{"report_id":"f9b3dd46-63da-435a-af7e-f986f0c6fdf6","version":6,"status":"done","tags":["bankid","authentication"],"date":"2024-07-16T09:06:12Z","url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/acp.php","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":0,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/eng.php","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"title":"BankID"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:33:08Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-14 18:12:33","alert_count":0,"request_count":8,"received_data":7098,"sent_data":2616,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2024-07-14 22:37:15","alert_count":0,"request_count":2,"received_data":19070,"sent_data":920,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bwgforums.net","ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"domain_registered":"2020-08-07","domain_rank":0,"first_seen":"2020-08-10 11:23:00","last_seen":"2023-09-04 07:31:44","alert_count":15,"request_count":15,"received_data":233198,"sent_data":7353,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.67","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-07-14 18:16:24","alert_count":0,"request_count":1,"received_data":700,"sent_data":325,"comment":"","tags":null,"fingerprints":null},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":2467,"first_seen":"2018-06-15 22:36:43","last_seen":"2024-07-15 08:43:51","alert_count":0,"request_count":1,"received_data":31905,"sent_data":458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2024-07-14 20:03:31","alert_count":0,"request_count":1,"received_data":20757,"sent_data":520,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:46.717302125Z","timestamp":1721120746717,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"133266844822EA13F6D0FFC2EDA97A79E99CEA9EC4DEFEC2812CF4A86751283A\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16743\r\nExpires: Tue, 16 Jul 2024 13:44:49 GMT\r\nDate: Tue, 16 Jul 2024 09:05:46 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9fc6673328a72199efee32208e052486","sha1":"e3cd507761b95ae04da178d9b0da347fcaa5fce6","sha256":"133266844822ea13f6d0ffc2eda97a79e99cea9ec4defec2812cf4a86751283a","sha512":"18de0438f215e593d4e2f1bb76d94ad04b2967f9bb2a3aef8a777dd8b48b581e7edef286e4915a58ac8c010ada67fee4e6b7e6b15cc8af5be291080c88592089","ssdeep":"","tlshash":"92f07e8307b23c592b7c28277ca8ca9cad125a3c288028b220c113e26c88bba859000b","first_seen":"2024-07-15T23:07:47Z","last_seen":"2024-08-19T16:51:27.189912Z","times_seen":24082,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:46.826190452Z","timestamp":1721120746826,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4ACAF4113D4CDA75EDBBAE5D28E17DFFB959489CD6912B854C9E87A3AB50FD2\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4276\r\nExpires: Tue, 16 Jul 2024 10:17:02 GMT\r\nDate: Tue, 16 Jul 2024 09:05:46 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0ba28ae3ca920c46edf9c7a1f79db3ca","sha1":"b96f7bd71a6b1f9e08b5a0179c66553bf42875d2","sha256":"e4acaf4113d4cda75edbbae5d28e17dffb959489cd6912b854c9e87a3ab50fd2","sha512":"5937af32a6f0ff76e028428c60ef303493ddc882c065396afb650daf19c5cc2f4403724350cbd8cb89a07780f5c9dc7c9885c22cbef8d4cffa26efa396ea6892","ssdeep":"","tlshash":"d6f005511576fd21e57126199cddd91a2e7bdbf4244419f6306003f3d981bffd950d04","first_seen":"2024-07-16T00:32:15Z","last_seen":"2024-08-19T16:50:36.759672Z","times_seen":27562,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:47.127613958Z","timestamp":1721120747127,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A951EDC9FCE6D26583509ABA1A0D759172986DA854406DC2041F25DCA4EB6798\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4201\r\nExpires: Tue, 16 Jul 2024 10:15:48 GMT\r\nDate: Tue, 16 Jul 2024 09:05:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c827d32609521c1e56829aac4640ab87","sha1":"f6721b2c6abc469be2b70d165a58c75d5637408d","sha256":"a951edc9fce6d26583509aba1a0d759172986da854406dc2041f25dca4eb6798","sha512":"02500521f2e5e787d1ead7f0ef3af3606b89efb0bad488293e2e36bf2cad3fbdc8896cbea14f8db1e0be428d80fbcc8ee291149e332399ae23e90450228a1a29","ssdeep":"","tlshash":"7af005530579ac7027a2112198e6e5485f11e594299176d4a4a05bd2b850faec1d4055","first_seen":"2024-07-16T02:32:54Z","last_seen":"2024-08-19T16:50:23.638036Z","times_seen":23210,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:47.358127377Z","timestamp":1721120747358,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4E3975A941C93FDA56279B3918D81448B74CD06D2A2BD0280DBCF8E58712C1D\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4325\r\nExpires: Tue, 16 Jul 2024 10:17:52 GMT\r\nDate: Tue, 16 Jul 2024 09:05:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"d69acaa73161ea261cea420c9548c854","sha1":"1f7cab04c4264ca503bb3e2d8f1d838c226f35c2","sha256":"e4e3975a941c93fda56279b3918d81448b74cd06d2a2bd0280dbcf8e58712c1d","sha512":"4dd16d8d3f21a825b909dcce1868f395cff80c9ae6beab41af9501f63db71cfcfc3a6bd6ebcac649c8c2a1e34f2fb326894ec76ce2d041919fdb6a0e3cfc6645","ssdeep":"","tlshash":"39f005869dddfe9013b11a3a2df8e0407a207e9c24013ce128d442f3784479b55c4084","first_seen":"2024-07-15T23:12:50Z","last_seen":"2024-08-19T16:51:12.402895Z","times_seen":24412,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:47.781726167Z","timestamp":1721120747781,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"602F2450C34863538A3F3BFD3C84D775B6C553B33BBD8BD95E210355DCB4E489\"\r\nLast-Modified: Mon, 15 Jul 2024 20:43:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21564\r\nExpires: Tue, 16 Jul 2024 15:05:11 GMT\r\nDate: Tue, 16 Jul 2024 09:05:47 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"2b22eba070c32bc749609390a81ec626","sha1":"36550e561b80e40562cc8b476aefcb576611d7d9","sha256":"602f2450c34863538a3f3bfd3c84d775b6c553b33bbd8bd95e210355dcb4e489","sha512":"fd137770d3f5a9fc24dd41f1bbb3d97818eac4cbf3ab456be1345e5b4df2920c1ce7c3ef86487fa1d7affd3516787c0117df47246ca93d77ff6ae6c203498d0b","ssdeep":"","tlshash":"7df0058f4174b402db6c096176aff7293b16aaea154145f9249003e1d431b9fd454119","first_seen":"2024-07-15T22:43:51Z","last_seen":"2024-08-19T16:51:23.10191Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.301Z","timestamp":1721120769301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.5.0\r\nx-jsd-version-type: version\r\netag: W/\"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\nage: 5291418\r\nx-served-by: cache-fra-etou8220126-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 8770\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8770,"size_decoded":65696,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ea83ae92c684331d2096c4d3306a04de","sha1":"1865dddcbb7b67dcef4250e590cc9a9574aba673","sha256":"3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef","sha512":"20eb355cc27cbcf9905fe6928301adf27035c0c02faade42287f6cab1527846767ac074f6463f0a107b1b0e7b192740716eacb6ead9b14b875593936bdb1a639","ssdeep":"384:zWqJVm8OAL1M+hQokEYm47U7yH2CuwZwmiQObdNJew4vM4+jQRe2p85seIwTcSx5:Sqnm8OAL1Mzocm4KyH2CuwZwmij34k4M","tlshash":"7053ddbad18f05f59341e4d92743674297a9ba7ce1813c7ad342399ee3c06188ad73ec","first_seen":"2023-04-05T04:36:20Z","last_seen":"2026-04-25T22:28:02.670185Z","times_seen":2950,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/bar_lg.png","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.316Z","timestamp":1721120769316,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/bar_lg.png HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 884\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\netag: \"6692a939-374\"\r\nexpires: Thu, 15 Aug 2024 09:05:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":884,"size_decoded":884,"mime_type":"image/png","magic":"PNG image data, 73 x 41, 8-bit/color RGBA, non-interlaced","md5":"09716caf35f0fe37ad6aecd397c1e06a","sha1":"89db5789b5c8cc8ac8e25156af327b89b8e6bc78","sha256":"c7c507bb71038107ffbef4f6b8f3e6b636ca8303e9221ea8322643443a929bf5","sha512":"07f8a72d91c3fe0a622df8c9ed1d7fd908dd2ec6007eb72a4c08acbaff54b36eedcb141fc20bd8b2f0426bee8c1f8d8d80258f0021c77c156f7c3a023bf559b2","ssdeep":"","tlshash":"cf11965cd0a4b086fa3609f1ccb3176d0e26a4dc0762118b60f7e268951ab32108a7c0","first_seen":"2023-12-19T05:06:28Z","last_seen":"2026-04-18T17:04:27.7158Z","times_seen":322,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/info.svg","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":0,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:48.616059487Z","timestamp":1721120748616,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/info.svg HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 760\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\netag: \"6692a939-2f8\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":760,"size_decoded":760,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image","md5":"105c548adf1e9dd66f966fca9b7a2d79","sha1":"3e393920f259009028814602f57583c813e3d01a","sha256":"7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1","sha512":"0c44c1ed58c6d3ad48b497cd88c6e85d2db0399652c3ac47688a28437c19d21a2720226a566a893581748e78dabb186055706abb75b2d9dacc93a4b38d6a7e0f","ssdeep":"","tlshash":"5d01259772615338afd8d0bcdb695450a02780d5c4f8e9c991ea7f105403cc2747d2c4","first_seen":"2024-02-18T23:50:50Z","last_seen":"2026-04-18T17:04:27.714082Z","times_seen":202,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/loading.gif","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":0,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:48.616456889Z","timestamp":1721120748616,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/loading.gif HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: image/gif\r\ncontent-length: 898\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\netag: \"6692a939-382\"\r\nexpires: Thu, 15 Aug 2024 09:05:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":898,"size_decoded":898,"mime_type":"image/gif","magic":"GIF image data, version 89a, 20 x 20","md5":"559f2f8ea007a411327957b70529f902","sha1":"61f979a4a29e02f762a0c621bf5d669893cb437a","sha256":"7e2036b1455c31bd42d2ad4334698ff9108f7eae94274fa6700df6f13656813f","sha512":"860a8f4165f1eea387dd66b0b4e27902534f4c335cdb2d4d043dd5f44c494ba52639689dc38c38273cbddefb25976ab66538db63f7c72b8a756cb4f5d61bfbe6","ssdeep":"","tlshash":"d11123309e489073f49a423741dbbb9c3b70e17c18608a96124c58dc6c4601b351d54d","first_seen":"2024-04-28T06:57:17Z","last_seen":"2026-04-18T17:04:27.716436Z","times_seen":98,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.67","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:48.716144614Z","timestamp":1721120748716,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 16 Jul 2024 09:05:48 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"5d5650ab608cd61702de4fa6b7457044","sha1":"d35d66dd6614df0d0456bec974ed4ddf7b7bbab3","sha256":"4ff3f940a74f047af60829d14365ce7744f3adf895580338878cdf465abcbf3f","sha512":"e67e43d6abaafcdb46c24dbf41ed2b702fb52838f81aaa0362465845f23d997343934c05d6e0537e053aaac07f811da80de02500a6672b7f2e2f5099f0d63df1","ssdeep":"","tlshash":"eef05c440233b8c0de6baa3036bcb5aa7838a74800492089693804d4b9e6aebf308625","first_seen":"2024-07-15T18:02:43Z","last_seen":"2024-08-19T16:53:21.026213Z","times_seen":1815,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/js/jquery-3.5.1.min.js","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.310Z","timestamp":1721120769310,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/js/jquery-3.5.1.min.js HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":146,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-26T08:00:49.210829Z","times_seen":496040,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/js/jquery.mask.js","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.312Z","timestamp":1721120769312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/js/jquery.mask.js HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":146,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-26T08:00:49.210829Z","times_seen":496040,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/acc.svg","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.315Z","timestamp":1721120769315,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/acc.svg HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6692a939-824\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2184,"size_decoded":2184,"mime_type":"image/svg+xml","magic":"gzip compressed data, from Unix","md5":"0aa397146710b35543bc3096a812bc2b","sha1":"275577421aef7152cea2ac3c34323faac6d4f0ee","sha256":"ea9c09a34e4b121e76c248608923996cdbb995e5308d8a095aeb202fe96bfb09","sha512":"b6c8d2c2a6333d215d7d7df53e8980bd55452e4f7fa8a26bd2e4edd73a79a9b68429ec77ef3da367f9165371664a8c9986d27f3a0b81b051c17020f8b67a1e15","ssdeep":"","tlshash":"5641270121fa3931c1a727a48acd8469ec3e974901949184383b70d6b9cf7a1f394132","first_seen":"2024-08-19T16:47:44.901178Z","last_seen":"2024-08-19T16:47:44.901178Z","times_seen":1,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/js/jquery.mask.js","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.312Z","timestamp":1721120769312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/js/jquery.mask.js HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:48 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":146,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-26T08:00:49.210829Z","times_seen":496040,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:49.203155602Z","timestamp":1721120749203,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F957EFBBE90DEE51487D910C6039FA2AC841192FD9F67EFB69358B536F87B7D3\"\r\nLast-Modified: Mon, 15 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4427\r\nExpires: Tue, 16 Jul 2024 10:19:36 GMT\r\nDate: Tue, 16 Jul 2024 09:05:49 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"24c83d2f348779cbefbb6c6bd4b8c2a8","sha1":"4373c3ca7bee06c8456f6997929b0af5e349283d","sha256":"f957efbbe90dee51487d910c6039fa2ac841192fd9f67efb69358b536f87b7d3","sha512":"272dc0daab59c4aefc8de4433f01e553f26a5957309678340304009367ff2f5c51d01fd4a1d4685e03c5bfb45957fb26493e23dcb1d18a89f7f785dce03f18a8","ssdeep":"","tlshash":"a9f0055a2191be41e57b601218f7db6c6f753517350149f4226045f27e547e89958014","first_seen":"2024-07-16T01:39:27Z","last_seen":"2024-08-19T16:50:15.519145Z","times_seen":20812,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:49.208382142Z","timestamp":1721120749208,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F957EFBBE90DEE51487D910C6039FA2AC841192FD9F67EFB69358B536F87B7D3\"\r\nLast-Modified: Mon, 15 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4427\r\nExpires: Tue, 16 Jul 2024 10:19:36 GMT\r\nDate: Tue, 16 Jul 2024 09:05:49 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"24c83d2f348779cbefbb6c6bd4b8c2a8","sha1":"4373c3ca7bee06c8456f6997929b0af5e349283d","sha256":"f957efbbe90dee51487d910c6039fa2ac841192fd9f67efb69358b536f87b7d3","sha512":"272dc0daab59c4aefc8de4433f01e553f26a5957309678340304009367ff2f5c51d01fd4a1d4685e03c5bfb45957fb26493e23dcb1d18a89f7f785dce03f18a8","ssdeep":"","tlshash":"a9f0055a2191be41e57b601218f7db6c6f753517350149f4226045f27e547e89958014","first_seen":"2024-07-16T01:39:27Z","last_seen":"2024-08-19T16:50:15.519145Z","times_seen":20812,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-16T09:05:49.210694484Z","timestamp":1721120749210,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F957EFBBE90DEE51487D910C6039FA2AC841192FD9F67EFB69358B536F87B7D3\"\r\nLast-Modified: Mon, 15 Jul 2024 19:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4427\r\nExpires: Tue, 16 Jul 2024 10:19:36 GMT\r\nDate: Tue, 16 Jul 2024 09:05:49 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"24c83d2f348779cbefbb6c6bd4b8c2a8","sha1":"4373c3ca7bee06c8456f6997929b0af5e349283d","sha256":"f957efbbe90dee51487d910c6039fa2ac841192fd9f67efb69358b536f87b7d3","sha512":"272dc0daab59c4aefc8de4433f01e553f26a5957309678340304009367ff2f5c51d01fd4a1d4685e03c5bfb45957fb26493e23dcb1d18a89f7f785dce03f18a8","ssdeep":"","tlshash":"a9f0055a2191be41e57b601218f7db6c6f753517350149f4226045f27e547e89958014","first_seen":"2024-07-16T01:39:27Z","last_seen":"2024-08-19T16:50:15.519145Z","times_seen":20812,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.301Z","timestamp":1721120769301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 8770\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.5.0\r\nx-jsd-version-type: version\r\netag: W/\"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\nage: 2876204\r\nx-served-by: cache-fra-etou8220126-FRA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8770,"size_decoded":65696,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ea83ae92c684331d2096c4d3306a04de","sha1":"1865dddcbb7b67dcef4250e590cc9a9574aba673","sha256":"3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef","sha512":"20eb355cc27cbcf9905fe6928301adf27035c0c02faade42287f6cab1527846767ac074f6463f0a107b1b0e7b192740716eacb6ead9b14b875593936bdb1a639","ssdeep":"384:zWqJVm8OAL1M+hQokEYm47U7yH2CuwZwmiQObdNJew4vM4+jQRe2p85seIwTcSx5:Sqnm8OAL1Mzocm4KyH2CuwZwmij34k4M","tlshash":"7053ddbad18f05f59341e4d92743674297a9ba7ce1813c7ad342399ee3c06188ad73ec","first_seen":"2023-04-05T04:36:20Z","last_seen":"2026-04-25T22:28:02.670185Z","times_seen":2950,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/sahm.svg","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.309Z","timestamp":1721120769309,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/sahm.svg HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/eng.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 172\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\netag: \"6692a939-ac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":172,"size_decoded":172,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"acfa1315930ab586c8153f06d4853206","sha1":"611207fc3f53a8f4097d859a9668e5be1def5668","sha256":"4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766","sha512":"a7034f697b73261c1d6ba3a0752e9e5ca5325c38da2c3fe3a3c5d46b01c1001a2ea7c5171255ad6a8333a44e8003da657d03816beb20e89ba38c0294066b058b","ssdeep":"","tlshash":"29c08054d5c5b508ca09812127ac615315aa737553dd017ef0ec26477054c937c159dd","first_seen":"2023-12-19T05:06:28Z","last_seen":"2026-03-24T23:59:23.840588Z","times_seen":357,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/x.ico","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":0,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.770Z","timestamp":1721120769770,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/x.ico HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/acp.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:05:49 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0\r\nlink: \u003chttps://bwgforums.net/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":11679,"size_decoded":11679,"mime_type":"","magic":"gzip compressed data, from Unix","md5":"de52075a2829ffe2c0c9c51755b21718","sha1":"3b79d1364437ce7a7e1222a3d2a2de3d747347c5","sha256":"83c0a7a011e3f629f39b7d494169f242d7cf0678e1ab5ff275adc5282a704a49","sha512":"e95783b8fb9b2987bf22b181d36a5fda3b04d7b20358e8f6a34b2f5f00e267eaf7df92e152f3c81f04ede6f2693028eb743f47323a3910ba115bef47aaec83c6","ssdeep":"192:adQKDFBYRA+/DdH1TzHKFLjFlbAz/G/PCnR7BxfdrUXcRq2SyK5Oy5yhTd32ZE:adQmKRA+BH1XQlbW/GXCR7RrUkBo5Oyg","tlshash":"1f32af40af6f45030bc180f0f9f5a475938faaa19657c6054939e7e3b09ab76eff0a41","first_seen":"2024-08-19T16:47:44.903884Z","last_seen":"2024-08-19T16:47:44.903884Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/js/jquery.mask.js","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.312Z","timestamp":1721120769312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/js/jquery.mask.js HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/eng.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":146,"size_decoded":146,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-26T08:00:49.210829Z","times_seen":496040,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/bar_lg.png","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.316Z","timestamp":1721120769316,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/bar_lg.png HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/eng.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 884\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\netag: \"6692a939-374\"\r\nexpires: Thu, 15 Aug 2024 09:06:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":884,"size_decoded":884,"mime_type":"image/png","magic":"PNG image data, 73 x 41, 8-bit/color RGBA, non-interlaced","md5":"09716caf35f0fe37ad6aecd397c1e06a","sha1":"89db5789b5c8cc8ac8e25156af327b89b8e6bc78","sha256":"c7c507bb71038107ffbef4f6b8f3e6b636ca8303e9221ea8322643443a929bf5","sha512":"07f8a72d91c3fe0a622df8c9ed1d7fd908dd2ec6007eb72a4c08acbaff54b36eedcb141fc20bd8b2f0426bee8c1f8d8d80258f0021c77c156f7c3a023bf559b2","ssdeep":"","tlshash":"cf11965cd0a4b086fa3609f1ccb3176d0e26a4dc0762118b60f7e268951ab32108a7c0","first_seen":"2023-12-19T05:06:28Z","last_seen":"2026-04-18T17:04:27.7158Z","times_seen":322,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/eng.php","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-16T09:06:09.015Z","timestamp":1721120769015,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/eng.php HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3142,"size_decoded":3142,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3404), with no line terminators","md5":"36b23a9bc72b1283256717eed2c437f9","sha1":"52c3d7b10fed1d490124595c7b1210de72c8e931","sha256":"caef7a1dd78beb253751157840eadb14c5277bbd25701316999c0b5272326ab4","sha512":"6b290bb36dd2df354a9b78f7290499f520a59e962b78bd3468aad2bf6de798ce1485a2e7a668f38a3e50ea48a1ee82761eeb68ab1545f9621eb28807fd010c9d","ssdeep":"","tlshash":"e561241e590cb03b220648ea7d612d3bac56f4008e7a4a0433ac26ace7dac51c973774","first_seen":"2024-07-01T10:34:15Z","last_seen":"2024-10-30T18:20:32.39068Z","times_seen":15,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/image/protege.png","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.318Z","timestamp":1721120769318,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/image/protege.png HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/eng.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6692a939-12f5\"\r\nexpires: Thu, 15 Aug 2024 09:06:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4853,"size_decoded":4853,"mime_type":"image/png","magic":"PNG image data, 258 x 55, 8-bit/color RGBA, non-interlaced","md5":"66e77690c3758948e083c6f91d3ff7cd","sha1":"f271ae1a722d9aa0908a8505c0629f2cab036f75","sha256":"cba05bfbcf9755ce28b86a2fca72718d2e821af148b7a856776edd8cca755c48","sha512":"e15fcef52038664c5be25f2f33d59023f1a73a6d7ed76f08319d37cf49a7a43c57f40fd364962876e6b63f4f49be141585980fd4ef82f5bceaa8f8a34bdfb99d","ssdeep":"96:2vRAq56P484AyXQHOqq4sUkQT75af1HEBmxFlZpcdwaLhNt813LqkU2Enx/poM:PxL1Nq4sUx74CMxFhc2o/t81eP2y9T","tlshash":"c6a17e9b26e0db5cb21c09f372c5714fcdf054586df19693c82aba207284f9123861b6","first_seen":"2023-12-19T05:06:28Z","last_seen":"2026-04-18T17:04:27.70513Z","times_seen":316,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/css/lary.css","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.307Z","timestamp":1721120769307,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/css/lary.css HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/eng.php\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6692a939-279b\"\r\nexpires: Tue, 16 Jul 2024 21:06:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10139,"size_decoded":10139,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"8e2b263d5dc4248bb5fac19e775e4054","sha1":"1e52d952d3e627f418321a75fc082f17f6d1d25e","sha256":"c94091dbdb735a97234ba274f28eba496d26a4777358f9f38790da7b8dc730d3","sha512":"ceb96895b3c933a211bc09955f808b3c97a5d973d8709cf405a5cf8c333040f33c3ca484496dc4994f8ab945cbfbfd58a1ad6bb6178b8fa0e9d49cefd5aa4b2b","ssdeep":"96:Uvc6s7nAphX8awfxswb2rZWsNtebRD/S4tLKNqL6SFo6S7TUxhp+jhGtwreBerwV:eGnsvnpeun/dt81A4z4Qt","tlshash":"f722f25a9d3c004a16fc96b3bbd7af73d9695073820891e979fc621c8ff860851e0f99","first_seen":"2023-09-15T08:15:22Z","last_seen":"2026-04-18T17:04:27.715141Z","times_seen":222,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.304Z","timestamp":1721120769304,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 25 May 2024 01:51:52 GMT","end":"Fri, 23 Aug 2024 01:51:51 GMT"},"fingerprint":{"sha1":"93:87:98:7E:3F:62:5F:E6:68:1C:1C:8A:E4:9D:FB:A8:C3:72:4F:90","sha256":"7D:B5:FA:75:01:EC:6E:7C:88:AE:BC:1C:EF:A9:46:D9:9F:48:F6:2E:E9:B2:1F:A0:FC:1B:17:82:8F:88:03:71"}}},"request":{"raw":"GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: W/\"269550530cc127b6aa5a35925a7de6ce\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:55 GMT\r\ncdn-cachedat: 03/18/2024 12:28:12\r\ncdn-proxyver: 1.04\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1078\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requestid: 9e01696f4dd85a48838a9ea9ee82ef4a\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 949834\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 8a40d5a80bf7b52d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31000,"size_decoded":31000,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-26T08:03:40.813174Z","times_seen":251171,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bwgforums.net/wp-includes/css/dist/parks/css/bootstrap.css","fqdn":"bwgforums.net","domain":"bwgforums.net","tld":"net"},"ip":{"addr":"89.233.105.238","port":443,"asn":29802,"as":"HVC-AS","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.306Z","timestamp":1721120769306,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bwgforums.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jul 2024 20:25:18 GMT","end":"Thu, 03 Oct 2024 20:25:17 GMT"},"fingerprint":{"sha1":"D0:EA:0C:2D:8A:5B:89:6D:3B:43:64:A7:B3:31:CD:32:8C:62:5E:01","sha256":"FB:50:7C:34:6E:41:E3:E9:6A:E5:1E:13:FE:86:AD:F8:07:93:A0:D9:9B:F8:1D:53:5E:6C:FB:F6:65:6A:0A:21"}}},"request":{"raw":"GET /wp-includes/css/dist/parks/css/bootstrap.css HTTP/1.1\r\nHost: bwgforums.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/wp-includes/css/dist/parks/eng.php\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 13 Jul 2024 16:20:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6692a939-2f1f7\"\r\nexpires: Tue, 16 Jul 2024 21:06:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":193015,"size_decoded":193015,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - BankID","verdict":"phishing","severity":"medium","comment":"Resource associated with BankID phishing","tags":["bankid","authentication"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Wix+Madefor+Text:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bwgforums.net/wp-includes/css/dist/parks/eng.php","date":"2024-07-16T09:06:09.728Z","timestamp":1721120769728,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:40:53 GMT","end":"Mon, 16 Sep 2024 07:40:52 GMT"},"fingerprint":{"sha1":"8F:1C:80:D7:A7:FA:04:F3:EE:EF:70:FD:56:35:32:FD:55:AB:63:5F","sha256":"E4:66:6B:DB:6E:84:EF:93:04:31:19:FA:1B:DE:09:D2:59:F3:F0:C1:84:A9:DE:A3:12:CB:E5:4E:E8:1C:CF:4C"}}},"request":{"raw":"GET /css2?family=Wix+Madefor+Text:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bwgforums.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 16 Jul 2024 09:06:09 GMT\r\ndate: Tue, 16 Jul 2024 09:06:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20145,"size_decoded":20145,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8c9daafa7058158e5fae56baa87d45c1","sha1":"e9390259e1bcb857430a0f5066fc468058e3efdd","sha256":"839bdc12b01fb4fa63963a24617967c1a408edf01bd53779ffa0a344e480f4ce","sha512":"7bb4adfb267362a28abedf884168ab99b137bd8ea36d4f690a9dd072b327ab2ae106b9642bda4181c366458de7295d88646c525181de418e024f8fed560af88c","ssdeep":"384:IHYr1OMjjY/1KgPDYf1qAv0YW1xd6xYp1IWzHYrQ/QP4rR:m","tlshash":"8d92a8e2441b9940ab871cc273ef7f2bae5da0152842c7b9dffc18a59cdec22125871c","first_seen":"2024-02-18T23:50:51Z","last_seen":"2024-10-14T17:13:06.344691Z","times_seen":22,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}