| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html | 104.18.2.35 | 200 OK | 4.4 kB |
URL User Request GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hasheb9ed36a3b7234eb9c72d81f3e90ec6a b817f66e1f9f6de96f8708efc30eddd3fde97aa1 2c135913e46fa3b3b8d07e0fe729068bf161eb94ba1cf0fea1437691b01981a6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. | PhishTank | phishing | DHL |
GET /index2.html HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:35 GMT
Content-Type: text/html
Content-Length: 4379
Connection: keep-alive
Accept-Ranges: bytes
ETag: "eb9ed36a3b7234eb9c72d81f3e90ec6a"
Last-Modified: Wed, 18 Oct 2023 22:51:12 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee45490a245691-OSL
|
|
| code.jquery.com/jquery-3.6.4.min.js | 151.101.66.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.4.min.js IP151.101.66.137:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash641dd14370106e992d352166f5a07e99 eda46747c71d38a880bee44f9a439c3858bb8f99 a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
GET /jquery-3.6.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15ec3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 May 2024 05:18:35 GMT
age: 20085708
x-served-by: cache-lga21953-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 138, 38631
x-timer: S1714886316.738745,VS0,VE0
vary: Accept-Encoding
content-length: 31011
X-Firefox-Spdy: h2
|
|
| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/05.png | 104.18.2.35 | 200 OK | 7.3 kB |
URL GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/05.png IP104.18.2.35:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typePNG image data, 448 x 101, 8-bit/color RGBA, non-interlaced Hash42d266ea95ec2155776b17db08bada6e a2885ace20c5a55be720970c3f411e9d5fdaef3a 87a90aff7342aebb9bac98e99e9be3833731d16a97e07da7ca1f9b9434d915b8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /7629827763/05.png HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:36 GMT
Content-Type: image/png
Content-Length: 7303
Connection: keep-alive
Accept-Ranges: bytes
ETag: "42d266ea95ec2155776b17db08bada6e"
Last-Modified: Wed, 18 Oct 2023 22:03:03 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee4550cdde5691-OSL
|
|
| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/en.jpg | 104.18.3.35 | 200 OK | 1.5 kB |
URL GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/en.jpg IP104.18.3.35:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 86x52, components 3 Hasheef218ee0c269c1d574ca62469a3ccc4 58ae3efb00420e5101a1c1a441ee6fd082ed99f9 901c8abcc67fe53992c93d741a937ff8e3ab418d114fcd984efe3e341f6a7455
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /7629827763/en.jpg HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:36 GMT
Content-Type: image/jpeg
Content-Length: 1454
Connection: keep-alive
Accept-Ranges: bytes
ETag: "eef218ee0c269c1d574ca62469a3ccc4"
Last-Modified: Wed, 18 Oct 2023 22:03:04 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee4551284256c5-OSL
|
|
| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/3638384.jpg | 104.18.3.35 | 200 OK | 8.7 kB |
URL GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/3638384.jpg IP104.18.3.35:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 285x177, components 3 Hash0909fbc1f7fba01ae0da65a927ceee26 999a11986a8f87e1e58c7a8e627df7f3a7080f84 9bd85f7569e570b6a8a40701baef5177a78e1daf0d3429ccdd55630224670c2d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /7629827763/3638384.jpg HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:36 GMT
Content-Type: image/jpeg
Content-Length: 8692
Connection: keep-alive
Accept-Ranges: bytes
ETag: "0909fbc1f7fba01ae0da65a927ceee26"
Last-Modified: Wed, 18 Oct 2023 22:03:04 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee45515bac569f-OSL
|
|
| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/02.jpg | 104.18.3.35 | 200 OK | 21 kB |
URL GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/02.jpg IP104.18.3.35:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1584x396, components 3 Hashb4ffa4c4789b58a42af0cac9739d9fcc c9b5596b90cce84a1f56d4e8a46d413b54b4e1f6 f06555d58c6fb19b7b6815ce631ea0958eeaec315dbc64b8dfb08e200c69eed5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /7629827763/02.jpg HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:36 GMT
Content-Type: image/jpeg
Content-Length: 20648
Connection: keep-alive
Accept-Ranges: bytes
ETag: "b4ffa4c4789b58a42af0cac9739d9fcc"
Last-Modified: Wed, 18 Oct 2023 22:03:02 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee45513a2b56ab-OSL
|
|
| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/1618379409484992.jpg | 104.18.3.35 | 200 OK | 4.0 kB |
URL GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/1618379409484992.jpg IP104.18.3.35:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 66x76, components 3 Hashfe2cdc10f0b14d041ce1d0c391291f2d 76ddb8774f67fe7838fc2678514800c9b5203a28 109483641b2f69473f1b978e4aec1ba11bb4f52c7ee92cb2c969f92b92925633
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /7629827763/1618379409484992.jpg HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:37 GMT
Content-Type: image/jpeg
Content-Length: 3997
Connection: keep-alive
Accept-Ranges: bytes
ETag: "fe2cdc10f0b14d041ce1d0c391291f2d"
Last-Modified: Wed, 18 Oct 2023 22:03:03 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee45563e2d569f-OSL
|
|
| pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/xls.png | 104.18.3.35 | 200 OK | 34 kB |
URL GET HTTP/1.1pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/7629827763/xls.png IP104.18.3.35:443
Requested byhttps://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typePNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced Hashc52b62164b9b48ace77228cffaea7d18 d6c285df2d1b1ec6c1bd7b5fdd2f1575d1631bad d8a1fae00d96feaa8351178773878b3f51cacd4a922200470d6e7cd9e832089a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /7629827763/xls.png HTTP/1.1
Host: pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-94160e4dc1de47c0874194dedd5d5b5d.r2.dev/index2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 May 2024 05:18:37 GMT
Content-Type: image/png
Content-Length: 34223
Connection: keep-alive
Accept-Ranges: bytes
ETag: "c52b62164b9b48ace77228cffaea7d18"
Last-Modified: Wed, 18 Oct 2023 22:03:07 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87ee455158e40b45-OSL
|
|