acquavitruvio.com/verify
301 Moved Permanently 178 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
Analyzer Verdict Alert openphish Metrobank Philippines
fortinet Phishing
GET /verify HTTP/1.1
Host: acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 08:11:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://acquavitruvio.com/verify/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXuFNBXk2i%2FBpVyC2K8MvSFcy%2FVWQJqsaLqf2W9qGhKKSB%2BlYkkNEndnvwmIgWw%2BO83J31Jw6Vt3flBgqXPmqIIuchuRfeW3MxKy6JFgIcl4SUdi882md5qt%2FJjwuBEFrZrFrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7918bc0b28bffac0-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Mon, 30 Jan 2023 08:50:15 GMT
Date: Mon, 30 Jan 2023 08:11:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16395
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 08:11:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 07:35:42 GMT
content-type: application/json
age: 2120
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11415
Expires: Mon, 30 Jan 2023 11:21:17 GMT
Date: Mon, 30 Jan 2023 08:11:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lKpzc7Nk2Wnuo08K7fltKH7oRYA1S+iQNhRAzEB0uSKQU8Hh16aqYSQa5APCEInqHn1SoV5nIxQ=
x-amz-request-id: S5RZEKR627THW0F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 07:50:39 GMT
age: 1223
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
acquavitruvio.com/verify/
200 OK 22 kB URL HTTP/1.1 acquavitruvio.com/verify/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4349), with CRLF line terminators
Hash bdb13ebe5b076bc3d1670c2db7cd0087
33cdbbff24cf0594f827c4779ea8d20e316a0cb0
aa9a7d89f2114fde325e88c19da36e3e0d78b56900ec9d943be4809028134d65
Analyzer Verdict Alert fortinet Phishing
GET /verify/ HTTP/1.1
Host: acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBxzYsP82k%2BhizLv4ru211cHh4QBWr1%2FMKx%2BsnNF3%2FH1pWUYF%2Bl6eAdvmh6ZzK1psrq0b%2BAf14kTXM5QFs5AAH0d0Yyj52tnJylQ4Y5DBHOKxJRJJfw0yr%2FubIdaAwOvm4%2F5sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7918bc0d2a43fac0-OSL
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 08:11:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/rootr3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP
Hash 0039b0e3785d0d2da98923ad212ea919
ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d
77ca6e00bab7821cd8b6931a70a767c75be3ff629d829edbe34949b86e3444ae
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:18:13 GMT
ETag: "ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d"
Last-Modified: Mon, 30 Jan 2023 06:18:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1211
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0f6db71bfe-OSL
ocsp2.globalsign.com/rootr3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP
Hash 0039b0e3785d0d2da98923ad212ea919
ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d
77ca6e00bab7821cd8b6931a70a767c75be3ff629d829edbe34949b86e3444ae
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:18:13 GMT
ETag: "ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d"
Last-Modified: Mon, 30 Jan 2023 06:18:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1211
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0f6c30b4f9-OSL
ocsp2.globalsign.com/rootr3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP
Hash 0039b0e3785d0d2da98923ad212ea919
ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d
77ca6e00bab7821cd8b6931a70a767c75be3ff629d829edbe34949b86e3444ae
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:18:13 GMT
ETag: "ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d"
Last-Modified: Mon, 30 Jan 2023 06:18:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1211
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0f6d09b4f1-OSL
ocsp2.globalsign.com/rootr3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP
Hash 0039b0e3785d0d2da98923ad212ea919
ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d
77ca6e00bab7821cd8b6931a70a767c75be3ff629d829edbe34949b86e3444ae
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:18:13 GMT
ETag: "ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d"
Last-Modified: Mon, 30 Jan 2023 06:18:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1211
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0f7dbd1bfe-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:11:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 00:39:30 GMT
expires: Thu, 25 Jan 2024 00:39:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 459092
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsextendvalsha2g3r3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP
Hash 210977b4aa6082a8681eedd4fa2d74c6
5faa7adf83bc7ca283c452fbe43e754924790992
4c99494423a66cc59d499531142407d7798f192720443dfe1b3b84e3d87c1d1c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:09:31 GMT
ETag: "5faa7adf83bc7ca283c452fbe43e754924790992"
Last-Modified: Mon, 30 Jan 2023 07:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0fbdfb1bfe-OSL
ocsp2.globalsign.com/gsextendvalsha2g3r3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP
Hash 210977b4aa6082a8681eedd4fa2d74c6
5faa7adf83bc7ca283c452fbe43e754924790992
4c99494423a66cc59d499531142407d7798f192720443dfe1b3b84e3d87c1d1c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:09:31 GMT
ETag: "5faa7adf83bc7ca283c452fbe43e754924790992"
Last-Modified: Mon, 30 Jan 2023 07:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0f9c74b4f9-OSL
ocsp2.globalsign.com/gsextendvalsha2g3r3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP
Hash 210977b4aa6082a8681eedd4fa2d74c6
5faa7adf83bc7ca283c452fbe43e754924790992
4c99494423a66cc59d499531142407d7798f192720443dfe1b3b84e3d87c1d1c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:09:31 GMT
ETag: "5faa7adf83bc7ca283c452fbe43e754924790992"
Last-Modified: Mon, 30 Jan 2023 07:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0fad50b4f1-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 07:41:41 GMT
age: 1762
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 08:11:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsextendvalsha2g3r3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP
Hash 210977b4aa6082a8681eedd4fa2d74c6
5faa7adf83bc7ca283c452fbe43e754924790992
4c99494423a66cc59d499531142407d7798f192720443dfe1b3b84e3d87c1d1c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:09:31 GMT
ETag: "5faa7adf83bc7ca283c452fbe43e754924790992"
Last-Modified: Mon, 30 Jan 2023 07:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0fda35b4e8-OSL
ocsp2.globalsign.com/rootr3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP
Hash 0039b0e3785d0d2da98923ad212ea919
ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d
77ca6e00bab7821cd8b6931a70a767c75be3ff629d829edbe34949b86e3444ae
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:18:13 GMT
ETag: "ecd6a29283ee86da6f8bb2f6f0f99a81f7b2e31d"
Last-Modified: Mon, 30 Jan 2023 06:18:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc12485f1bfe-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11382
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 08:11:03 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsextendvalsha2g3r3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP
Hash 210977b4aa6082a8681eedd4fa2d74c6
5faa7adf83bc7ca283c452fbe43e754924790992
4c99494423a66cc59d499531142407d7798f192720443dfe1b3b84e3d87c1d1c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:09:31 GMT
ETag: "5faa7adf83bc7ca283c452fbe43e754924790992"
Last-Modified: Mon, 30 Jan 2023 07:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc126808b4f9-OSL
ocsp2.globalsign.com/gsextendvalsha2g3r3
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP
Hash 210977b4aa6082a8681eedd4fa2d74c6
5faa7adf83bc7ca283c452fbe43e754924790992
4c99494423a66cc59d499531142407d7798f192720443dfe1b3b84e3d87c1d1c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:09:31 GMT
ETag: "5faa7adf83bc7ca283c452fbe43e754924790992"
Last-Modified: Mon, 30 Jan 2023 07:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0fdee0b4f7-OSL
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OWuWjw5hOvzBVxtIun6BOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1/tIdnj9fXY5hOnEY6HWh6jXjZw=
acquavitruvio.com/verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js
301 Moved Permanently 0 B URL HTTP/1.1 acquavitruvio.com/verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js HTTP/1.1
Host: acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acquavitruvio.com/verify/
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
X-Redirect-By: WordPress
Location: http://www.acquavitruvio.com/verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTE1SP5H%2FMpEkktNKdZABacMBEW01fkNspQoZiKnbPCLf2Ap0nnDthdlCyUhDgxdtXXAFSYGFdI1M4EOAfiPfGiSyz90X%2ByJqK0al1Jhw0dKt2yYYvBUMQ53r3TqglIpL%2BcC6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0edb7bfac0-OSL
acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
301 Moved Permanently 0 B URL HTTP/1.1 acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js HTTP/1.1
Host: acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acquavitruvio.com/verify/
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 08:11:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
X-Redirect-By: WordPress
Location: http://www.acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaWGRwa0PA%2F%2Fy1PZ2HxVfWVdY0VDKDmnNzTpLtO42B%2Bpyc1ErWtlFdXidUdGGouIlsCJan5iwb%2BTliu3A25c7ByThAlCXFI9fPgHLG8KaC6oQR%2FgL04e6r3PFE24Wwp%2BbOvyDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7918bc0edd5fb4f7-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:27 GMT
age: 35977
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 08:11:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 41087
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: t1IqXPqG23nYmxAPOJFaZhKDD49KD8fREs8L59AGjx-1AzoQOeSO0A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 37076
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a60c45fc1156fadfbe47afe4e9e282da
e8db47e0aa028a846fd631cf2f2d5a979ee51e08
9a91bd22d5174fc3adbc6b24de6197be4f694bc46e8cc32124212a17a5af3f5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5462
x-amzn-requestid: 4ec670d9-7dfd-45a9-93bc-935dfd991c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkF8HWWIAMFpnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f2-3bda5c87690a91851b2de9e6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IktxPIqbHTkANUYO5E64t0-RHGBrPlJt-MhuQoBxKWSxhbz1wzVDEA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 37076
etag: "e8db47e0aa028a846fd631cf2f2d5a979ee51e08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 36626
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 37135
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
404 Not Found 14 kB URL HTTP/1.1 www.acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29113), with CRLF, LF line terminators
Hash d7666e5683db2722b4ad639fdab19f3c
7493960670795bc34949518dcbb85e4a6a8a9cab
7d713d08d71407eaecc3df498f20f3f91544f3484b744581a0527fd44ffc6227
Analyzer Verdict Alert fortinet Phishing
GET /verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js HTTP/1.1
Host: www.acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acquavitruvio.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 30 Jan 2023 08:11:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.acquavitruvio.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
www.acquavitruvio.com/verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js
404 Not Found 14 kB URL HTTP/1.1 www.acquavitruvio.com/verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29113), with CRLF, LF line terminators
Hash d7666e5683db2722b4ad639fdab19f3c
7493960670795bc34949518dcbb85e4a6a8a9cab
7d713d08d71407eaecc3df498f20f3f91544f3484b744581a0527fd44ffc6227
Analyzer Verdict Alert fortinet Phishing
GET /verify/Metrobank_files/7.e78c2a97e13b417d8802.chunk.js HTTP/1.1
Host: www.acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acquavitruvio.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 30 Jan 2023 08:11:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.acquavitruvio.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
www.acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
404 Not Found 14 kB URL HTTP/1.1 www.acquavitruvio.com/verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29113), with CRLF, LF line terminators
Hash d7666e5683db2722b4ad639fdab19f3c
7493960670795bc34949518dcbb85e4a6a8a9cab
7d713d08d71407eaecc3df498f20f3f91544f3484b744581a0527fd44ffc6227
Analyzer Verdict Alert fortinet Phishing
GET /verify/Metrobank_files/19.6ea6df1409980f84d7e7.chunk.js HTTP/1.1
Host: www.acquavitruvio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://acquavitruvio.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 30 Jan 2023 08:11:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.acquavitruvio.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
onlinebanking.metrobank.com.ph/npm.redux-form.2f9e3388b910d680ad10.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.redux-form.2f9e3388b910d680ad10.chunk.js
IP
GET /npm.redux-form.2f9e3388b910d680ad10.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 25 Jan 2023 16:37:45 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=pC7c.pCKCKWA5H_A6EWlpKYsmaLbVhCjgnaT1vnw3Tw-1675066263-0-AXWhGPpe+1ede4n4LsiFddpMu4z3pc7bjP8t9lPjUd53LaDdgWOSkV8QNmgDoH10fmWPiWZF062XWcNYtLRiMJY=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=HCcDiSikWu1NlVyCD01ZOJeSKC.0D47_gu6o5fuhkhc-1675066263660-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc122e13fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.reduxsauce.89a3422ac63ed169f82b.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.reduxsauce.89a3422ac63ed169f82b.chunk.js
IP
GET /npm.reduxsauce.89a3422ac63ed169f82b.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 25 Jan 2023 16:26:49 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=YV7zy3qPQyL1Dv266GokY.84ABSduYUrqPgYL7RQOJc-1675066263-0-AbgRy6SLEbOGVkFJgWgRk1rjcl/C+QRM1PR41lb1HdBvRUDqYwvHRrcnTiGdLFYDsCrsOFry03r0561MmRtDwp8=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=MyD93KWLBnHnpqCQrDaOE162uLyjHcS09vV9BRsfpMo-1675066263666-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc121e08fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.react-app-polyfill.0b0dd3be66dc3c441e78.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.react-app-polyfill.0b0dd3be66dc3c441e78.chunk.js
IP
GET /npm.react-app-polyfill.0b0dd3be66dc3c441e78.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"63d15ad9-2139"
last-modified: Wed, 25 Jan 2023 16:37:45 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=2dJjoD7WSMvD.g9ewMl5awpELkvhn5xQ8koshD8qpek-1675066263-0-AQeHUG2JLbgpdL0c1t8mkmwPb8ZZViOX3We6f+CAhjx4/E+VLRzwg4ab6xCW+6/huHofSLKdExnm31ePH9RjDCg=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=Q7.4sCBG4y8IZBbTM8fPe_cAA2CDQ3oFhvOKcnIvXQQ-1675066263697-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc121e0afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.moment.e1facc5cc4cb50692155.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.moment.e1facc5cc4cb50692155.chunk.js
IP
GET /npm.moment.e1facc5cc4cb50692155.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"63d15ad9-4fda"
last-modified: Wed, 25 Jan 2023 16:37:45 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=TriD7dWeIc1w75dTV50HUW026DmED_kPkgIS9ieSsKs-1675066263-0-AWl7FXy2Hin/dILJbeVibSsNCEGwjIcmfpl/LtsJ4Whoo0YMzbWPEFaSHrriEEV04abn7bh2PVlR11vz8d669Ac=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=wDHSLCzyXtOcOsop2UHMckYuA139EDuYU9TaaHE9038-1675066263953-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc122e16fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.material-ui.6fe1e0933e52584534be.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.material-ui.6fe1e0933e52584534be.chunk.js
IP
GET /npm.material-ui.6fe1e0933e52584534be.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:04 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 25 Jan 2023 16:30:19 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:04 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=c6B7PrJWPW03Y.rIE2i2ZD6KUiEalqDOAQ7lwrHibCs-1675066264-0-AY8aRn3Wv20N0FVtPFUzkzIZT6/UGVMUnFd8qcnNFDTvg0OldF1D2DSW6Hm7fiaJVTq18+kQa0+8GqlulfC/E0I=; path=/; expires=Mon, 30-Jan-23 08:41:04 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=x5MbBCXYZFXVX56l87Nf.W7rJA0KtJTWF119NItLmLU-1675066264391-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc122e14fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.core-js.faf320b5b860c59db8dc.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.core-js.faf320b5b860c59db8dc.chunk.js
IP
GET /npm.core-js.faf320b5b860c59db8dc.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:05 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=125679
etag: W/"63d15ad9-9f2f"
last-modified: Wed, 25 Jan 2023 16:37:45 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:04 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=s6mT.LvzqBNMJ_PiRPS_YqyYnfkn4G7PQvkWi5Q8YZ8-1675066264-0-AfO4IJxZou/8XKJhn0LOb8znyvLexVPwTqGCvQkcFfc8mIV/E3FKo9va0fkLlUUFoqWwX9s+nWFjCuOkuQsE83k=; path=/; expires=Mon, 30-Jan-23 08:41:04 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=OY6lOig73OonBNifTNYSAOASAt6gIWudyYt7ziHrE38-1675066264972-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc124e34fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/b2a2e35cd37c19553fd06a07eb4ab217.png
403 Forbidden 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/b2a2e35cd37c19553fd06a07eb4ab217.png
IP
GET /b2a2e35cd37c19553fd06a07eb4ab217.png HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: __cf_bm=b_.bVpzE8xt9GCAU1AKnsy57YT2NIble5nFxJGVwANo-1675066263-0-AVC9AIc72dg2tDwV26OBNcgUpJMj+mPlgYwvKec+7gkquIqjD0dhOupQjx7LYfpqJwGIsEOF5ZT0MpQsQaOz9tI=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=x6wpjdEVvKOfs_a69P0_Bm9l7jSAFZfCM6ADpQZRRi4-1675066263389-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc121e0cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.recompose.f28c7690cb9adfe6cdda.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.recompose.f28c7690cb9adfe6cdda.chunk.js
IP
GET /npm.recompose.f28c7690cb9adfe6cdda.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 25 Jan 2023 16:26:49 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=K5ZqB455C_e61pmuC_FgEdh8r.GdsXbkSSW_cdbAQ1U-1675066263-0-AePSNCyyVdgTED3t2H2iL41VRm8WFPP/PMaZfqXwpjU4T3PabSEmS2esfzEYkuFF1MrKN/Jo5/nWno46QRHVT7o=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=HAvAZYl64RAhLTSIyVRG7rl86ZZd0EDBM4CYo6dbFHY-1675066263665-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc121e06fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/main.e036d31120ed044b746e.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/main.e036d31120ed044b746e.chunk.js
IP
GET /main.e036d31120ed044b746e.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 25 Jan 2023 16:41:28 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=PmHJ08CDYx5OqD2NUtveaN41H8loET3IigaenV4zIX8-1675066263-0-AcngEJFoHuVYKkwyUux1CQ0pIlTq5WyhmmN63aHpm/e14btloyJTR/rBm6ky4oFKb4gv+xXhpeY/8LLHMKLeI7k=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=zt1vLjsdCO43NUjF5u.qzR4.tLSOYtdPdTrLmCd1Hlc-1675066263664-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc121e0bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinebanking.metrobank.com.ph/npm.ramda.c0eb705c83f7c64b7954.chunk.js
200 OK 0 B URL HTTP/2 onlinebanking.metrobank.com.ph/npm.ramda.c0eb705c83f7c64b7954.chunk.js
IP
GET /npm.ramda.c0eb705c83f7c64b7954.chunk.js HTTP/1.1
Host: onlinebanking.metrobank.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acquavitruvio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 08:11:03 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"63d15ad9-1430"
last-modified: Wed, 25 Jan 2023 16:37:45 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 12:11:03 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=mHZejM1OQvDWBIvz9mmU_x0iHxVcss.ZLIO5D0Sg4E4-1675066263-0-AXjx37Ywc4vbeN2JPVeIO9YOUcMm+/ImmE5+fVF/Hrr7unNF8MxjsbD9xxwwGa4kFvzPA3haidEEUNpV7fECEEg=; path=/; expires=Mon, 30-Jan-23 08:41:03 GMT; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
_cfuvid=Ra2zTygdKQKyAHtWO3iopSCEK8Ct99tBYb3Y0KRYmsQ-1675066263674-0-604800000; path=/; domain=.metrobank.com.ph; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7918bc121e09fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.162.178
104.18.20.226
23.36.76.226