| mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken= |  92.205.170.254 | 200 OK | 10 kB |
URL User Request GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken= IP92.205.170.254:80 ASN#21499 Host Europe GmbH
File typeHTML document, Unicode text, UTF-8 text, with very long lines (570), with CRLF line terminators Hash6445612e6e806720ada4d184c003597c 2f01f86faef18ad02732291b1745fdc5672a27ba 323c9ef93190ebf96546d8cd7fef5c07a98e6b94d2faae0bc5a9ba6fb928ce64
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL | | OpenPhish | phishing | DHL Airways, Inc. |
GET /packet/home.php?newtoken= HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:32 GMT
Server: Apache
X-Powered-By: PHP/8.1.27
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10331
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
|
|
| mnx.8fe.mywebsitetransfer.com/js/app.js | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/js/app.js IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /js/app.js HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/js/session-recorder.js | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/js/session-recorder.js IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /js/session-recorder.js HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/app.css | 92.205.170.254 | 200 OK | 57 kB |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/app.css IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Hashb33e59c592eb453d12f6a53179d8ef19 5d1863f728b58d4456e1b1d824d98fe56810e69e a0b9419777f544b665051cae80f11bf8ff9f925072a9f062a3d82c383e6cdfde
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/app.css HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "4da377d-65545-5ecb590e95600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 56795
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/logo.png | 92.205.170.254 | 200 OK | 2.0 kB |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/logo.png IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typePNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced Hash5d14ab93691604e826e1319d53599eb9 78724360e9d25da584445b851e37bca05abe6b85 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/logo.png HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Last-Modified: Sat, 29 Apr 2023 10:40:20 GMT
ETag: "4da3783-7ce-5fa7737562d00"
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/clan.png | 92.205.170.254 | 200 OK | 475 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/clan.png IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typePNG image data, 27 x 29, 8-bit/color RGBA, non-interlaced Hashe00004714ce72691e26f9b61c9810780 51385af6cb9a9d372c3151e67d331ddc1b92b3c4 b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/clan.png HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "4da3777-1db-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 475
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/pak.png | 92.205.170.254 | 200 OK | 380 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/pak.png IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typePNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced Hash5c71f27c78f2fa4c03011a7c22b82496 686900b9ead294ff018699e3fa65c023e5b41de0 eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/pak.png HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "4da3780-17c-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 380
Keep-Alive: timeout=5
Content-Type: image/png
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/alert.png | 92.205.170.254 | 200 OK | 469 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/alert.png IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typePNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced Hash16291265180a2dbcd246ada0b44ea35a 63eb909a37d9730a40955bebf35542cfc1a5ede9 b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/alert.png HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "4da377c-1d5-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 469
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/col.png | 92.205.170.254 | 200 OK | 682 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/col.png IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typePNG image data, 39 x 28, 8-bit/color RGBA, non-interlaced Hashf9f5c8ccd73adc2df4d9e3acb9e24f85 ae26c7c6a83b6446179383c3b109fbad8b92c034 381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/col.png HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "4da3786-2aa-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 682
Keep-Alive: timeout=5
Content-Type: image/png
|
|
| mnx.8fe.mywebsitetransfer.com/packet/assets/foo.png | 92.205.170.254 | 200 OK | 18 kB |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/packet/assets/foo.png IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typePNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced Hashf748283f1bdef35cbe2d225eccbe3895 c03c1864ca13cc124d7faf7d4bb11515fd40d814 cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /packet/assets/foo.png HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 29 Apr 2023 10:39:12 GMT
ETag: "4da378b-44f0-5fa7733489400"
Accept-Ranges: bytes
Content-Length: 17648
Keep-Alive: timeout=5
Content-Type: image/png
|
|
| mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/assets/app.css
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/assets/app.css
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/js/app.js | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/js/app.js IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /js/app.js HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/assets/app.css
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/assets/app.css
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/js/session-recorder.js | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/js/session-recorder.js IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /js/session-recorder.js HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f | 92.205.170.254 | 404 Not Found | 315 B |
URL GET HTTP/1.1mnx.8fe.mywebsitetransfer.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f IP92.205.170.254:80 ASN#21499 Host Europe GmbH
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: mnx.8fe.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/packet/assets/app.css
Cookie: PHPSESSID=jofd1atj4ck362kjqtr1ffkr1r
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 27 Apr 2024 04:46:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| cdn.lr-in.com/logger-1.min.js |  104.21.234.144 | 200 OK | 179 kB |
URL GET HTTP/2cdn.lr-in.com/logger-1.min.js IP104.21.234.144:443
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken= CertificateIssuerLet's Encrypt Subjectlr-in.com Fingerprint9C:36:E8:C7:3B:FC:3A:32:F6:4B:7E:92:80:E3:9C:F6:8E:D3:5C:9A ValiditySat, 09 Mar 2024 13:34:25 GMT - Fri, 07 Jun 2024 13:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (178948 bytes) Hashbf5673efcdb256c2f5cdc811b25888ac 2321c6511e12e1429504a18a9f82b6d4fb024c9d 1be486de9be9994b0d33bc57ab0ddd43cc0aa71da719dbf3edcf86fe4a44c4a3
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 04:46:33 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"53aa10b0d86b63f858f05c52db0639ec2ada842aefd763d1660e7a290289c330-br"
last-modified: Fri, 26 Apr 2024 21:27:30 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-lcy-eglc8600085-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1714167036.472734,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1j9qdCLQ4C%2FBsfYH3KvtvXUEFfxQVLjRU%2BH46BqaAR%2FrDO6ouJ3wORN11lJSzzf5M%2B6N%2FJ6d5TixGNee6UhIf39Iq6poC4%2BFsbtEBR57hqlzJRwByg2xOKUCtFZ%2B3jkO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ac2b63ddbd638f-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml |  35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=M-_nIDC4LKwxUaymy9iwVpUshShM_6uOX-mAWUyZ5JYDcHU-uMpRIlEmw5uOsY7_9xZTMVETRF31QzKRyztpa61nXbfT44CHTbCKZfloal6fmsbjjUyK_R6oiQDUOHQW
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Sat, 27 Apr 2024 04:46:30 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 21
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dispatching-centre.lasamericascargo.com/js/intlTelInput.js | 0.0.0.0 | | 0 B |
URL GET dispatching-centre.lasamericascargo.com/js/intlTelInput.js IP0.0.0.0:0
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/intlTelInput.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| dispatching-centre.lasamericascargo.com/images/favicon.gif | 0.0.0.0 | | 0 B |
URL GET dispatching-centre.lasamericascargo.com/images/favicon.gif IP0.0.0.0:0
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/favicon.gif HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| dispatching-centre.lasamericascargo.com/js/card.js | 0.0.0.0 | | 0 B |
URL GET dispatching-centre.lasamericascargo.com/js/card.js IP0.0.0.0:0
Requested byhttp://mnx.8fe.mywebsitetransfer.com/packet/home.php?newtoken=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/card.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mnx.8fe.mywebsitetransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|