 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 349213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 334284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.35

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:43 GMT
expires: Thu, 23 May 2024 00:16:43 GMT
cache-control: public, max-age=31536000
age: 324902
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

600 B

URL
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 250943
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

530 B

URL
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 353823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

665 B

URL
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 236110
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AL8dmw88DJzfTd-Of4CSWxMX6Dl1a9M48gZ9_DDb954Ei8ddGsNdiK-aWoXMB2HjqMZNZOMkeV0el2dDCfvGRsly9plk9zilrHvVMkd48Gj11a4GUnEUNawVj12MUzevxqfaOo577CtfpBR3-cIxdG1YIO2JYfxzy-3BUS6-w1l9X9Anfw04wLR8f0oHZ4JQ8o_2VhP45fh-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

35 kB

URL
www.google.com/recaptcha/enterprise/payload?p=06AL8dmw88DJzfTd-Of4CSWxMX6Dl1a9M48gZ9_DDb954Ei8ddGsNdiK-aWoXMB2HjqMZNZOMkeV0el2dDCfvGRsly9plk9zilrHvVMkd48Gj11a4GUnEUNawVj12MUzevxqfaOo577CtfpBR3-cIxdG1YIO2JYfxzy-3BUS6-w1l9X9Anfw04wLR8f0oHZ4JQ8o_2VhP45fh-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
35 kB (35416 bytes)
Hash
904eb6b0bf3ad378cc1f3b749147a0a5
5da90d05b5fd7e7519573f5c1100a7ed575356ac
12a82bcae1510d2b493419b6aa2378df8133e9fad84ca899e878c19eafd67c52

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AL8dmw88DJzfTd-Of4CSWxMX6Dl1a9M48gZ9_DDb954Ei8ddGsNdiK-aWoXMB2HjqMZNZOMkeV0el2dDCfvGRsly9plk9zilrHvVMkd48Gj11a4GUnEUNawVj12MUzevxqfaOo577CtfpBR3-cIxdG1YIO2JYfxzy-3BUS6-w1l9X9Anfw04wLR8f0oHZ4JQ8o_2VhP45fh-&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09ALyjir9dpuyyLY3xolF6-1lWorfGD63AEGIxXtis6DVV304DO_Oy0MXcBeEobjjgSA3PFKJPocwSYiFqGtSwsJ0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 27 May 2023 18:31:45 GMT
date: Sat, 27 May 2023 18:31:45 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 35416
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html

31.11.32.207

5.9 kB

URL User Request GET
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1843)
Size
5.9 kB (5878 bytes)
Hash
f8c7935b5ca77e488dc69ae93e204204
27a7866f4a348e062cedceb1dd76b4090d7faa43
c3533d2dd48df4286579a299033014698b239b1f89e2491c923fb2af7b37ee42

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/secure.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 5878

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/normalize.css

31.11.32.207

2.7 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/normalize.css
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
2.7 kB (2668 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/normalize.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 2668

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/plx.chock.js

31.11.32.207

200 OK

312 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/plx.chock.js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
ASCII text
Size
312 B (312 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/plx.chock.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 312

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7164 bytes)
Hash
e523cba5425c77899f756fa5fb6067fe
ee621f1d5b37ceb73738bf5638f7e0cb5f30f3f8
11f97a679a9937fc465de43d6574bc9b6bff5660af4255fa500d608b11af27bb

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7164

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css

31.11.32.207

18 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text
Size
18 kB (17472 bytes)
Hash
d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 17472

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.css

31.11.32.207

200 OK

9.3 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.3 kB (9297 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webflow.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 9297

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webfont.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webfont.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
3c16975c96dbb4470dcad4fde8958421
d1a131652b0163cc4828ae7f8a133dc7298605ab
58e5496a0618e596e43e9bb6c67d1eab75320b84189f8751f64925b88d8a553b

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webfont.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/css.html

31.11.32.207

200 OK

684 B

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/css.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/css.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "c195f28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 684

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js

31.11.32.207

404 Not Found

7.1 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7126 bytes)
Hash
2bb894355f05cfccbf9367142d458149
9d0f2ff52c470d1290cb57a7cfb6d4ba89b5f243
083e56f720d501a26fe969197a1b7e14c4beaea58c58fe3cbdcd52cdfae506c9

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7126

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7152 bytes)
Hash
cdd80ae78db18f48bdf24f98170fc3af
e5089edb0bc8f2339daf72ddc9aff261748dc1cc
5f8872796804d2a67fadd43934676729f17d0f9a877e19bfc6084c482c5907dc

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7152

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7166 bytes)
Hash
6392aa7049d2a286666c5256736bac36
259fe46822b47380d37314b1ffc8b9f5ed7f6daa
1dc3ce5ad8fe320353bb24adb7059963b2feaee204756c7978cc76381f623a6e

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7166

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp

31.11.32.207

7.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7132 bytes)
Hash
be177fcae9091c887ceae95d03c2b808
ae350fcd51bf9778cc6f032d76fc15675555bfe1
7ae93d4e48a47473d97442e20eead695af65b582b16a26e7a1668f1924888db4

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7132

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7200 bytes)
Hash
36a557cf422dfa462fa5263928ad8bb7
41d707e4ca36a7f4301cc946c25606f04ac8b228
4533bf2f34f3d5647119a1b41ae61803ba685167e16f1893a014b54f33dba987

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7200

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7150 bytes)
Hash
b3aaa3ba86932289e90d001d016c942f
344c66f894ace2af2fce6cf77d45a4cf44173c3d
1388ce22898d6094292360c23715d97833cb6c05c8fef876478c7f94532c4fe7

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7150

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
cd063ade010929de81122b354a757823
6d1c3b630e05d3dcef01d95bb67a00fc2aa7be4e
47736eff39aae5147f98e8288b279268c99fc4a823ad72559610676f09721c5d

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7182 bytes)
Hash
5159f01004992db50803af43c134d3e0
9d4f79a47a57df73c3350e1bab52db3fb07020f3
b10634ae276f870e59eed2de323f197ff7d0bb32b4104be9c10a66528f288a7f

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7182

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/analytics.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7164 bytes)
Hash
e523cba5425c77899f756fa5fb6067fe
ee621f1d5b37ceb73738bf5638f7e0cb5f30f3f8
11f97a679a9937fc465de43d6574bc9b6bff5660af4255fa500d608b11af27bb

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/analytics.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7164

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js

31.11.32.207

404 Not Found

7.1 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7126 bytes)
Hash
2bb894355f05cfccbf9367142d458149
9d0f2ff52c470d1290cb57a7cfb6d4ba89b5f243
083e56f720d501a26fe969197a1b7e14c4beaea58c58fe3cbdcd52cdfae506c9

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7126

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/tag.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7152 bytes)
Hash
cdd80ae78db18f48bdf24f98170fc3af
e5089edb0bc8f2339daf72ddc9aff261748dc1cc
5f8872796804d2a67fadd43934676729f17d0f9a877e19bfc6084c482c5907dc

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/tag.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7152

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/enterprise.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7166 bytes)
Hash
6392aa7049d2a286666c5256736bac36
259fe46822b47380d37314b1ffc8b9f5ed7f6daa
1dc3ce5ad8fe320353bb24adb7059963b2feaee204756c7978cc76381f623a6e

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/enterprise.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7166

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp

31.11.32.207

7.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jsonp
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.1 kB (7132 bytes)
Hash
be177fcae9091c887ceae95d03c2b808
ae350fcd51bf9778cc6f032d76fc15675555bfe1
7ae93d4e48a47473d97442e20eead695af65b582b16a26e7a1668f1924888db4

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jsonp HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7132

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

31.11.32.207

4.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.1 kB (4072 bytes)
Hash
ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 4072

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.35

128 kB

URL
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:42 GMT
expires: Thu, 23 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
age: 324914
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/mm-logo.svg

31.11.32.207

12 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/mm-logo.svg
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/mm-logo.svg HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "8d686b28c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 12019

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/v2.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7150 bytes)
Hash
b3aaa3ba86932289e90d001d016c942f
344c66f894ace2af2fce6cf77d45a4cf44173c3d
1388ce22898d6094292360c23715d97833cb6c05c8fef876478c7f94532c4fe7

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/v2.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7150

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7192 bytes)
Hash
1d602f2836ac8ff9283b4aa3f4ff8410
17c3a47d7414b62edbdc3f1c3aced18b39a2bc37
0e79de646b73d3f2f98851d6939992cd5b0acdd44df7ab3c0e9424b93895736c

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7192

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7186 bytes)
Hash
1037284858ca3c43240d3228eb38cb86
5a378f49d690f647d23abb6502455f9c3cdf3f16
3c086b8fba3aae145fbad1ad39cc696cd099136a025ce578aba53a53032f5098

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7186

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/Institutional-Illustration.png

31.11.32.207

290 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/Institutional-Illustration.png
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size
290 kB (289564 bytes)
Hash
85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/Institutional-Illustration.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dd346828c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 289564

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html

31.11.32.207

200 OK

10 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
10 kB (10242 bytes)
Hash
de4ff6118374a4bdddaeafc4da59b95e
22c2418e29e43fead20844c0f7009372607acb0b
724ea951d695f615e5c02d58973836560baef3341aa9eddc05824f82809e7834

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/saved_resource.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 10242

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

31.11.32.207

22 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
22 kB (21596 bytes)
Hash
a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/anchor.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 21596

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(1).html

31.11.32.207

504 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(1).html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
504 B (504 bytes)
Hash
938be7d50aa827110de3ba6d24f24ceb
499a6b9239bbf79c2363a2ecf3cc405a957b24ec
58092d87121c0af28a0ae8ad3e9afcfb4c50156ca369a9a2dfafc8d516a25d5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/saved_resource(1).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "7d207028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 504

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7200 bytes)
Hash
36a557cf422dfa462fa5263928ad8bb7
41d707e4ca36a7f4301cc946c25606f04ac8b228
4533bf2f34f3d5647119a1b41ae61803ba685167e16f1893a014b54f33dba987

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7200

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html

31.11.32.207

808 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Regular-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "ef626428c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 808

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html

31.11.32.207

808 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
suricata	medium	ETPRO HUNTING HTTP 200 Stat Code with 404 in Body

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/EuclidCircularB-Bold-WebXL.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "dc2b6328c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 808

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/webflow.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7160 bytes)
Hash
cd063ade010929de81122b354a757823
6d1c3b630e05d3dcef01d95bb67a00fc2aa7be4e
47736eff39aae5147f98e8288b279268c99fc4a823ad72559610676f09721c5d

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/webflow.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7160

www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/js.hsforms.net/forms/v2.js
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5022 bytes)
Hash
482a2dfdea19364e246ba7f2a04ba751
49c82e80bed0949307f35921b62cb8a5e34522c9
f0c6137e29cb8b7edf6ef48e95687cc608067108fba3307429d28742868c1a2e

HTTP Headers

GET /public/js.hsforms.net/forms/v2.js HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 5022

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css

31.11.32.207

200 OK

24 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24390 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/styles__ltr.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 24390

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download

31.11.32.207

7.2 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7182 bytes)
Hash
5159f01004992db50803af43c134d3e0
9d4f79a47a57df73c3350e1bab52db3fb07020f3
b10634ae276f870e59eed2de323f197ff7d0bb32b4104be9c10a66528f288a7f

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/storage.secure.min.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7182

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:55 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

31.11.32.207

4.1 kB

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.1 kB (4072 bytes)
Hash
ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/bframe.html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 4072

www.aegtecnoservice.it/public/metamask.io/images/webclip.png

31.11.32.207

404 Not Found

5.0 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/metamask.io/images/webclip.png
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5030 bytes)
Hash
85bf5fec475c3c9f827d60314a457067
307a96a0a7cac42485ba8e7d8498549f0a3dc1f8
257be8a54661b69a3a38999178818ade763deb090b1b020f972d463c0952debc

HTTP Headers

GET /public/metamask.io/images/webclip.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 5030

www.aegtecnoservice.it/public/metamask.io/images/favicon.png

31.11.32.207

5.0 kB

URL
www.aegtecnoservice.it/public/metamask.io/images/favicon.png
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Size
5.0 kB (5030 bytes)
Hash
ae8ec8cfb480b3fd1037d51b93074411
0ed7b6cd89f445d86593d6ca4e0af8dd347b1f2c
45ee03263f945bd0bb2c424237325b4e573a6c553aef46ee1cb658dc8cae1a46

HTTP Headers

GET /public/metamask.io/images/favicon.png HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/secure.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 5030

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(2).html

31.11.32.207

504 B

URL
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/saved_resource(2).html
IP
31.11.32.207:0
ASN
#31034 Aruba S.p.A.

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
504 B (504 bytes)
Hash
be8f11582f8b9d35f9b9476b810c0468
59600ce9d68f20be69bbaead09ac058abf650dd2
1898ec2fd073040a6d445e0a662e7fdbccbd59946a629b82c2db1e202665f46d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/saved_resource(2).html HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "d7e37028c390d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 504

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css

31.11.32.207

200 OK

24 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/styles__ltr.css
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24390 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/styles__ltr.css HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 17:46:25 GMT
Accept-Ranges: bytes
ETag: "80ae1a28c390d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 24390

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 7172

www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download

31.11.32.207

404 Not Found

7.2 kB

URL GET HTTP/1.1
www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download
IP
31.11.32.207:80
ASN
#31034 Aruba S.p.A.

Requested by
http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/anchor.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Size
7.2 kB (7172 bytes)
Hash
50bf0ae9f79c3d4d660b13bb4cbcb9e7
8978316533d5ee6d7f3bfaa046a3ddc497706d68
4f73f852bbe19066a2f6de41cdfe301c5585da7fde1deefddcbc9211bd4fef80

HTTP Headers

GET /public/BucherShoerling2023/metahbcha/meta/recaptcha__nl.js.download HTTP/1.1
Host: www.aegtecnoservice.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/public/BucherShoerling2023/metahbcha/meta/bframe.html
Cookie: PHPSESSID=uptmplci2leet30a6genh0fg24
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 27 May 2023 18:31:56 GMT
Content-Length: 7172

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 01:44:15 GMT
Expires: Thu, 23 May 2024 01:44:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
Age: 319662

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.aegtecnoservice.it
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 May 2023 10:53:05 GMT
Expires: Thu, 23 May 2024 10:53:05 GMT
Cache-Control: public, max-age=31536000
Age: 286732
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

600 B

URL
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 20:49:22 GMT
expires: Wed, 31 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 250955
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

665 B

URL
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 00:56:35 GMT
expires: Thu, 01 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 236122
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

530 B

URL
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.aegtecnoservice.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 16:14:42 GMT
expires: Tue, 30 May 2023 16:14:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 353835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.132

614 B

URL
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
c6a470d89578d96acbdd17d345d39bee
2563ad170e69126f93e515d135b426409fac6742
8bf15792d415efa969e9fa7b62a9478cfae10992b46935822398bd4f1e785212

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Cookie: _GRECAPTCHA=09ALyjir9dpuyyLY3xolF6-1lWorfGD63AEGIxXtis6DVV304DO_Oy0MXcBeEobjjgSA3PFKJPocwSYiFqGtSwsJ0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 27 May 2023 18:31:57 GMT
date: Sat, 27 May 2023 18:31:57 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

166 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 412948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.132

28 kB

URL
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=qfe4vynwnmpj
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43423)
Size
28 kB (28297 bytes)
Hash
803b7d55fd4dc83b34d2146d152caec9
7c65f1672c386b7f2f6c6dea270ac6a224111898
0157b26ca1597247d4ec69a7c475d49753322911fb217766a15c214cc60c5885

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=qfe4vynwnmpj HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Cookie: _GRECAPTCHA=09ALyjir9dpuyyLY3xolF6-1lWorfGD63AEGIxXtis6DVV304DO_Oy0MXcBeEobjjgSA3PFKJPocwSYiFqGtSwsJ0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 18:31:57 GMT
content-security-policy: script-src 'nonce-soV-unUls_jVf8JJaIu_yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28297
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

142.250.74.35

25 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:55:34 GMT
expires: Tue, 21 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
age: 412583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

142.250.74.35

166 kB

URL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (660)
Size
166 kB (166449 bytes)
Hash
95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

HTTP Headers

GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 412948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 349226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 334297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9

142.250.74.132

112 B

URL
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&badge=inline&cb=qfe4vynwnmpj
Cookie: _GRECAPTCHA=09ALyjir9dpuyyLY3xolF6-1lWorfGD63AEGIxXtis6DVV304DO_Oy0MXcBeEobjjgSA3PFKJPocwSYiFqGtSwsJ0
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 27 May 2023 18:31:58 GMT
date: Sat, 27 May 2023 18:31:58 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

2.2 kB

URL
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 21:48:58 GMT
expires: Mon, 29 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 420180
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations